git: Kernel - Enable NX for PROT_READ by default

Matthew Dillon dillon at
Tue Jun 12 10:29:12 PDT 2018

commit d92e38903042e325890d90f72881cc9ed0718db7
Author: Matthew Dillon <dillon at>
Date:   Tue Jun 12 10:18:41 2018 -0700

    Kernel - Enable NX for PROT_READ by default
    * We've had NX support for a while, requiring a loader.conf tunable to
      enable (machdep.pmap_nx_enable).
    * Enhance the feature to support two modes.  Mode 1 allows NX support
      for PROT_READ mappings, Mode 2 allows NX support for both PROT_READ
      and PROT_WRITE mappings.
      Third party code should work universally with Mode 1, but apparently
      quite a bit still does not work with mode 2.
    * Change the default from disabled to Mode 1 in master, lets see if
      anyone has any problems with it.
    Suggested-by: Theo de Raadt

Summary of changes:
 sys/platform/pc64/x86_64/pmap.c | 34 +++++++++++++++++++++++++---------
 1 file changed, 25 insertions(+), 9 deletions(-)

DragonFly BSD source repository

More information about the Commits mailing list