fasttrap: Avoid creating WX mappings

fasttrap instruments certain instructions by overwriting them and
copying the original instruction to some per-thread scratch space which
is executed after the probe fires.  This trampoline jumps back to the
tracepoint after executing the original instruction.

The created mapping has both write and execute permissions, and so this
mechanism doesn't work when allow_wx is disabled.  Work around the
restriction by using proc_rwmem() to write to the trampoline.

Reviewed by:	vangyzen
Tested by:	Amit <akamit91@hotmail.com>
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D34304

sys/cddl/contrib/opensolaris/uts/common/dtrace/fasttrap.c

@@ -336,8 +336,9 @@ fasttrap_scraddr(struct thread *td, fasttrap_proc_t *fprc)
 		 */
 		addr = 0;
 		error = vm_map_find(&p->p_vmspace->vm_map, NULL, 0, &addr,
-		    FASTTRAP_SCRBLOCK_SIZE, 0, VMFS_ANY_SPACE, VM_PROT_ALL,
-		    VM_PROT_ALL, 0);
+		    FASTTRAP_SCRBLOCK_SIZE, 0, VMFS_ANY_SPACE,
+		    VM_PROT_READ | VM_PROT_EXECUTE,
+		    VM_PROT_READ | VM_PROT_EXECUTE, MAP_COPY_ON_WRITE);
 		if (error != KERN_SUCCESS)
 			goto done;
 

sys/cddl/contrib/opensolaris/uts/intel/dtrace/fasttrap_isa.c

@@ -1666,7 +1666,7 @@ fasttrap_pid_probe(struct trapframe *tf)
 
 		ASSERT(i <= sizeof (scratch));
 
-		if (fasttrap_copyout(scratch, (char *)addr, i)) {
+		if (uwrite(curproc, scratch, i, addr) != 0) {
 			fasttrap_sigtrap(p, curthread, pc);
 			new_pc = pc;
 			break;