Also enable setting wx for max_prot even if map does not allow to set effective wx protection.
Suppose one initially has prot = maxprot = PROT_READ|PROT_WRITE, and we use mprotect() to set prot = PROT_READ|PROT_WRITE and maxprot = PROT_READ. From my reading, this code will leave the entry in a situation where prot & ~maxprot != 0.
I tried to be protective. While it is easy to see that the last loop, that finally changes protection settings of the map entries, only access new_prot and new_maxprot when guarded by corresponding flags, for the first and second loop it is not that obvious (and for first loop it is not true).
So instead of micro-optimizing, I just added the safety belts. If you prefer the following to be committed, I will do it.
diff --git a/sys/vm/vm_map.c b/sys/vm/vm_map.c index 4bd0b245a881..b3288fce5114 100644 --- a/sys/vm/vm_map.c +++ b/sys/vm/vm_map.c @@ -2836,11 +2836,6 @@ vm_map_protect(vm_map_t map, vm_offset_t start, vm_offset_t end, return (rv); } - if ((flags & VM_MAP_PROTECT_SET_PROT) == 0) - new_prot = entry->protection; - if ((flags & VM_MAP_PROTECT_SET_MAXPROT) == 0) - new_maxprot = entry->max_protection; - if ((flags & VM_MAP_PROTECT_SET_PROT) == 0 || ((new_prot & ~entry->protection) & VM_PROT_WRITE) == 0 || ENTRY_CHARGED(entry) ||