D18880.id58575.diff
No OneTemporary
Actions

Size

3 KB

Referenced Files

None

Subscribers

None

D18880.id58575.diff
View Options

	Index: sys/sys/mman.h
	===================================================================
	--- sys/sys/mman.h
	+++ sys/sys/mman.h
	@@ -55,6 +55,14 @@
	#define PROT_READ 0x01 /* pages can be read */
	#define PROT_WRITE 0x02 /* pages can be written */
	#define PROT_EXEC 0x04 /* pages can be executed */
	+#if __BSD_VISIBLE
	+#define _PROT_ALL (PROT_READ \| PROT_WRITE \| PROT_EXEC)
	+#define PROT_EXTRACT(prot) ((prot) & _PROT_ALL)
	+
	+#define _PROT_MAX_SHIFT 16
	+#define PROT_MAX(prot) ((prot) << _PROT_MAX_SHIFT)
	+#define PROT_MAX_EXTRACT(prot) (((prot) >> _PROT_MAX_SHIFT) & _PROT_ALL)
	+#endif

	/*
	* Flags contain sharing type and options.
	Index: sys/vm/vm_mmap.c
	===================================================================
	--- sys/vm/vm_mmap.c
	+++ sys/vm/vm_mmap.c
	@@ -103,6 +103,9 @@
	static int mincore_mapped = 1;
	SYSCTL_INT(_vm, OID_AUTO, mincore_mapped, CTLFLAG_RWTUN, &mincore_mapped, 0,
	"mincore reports mappings, not residency");
	+static int imply_prot_max = 0;
	+SYSCTL_INT(_vm, OID_AUTO, imply_prot_max, CTLFLAG_RWTUN, &mincore_mapped, 0,
	+ "Imply maximum page permissions in mmap() when none are specified.");

	#ifdef MAP_32BIT
	#define MAP_32BIT_MAX_ADDR ((vm_offset_t)1 << 31)
	@@ -187,9 +190,20 @@
	vm_offset_t addr;
	vm_size_t pageoff;
	vm_prot_t cap_maxprot;
	- int align, error;
	+ int align, error, max_prot;
	cap_rights_t rights;

	+ max_prot = PROT_MAX_EXTRACT(prot);
	+ prot = PROT_MAX(prot);
	+ /*
	+ * Always honor PROT_MAX if set. If not, default to all
	+ * permissions unless we're implying maximum permissions.
	+ *
	+ * XXX: should be tunable per process and ABI.
	+ */
	+ if (max_prot == 0)
	+ max_prot = imply_prot_max ? prot : _PROT_ALL;
	+
	vms = td->td_proc->p_vmspace;
	fp = NULL;
	AUDIT_ARG_FD(fd);
	@@ -332,7 +346,7 @@
	* This relies on VM_PROT_* matching PROT_*.
	*/
	error = vm_mmap_object(&vms->vm_map, &addr, size, prot,
	- VM_PROT_ALL, flags, NULL, pos, FALSE, td);
	+ max_prot, flags, NULL, pos, FALSE, td);
	} else {
	/*
	* Mapping file, get fp for validation and don't let the
	@@ -360,7 +374,7 @@

	/* This relies on VM_PROT_* matching PROT_. /
	error = fo_mmap(fp, &vms->vm_map, &addr, size, prot,
	- cap_maxprot, flags, pos, td);
	+ max_prot & cap_maxprot, flags, pos, td);
	}

	if (error == 0)
	@@ -591,8 +605,10 @@
	{
	vm_offset_t addr;
	vm_size_t pageoff;
	+ int vm_error, max_prot;

	addr = addr0;
	+ max_prot = PROT_MAX_EXTRACT(prot);
	prot = (prot & VM_PROT_ALL);
	pageoff = (addr & PAGE_MASK);
	addr -= pageoff;
	@@ -607,8 +623,19 @@
	if (addr + size < addr)
	return (EINVAL);

	- switch (vm_map_protect(&td->td_proc->p_vmspace->vm_map, addr,
	- addr + size, prot, FALSE)) {
	+ if (max_prot != 0) {
	+ if ((max_prot & prot) != prot)
	+ return (EINVAL);
	+ vm_error = vm_map_protect(&td->td_proc->p_vmspace->vm_map,
	+ addr, addr + size, max_prot, TRUE);
	+ if (vm_error != KERN_SUCCESS)
	+ goto error_out;
	+ }
	+ vm_error = vm_map_protect(&td->td_proc->p_vmspace->vm_map, addr,
	+ addr + size, prot, FALSE);
	+
	+error_out:
	+ switch (vm_error) {
	case KERN_SUCCESS:
	return (0);
	case KERN_PROTECTION_FAILURE:

File Metadata

Mime Type: text/plain
Expires: Mon, Oct 27, 12:56 PM (8 h, 17 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 24294465
Default Alt Text: D18880.id58575.diff (3 KB)

D18880.id58575.diffNo OneTemporaryActions

D18880.id58575.diffView Options

File Metadata

Event Timeline

D18880.id58575.diff
No OneTemporary
Actions

D18880.id58575.diff
View Options