From 08de5abc6d45d29fb18dcd0ac6f20717b1c1b40a Mon Sep 17 00:00:00 2001
From: Liav A <liavalb@gmail.com>
Date: Thu, 19 Jan 2023 20:59:55 +0200
Subject: [PATCH] Kernel: Do 2 validations in annotate_mapping syscall outside
 a spinlock

---
 Kernel/Syscalls/mmap.cpp | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/Kernel/Syscalls/mmap.cpp b/Kernel/Syscalls/mmap.cpp
index af63ab1fe3..0091116d12 100644
--- a/Kernel/Syscalls/mmap.cpp
+++ b/Kernel/Syscalls/mmap.cpp
@@ -575,11 +575,13 @@ ErrorOr<FlatPtr> Process::sys$allocate_tls(Userspace<char const*> initial_data,
 ErrorOr<FlatPtr> Process::sys$annotate_mapping(Userspace<void*> address, int flags)
 {
     VERIFY_NO_PROCESS_BIG_LOCK(this);
+    if (flags == to_underlying(VirtualMemoryRangeFlags::None))
+        return EINVAL;
+
+    if (!Memory::is_user_address(address.vaddr()))
+        return EFAULT;
 
     return address_space().with([&](auto& space) -> ErrorOr<FlatPtr> {
-        if (flags == to_underlying(VirtualMemoryRangeFlags::None))
-            return EINVAL;
-
         if (space->enforces_syscall_regions() && (flags & to_underlying(VirtualMemoryRangeFlags::SyscallCode)))
             return EPERM;
 
@@ -588,9 +590,6 @@ ErrorOr<FlatPtr> Process::sys$annotate_mapping(Userspace<void*> address, int fla
             return 0;
         }
 
-        if (!Memory::is_user_address(address.vaddr()))
-            return EFAULT;
-
         auto* region = space->find_region_containing(Memory::VirtualRange { address.vaddr(), 1 });
         if (!region)
             return EINVAL;