RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 03:57:43 +00:00
Code Issues Activity Actions

Kernel+LibELF: Enable SMAP protection during non-syscall exec()

Browse source 
When loading a new executable, we now map the ELF image in kernel-only
memory and parse it there. Then we use copy_to_user() when initializing
writable regions with data from the executable.

Note that the exec() syscall still disables SMAP protection and will
require additional work. This patch only affects kernel-originated
process spawns.
This commit is contained in:
Andreas Kling 2020-01-10 06:57:18 +01:00
parent 66b0002acb
commit 197e73ee31
5 changed files with 20 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

7
Kernel/VM/Region.cpp
View file

@ -189,6 +189,13 @@ NonnullOwnPtr<Region> Region::create_kernel_only(const Range& range, const Strin
return region;
}
NonnullOwnPtr<Region> Region::create_kernel_only(const Range& range, NonnullRefPtr<VMObject> vmobject, size_t offset_in_vmobject, const StringView& name, u8 access)
{
auto region = make<Region>(range, move(vmobject), offset_in_vmobject, name, access);
region->m_user_accessible = false;
return region;
}
bool Region::should_cow(size_t page_index) const
{
if (m_shared)