From 419e0ced27c283ef053fb5186357a26ef2436dd9 Mon Sep 17 00:00:00 2001
From: Andreas Kling <awesomekling@gmail.com>
Date: Wed, 25 Dec 2019 11:54:16 +0100
Subject: [PATCH] Kernel: Don't allow mmap()/mprotect() to set up
 PROT_WRITE|PROT_EXEC

..but also allow mprotect() to set PROT_EXEC on a region, something
we were just ignoring before.
---
 Kernel/Process.cpp | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/Kernel/Process.cpp b/Kernel/Process.cpp
index ba296948aa..956bc0df6a 100644
--- a/Kernel/Process.cpp
+++ b/Kernel/Process.cpp
@@ -235,6 +235,9 @@ void* Process::sys$mmap(const Syscall::SC_mmap_params* params)
     if ((flags & MAP_SHARED) && (flags & MAP_PRIVATE))
         return (void*)-EINVAL;
 
+    if ((prot & PROT_WRITE) && (prot & PROT_EXEC))
+        return (void*)-EINVAL;
+
     // EINVAL: MAP_STACK cannot be used with shared or file-backed mappings
     if ((flags & MAP_STACK) && ((flags & MAP_SHARED) || !(flags & MAP_PRIVATE) || !(flags & MAP_ANONYMOUS)))
         return (void*)-EINVAL;
@@ -338,8 +341,11 @@ int Process::sys$mprotect(void* addr, size_t size, int prot)
         return -EINVAL;
     if (!region->is_mmap())
         return -EPERM;
+    if ((prot & PROT_WRITE) && (prot & PROT_EXEC))
+        return -EINVAL;
     region->set_readable(prot & PROT_READ);
     region->set_writable(prot & PROT_WRITE);
+    region->set_executable(prot & PROT_EXEC);
     region->remap();
     return 0;
 }