RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-05-31 11:58:12 +00:00
Code Issues Activity Actions

Kernel: Don't allow mmap()/mprotect() to set up PROT_WRITE|PROT_EXEC

Browse source 
..but also allow mprotect() to set PROT_EXEC on a region, something
we were just ignoring before.
This commit is contained in:
Andreas Kling 2019-12-25 11:54:16 +01:00
parent 33efeaf71a
commit 419e0ced27
1 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
Kernel/Process.cpp
View file

@ -235,6 +235,9 @@ void* Process::sys$mmap(const Syscall::SC_mmap_params* params)
if ((flags & MAP_SHARED) && (flags & MAP_PRIVATE))
return (void*)-EINVAL;
if ((prot & PROT_WRITE) && (prot & PROT_EXEC))
return (void*)-EINVAL;
// EINVAL: MAP_STACK cannot be used with shared or file-backed mappings
if ((flags & MAP_STACK) && ((flags & MAP_SHARED) || !(flags & MAP_PRIVATE) || !(flags & MAP_ANONYMOUS)))
return (void*)-EINVAL;
@ -338,8 +341,11 @@ int Process::sys$mprotect(void* addr, size_t size, int prot)
return -EINVAL;
if (!region->is_mmap())
return -EPERM;
if ((prot & PROT_WRITE) && (prot & PROT_EXEC))
return -EINVAL;
region->set_readable(prot & PROT_READ);
region->set_writable(prot & PROT_WRITE);
region->set_executable(prot & PROT_EXEC);
region->remap();
return 0;
}