RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-06-01 06:18:12 +00:00
Code Issues Activity Actions

Kernel: Add "prot_exec" pledge promise and require it for PROT_EXEC

Browse source 
This prevents sys$mmap() and sys$mprotect() from creating executable
memory mappings in pledged programs that don't have this promise.

Note that the dynamic loader runs before pledging happens, so it's
unaffected by this.
This commit is contained in:
Andreas Kling 2021-01-29 18:50:27 +01:00
parent df30b3e54c
commit d0c5979d96
3 changed files with 11 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

8
Kernel/Syscalls/mmap.cpp
View file

@ -163,6 +163,10 @@ void* Process::sys$mmap(Userspace<const Syscall::SC_mmap_params*> user_params)
int fd = params.fd;
int offset = params.offset;
if (prot & PROT_EXEC) {
REQUIRE_PROMISE(prot_exec);
}
if (alignment & ~PAGE_MASK)
return (void*)-EINVAL;
@ -274,6 +278,10 @@ int Process::sys$mprotect(void* addr, size_t size, int prot)
{
REQUIRE_PROMISE(stdio);
if (prot & PROT_EXEC) {
REQUIRE_PROMISE(prot_exec);
}
if (!size)
return -EINVAL;