serenity

RGBCube/serenity

Fork 0

mirror of https://github.com/RGBCube/serenity synced 2025-05-18 20:45:08 +00:00

Commit graph

Author	SHA1	Message	Date
Ben Wiederhake	29eceebdbf	Tests: Build automatically, fix compilation errors	2020-08-02 17:15:36 +02:00
Andreas Kling	862b3ccb4e	Kernel: Enforce W^X between sys$mmap() and sys$execve() It's now an error to sys$mmap() a file as writable if it's currently mapped executable by anyone else. It's also an error to sys$execve() a file that's currently mapped writable by anyone else. This fixes a race condition vulnerability where one program could make modifications to an executable while another process was in the kernel, in the middle of exec'ing the same executable. Test: Kernel/elf-execve-mmap-race.cpp	2020-01-18 23:40:12 +01:00

Author

SHA1

Message

Date

Ben Wiederhake

29eceebdbf

Tests: Build automatically, fix compilation errors

2020-08-02 17:15:36 +02:00

Andreas Kling

862b3ccb4e

Kernel: Enforce W^X between sys$mmap() and sys$execve()

It's now an error to sys$mmap() a file as writable if it's currently
mapped executable by anyone else.

It's also an error to sys$execve() a file that's currently mapped
writable by anyone else.

This fixes a race condition vulnerability where one program could make
modifications to an executable while another process was in the kernel,
in the middle of exec'ing the same executable.

Test: Kernel/elf-execve-mmap-race.cpp

2020-01-18 23:40:12 +01:00

2 commits