[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 2/5] hurd: Map brk non-executable
|
From: |
Samuel Thibault |
|
Subject: |
Re: [PATCH 2/5] hurd: Map brk non-executable |
|
Date: |
Mon, 3 Jul 2023 01:27:02 +0200 |
|
User-agent: |
NeoMutt/20170609 (1.8.3) |
Applied, thanks!
Sergey Bugaev via Libc-alpha, le lun. 26 juin 2023 02:17:48 +0300, a ecrit:
> The rest of the heap (backed by individual pages) is already mapped RW.
> Mapping these pages RWX presents a security hazard.
>
> Also, in another branch memory gets allocated using vm_allocate, which
> sets memory protection to VM_PROT_DEFAULT (which is RW). The mismatch
> between protections prevents Mach from coalescing the VM map entries.
>
> Signed-off-by: Sergey Bugaev <bugaevc@gmail.com>
> ---
> sysdeps/mach/hurd/brk.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/sysdeps/mach/hurd/brk.c b/sysdeps/mach/hurd/brk.c
> index f1349495..3a335194 100644
> --- a/sysdeps/mach/hurd/brk.c
> +++ b/sysdeps/mach/hurd/brk.c
> @@ -106,7 +106,7 @@ _hurd_set_brk (vm_address_t addr)
> /* First finish allocation. */
> err = __vm_protect (__mach_task_self (), pagebrk,
> alloc_start - pagebrk, 0,
> - VM_PROT_READ|VM_PROT_WRITE|VM_PROT_EXECUTE);
> + VM_PROT_READ|VM_PROT_WRITE);
> if (! err)
> _hurd_brk = alloc_start;
>
> @@ -120,7 +120,7 @@ _hurd_set_brk (vm_address_t addr)
> else
> /* Make the memory accessible. */
> err = __vm_protect (__mach_task_self (), pagebrk, pagend - pagebrk,
> - 0, VM_PROT_READ|VM_PROT_WRITE|VM_PROT_EXECUTE);
> + 0, VM_PROT_READ|VM_PROT_WRITE);
>
> if (err)
> return __hurd_fail (err);
> --
> 2.41.0
>
--
Samuel
---
Pour une évaluation indépendante, transparente et rigoureuse !
Je soutiens la Commission d'Évaluation de l'Inria.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: [PATCH 2/5] hurd: Map brk non-executable,
Samuel Thibault <=