diff options
author | Ted Unangst <tedu@cvs.openbsd.org> | 2003-07-21 22:52:20 +0000 |
---|---|---|
committer | Ted Unangst <tedu@cvs.openbsd.org> | 2003-07-21 22:52:20 +0000 |
commit | 4096cc14735f450e0e4d12fb1e14a5c2adcc1b3f (patch) | |
tree | aba6d911569ad55bef7b98263a42ea5bf2cec28c /sys | |
parent | 295798e5c52ef7f5f18d80e2f47c8a974f877a7f (diff) |
enforce restrictions on prot and flags to mprotect and mmap. invalid or
undefined flags are now rejected instead of silently ignored. makes
"unintentional" mprotect calls a touch harder.
ok art@ deraadt@ jason@
Diffstat (limited to 'sys')
-rw-r--r-- | sys/sys/mman.h | 3 | ||||
-rw-r--r-- | sys/uvm/uvm_mmap.c | 18 |
2 files changed, 16 insertions, 5 deletions
diff --git a/sys/sys/mman.h b/sys/sys/mman.h index a0ab8cc746c..ffd4de00264 100644 --- a/sys/sys/mman.h +++ b/sys/sys/mman.h @@ -1,4 +1,4 @@ -/* $OpenBSD: mman.h,v 1.17 2003/07/01 23:23:04 tedu Exp $ */ +/* $OpenBSD: mman.h,v 1.18 2003/07/21 22:52:19 tedu Exp $ */ /* $NetBSD: mman.h,v 1.11 1995/03/26 20:24:23 jtc Exp $ */ /*- @@ -69,6 +69,7 @@ */ #define MAP_FILE 0x0000 /* map from file (default) */ #define MAP_ANON 0x1000 /* allocated from memory, swap space */ +#define MAP_FLAGMASK 0x17f7 /* * Advice to madvise diff --git a/sys/uvm/uvm_mmap.c b/sys/uvm/uvm_mmap.c index 805f9adc488..1f650f6a3f1 100644 --- a/sys/uvm/uvm_mmap.c +++ b/sys/uvm/uvm_mmap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uvm_mmap.c,v 1.48 2003/07/01 23:23:04 tedu Exp $ */ +/* $OpenBSD: uvm_mmap.c,v 1.49 2003/07/21 22:52:19 tedu Exp $ */ /* $NetBSD: uvm_mmap.c,v 1.49 2001/02/18 21:19:08 chs Exp $ */ /* @@ -153,10 +153,13 @@ sys_mquery(p, v, retval) int fd; vaddr = (vaddr_t) SCARG(uap, addr); - prot = SCARG(uap, prot) & VM_PROT_ALL; + prot = SCARG(uap, prot); size = (vsize_t) SCARG(uap, len); fd = SCARG(uap, fd); + if ((prot & VM_PROT_ALL) != prot) + return (EINVAL); + if (SCARG(uap, flags) & MAP_FIXED) flags |= UVM_FLAG_FIXED; @@ -391,7 +394,7 @@ sys_mmap(p, v, retval) addr = (vaddr_t) SCARG(uap, addr); size = (vsize_t) SCARG(uap, len); - prot = SCARG(uap, prot) & VM_PROT_ALL; + prot = SCARG(uap, prot); flags = SCARG(uap, flags); fd = SCARG(uap, fd); pos = SCARG(uap, pos); @@ -400,6 +403,10 @@ sys_mmap(p, v, retval) * Fixup the old deprecated MAP_COPY into MAP_PRIVATE, and * validate the flags. */ + if ((prot & VM_PROT_ALL) != prot) + return (EINVAL); + if ((flags & MAP_FLAGMASK) != flags) + return (EINVAL); if (flags & MAP_COPY) flags = (flags & ~MAP_COPY) | MAP_PRIVATE; if ((flags & (MAP_SHARED|MAP_PRIVATE)) == (MAP_SHARED|MAP_PRIVATE)) @@ -812,7 +819,10 @@ sys_mprotect(p, v, retval) addr = (vaddr_t)SCARG(uap, addr); size = (vsize_t)SCARG(uap, len); - prot = SCARG(uap, prot) & VM_PROT_ALL; + prot = SCARG(uap, prot); + + if ((prot & VM_PROT_ALL) != prot) + return (EINVAL); /* * align the address to a page boundary, and adjust the size accordingly |