summaryrefslogtreecommitdiff
path: root/sys
diff options
context:
space:
mode:
authorTed Unangst <tedu@cvs.openbsd.org>2003-07-21 22:52:20 +0000
committerTed Unangst <tedu@cvs.openbsd.org>2003-07-21 22:52:20 +0000
commit4096cc14735f450e0e4d12fb1e14a5c2adcc1b3f (patch)
treeaba6d911569ad55bef7b98263a42ea5bf2cec28c /sys
parent295798e5c52ef7f5f18d80e2f47c8a974f877a7f (diff)
enforce restrictions on prot and flags to mprotect and mmap. invalid or
undefined flags are now rejected instead of silently ignored. makes "unintentional" mprotect calls a touch harder. ok art@ deraadt@ jason@
Diffstat (limited to 'sys')
-rw-r--r--sys/sys/mman.h3
-rw-r--r--sys/uvm/uvm_mmap.c18
2 files changed, 16 insertions, 5 deletions
diff --git a/sys/sys/mman.h b/sys/sys/mman.h
index a0ab8cc746c..ffd4de00264 100644
--- a/sys/sys/mman.h
+++ b/sys/sys/mman.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: mman.h,v 1.17 2003/07/01 23:23:04 tedu Exp $ */
+/* $OpenBSD: mman.h,v 1.18 2003/07/21 22:52:19 tedu Exp $ */
/* $NetBSD: mman.h,v 1.11 1995/03/26 20:24:23 jtc Exp $ */
/*-
@@ -69,6 +69,7 @@
*/
#define MAP_FILE 0x0000 /* map from file (default) */
#define MAP_ANON 0x1000 /* allocated from memory, swap space */
+#define MAP_FLAGMASK 0x17f7
/*
* Advice to madvise
diff --git a/sys/uvm/uvm_mmap.c b/sys/uvm/uvm_mmap.c
index 805f9adc488..1f650f6a3f1 100644
--- a/sys/uvm/uvm_mmap.c
+++ b/sys/uvm/uvm_mmap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: uvm_mmap.c,v 1.48 2003/07/01 23:23:04 tedu Exp $ */
+/* $OpenBSD: uvm_mmap.c,v 1.49 2003/07/21 22:52:19 tedu Exp $ */
/* $NetBSD: uvm_mmap.c,v 1.49 2001/02/18 21:19:08 chs Exp $ */
/*
@@ -153,10 +153,13 @@ sys_mquery(p, v, retval)
int fd;
vaddr = (vaddr_t) SCARG(uap, addr);
- prot = SCARG(uap, prot) & VM_PROT_ALL;
+ prot = SCARG(uap, prot);
size = (vsize_t) SCARG(uap, len);
fd = SCARG(uap, fd);
+ if ((prot & VM_PROT_ALL) != prot)
+ return (EINVAL);
+
if (SCARG(uap, flags) & MAP_FIXED)
flags |= UVM_FLAG_FIXED;
@@ -391,7 +394,7 @@ sys_mmap(p, v, retval)
addr = (vaddr_t) SCARG(uap, addr);
size = (vsize_t) SCARG(uap, len);
- prot = SCARG(uap, prot) & VM_PROT_ALL;
+ prot = SCARG(uap, prot);
flags = SCARG(uap, flags);
fd = SCARG(uap, fd);
pos = SCARG(uap, pos);
@@ -400,6 +403,10 @@ sys_mmap(p, v, retval)
* Fixup the old deprecated MAP_COPY into MAP_PRIVATE, and
* validate the flags.
*/
+ if ((prot & VM_PROT_ALL) != prot)
+ return (EINVAL);
+ if ((flags & MAP_FLAGMASK) != flags)
+ return (EINVAL);
if (flags & MAP_COPY)
flags = (flags & ~MAP_COPY) | MAP_PRIVATE;
if ((flags & (MAP_SHARED|MAP_PRIVATE)) == (MAP_SHARED|MAP_PRIVATE))
@@ -812,7 +819,10 @@ sys_mprotect(p, v, retval)
addr = (vaddr_t)SCARG(uap, addr);
size = (vsize_t)SCARG(uap, len);
- prot = SCARG(uap, prot) & VM_PROT_ALL;
+ prot = SCARG(uap, prot);
+
+ if ((prot & VM_PROT_ALL) != prot)
+ return (EINVAL);
/*
* align the address to a page boundary, and adjust the size accordingly