svn commit: r314298 - in stable/11/sys: fs/devfs kern
Konstantin Belousov
kib at FreeBSD.org
Sun Feb 26 11:02:15 UTC 2017
Author: kib
Date: Sun Feb 26 11:02:14 2017
New Revision: 314298
URL: https://svnweb.freebsd.org/changeset/base/314298
Log:
MFC r313967:
Apply noexec mount option for mmap(PROT_EXEC).
PR: 217062
Modified:
stable/11/sys/fs/devfs/devfs_vnops.c
stable/11/sys/kern/vfs_vnops.c
Directory Properties:
stable/11/ (props changed)
Modified: stable/11/sys/fs/devfs/devfs_vnops.c
==============================================================================
--- stable/11/sys/fs/devfs/devfs_vnops.c Sun Feb 26 10:58:01 2017 (r314297)
+++ stable/11/sys/fs/devfs/devfs_vnops.c Sun Feb 26 11:02:14 2017 (r314298)
@@ -1789,9 +1789,11 @@ devfs_mmap_f(struct file *fp, vm_map_t m
* compatible.
*/
mp = vp->v_mount;
- if (mp != NULL && (mp->mnt_flag & MNT_NOEXEC) != 0)
+ if (mp != NULL && (mp->mnt_flag & MNT_NOEXEC) != 0) {
maxprot = VM_PROT_NONE;
- else
+ if ((prot & VM_PROT_EXECUTE) != 0)
+ return (EACCES);
+ } else
maxprot = VM_PROT_EXECUTE;
if ((fp->f_flag & FREAD) != 0)
maxprot |= VM_PROT_READ;
Modified: stable/11/sys/kern/vfs_vnops.c
==============================================================================
--- stable/11/sys/kern/vfs_vnops.c Sun Feb 26 10:58:01 2017 (r314297)
+++ stable/11/sys/kern/vfs_vnops.c Sun Feb 26 11:02:14 2017 (r314298)
@@ -2434,9 +2434,11 @@ vn_mmap(struct file *fp, vm_map_t map, v
* proc does a setuid?
*/
mp = vp->v_mount;
- if (mp != NULL && (mp->mnt_flag & MNT_NOEXEC) != 0)
+ if (mp != NULL && (mp->mnt_flag & MNT_NOEXEC) != 0) {
maxprot = VM_PROT_NONE;
- else
+ if ((prot & VM_PROT_EXECUTE) != 0)
+ return (EACCES);
+ } else
maxprot = VM_PROT_EXECUTE;
if ((fp->f_flag & FREAD) != 0)
maxprot |= VM_PROT_READ;
More information about the svn-src-stable
mailing list