PERFORCE change 14863 for review
Brian Feldman
green at freebsd.org
Wed Jul 24 20:49:49 GMT 2002
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=14863
Change 14863 by green at green_laptop_2 on 2002/07/24 13:48:51
Change vm_mmap(9) semantics to remove all non-MAC-policy-specified
protections from the maximum protections on the mapping and to
reject the mapping if the protections requested are not a subset
of such protections allowed.
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/vm/vm_mmap.c#10 edit
Differences ...
==== //depot/projects/trustedbsd/mac/sys/vm/vm_mmap.c#10 (text+ko) ====
@@ -426,14 +426,25 @@
#ifdef MAC
if (handle != NULL) {
if (flags & MAP_SHARED) {
+ /*
+ * Decrease maximum allowed protection that may be
+ * used with mprotect(2) later to that which the
+ * policies might allow "at the moment". This
+ * should possibly be revoked or limited further
+ * in mprotect(2).
+ *
+ * Make sure that prot is within the scope of
+ * what policies will allow, or fail immediately.
+ */
vm_prot_t macmaxprot;
macmaxprot = mac_cred_check_mmap_vnode_prot(
td->td_ucred, (struct vnode *)handle, 1);
- if ((maxprot & macmaxprot) != maxprot) {
- error = EPERM;
+ if ((prot & macmaxprot) != prot) {
+ error = EACCES;
goto done;
}
+ maxprot &= macmaxprot;
}
/*
* XXX Policies (e.g. LOMAC) should possibly check for a read
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list