qiurui
/
glibc
mirror of git://sourceware.org/git/glibc.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

hurd: Map brk non-executable 

The rest of the heap (backed by individual pages) is already mapped RW.
Mapping these pages RWX presents a security hazard.

Also, in another branch memory gets allocated using vm_allocate, which
sets memory protection to VM_PROT_DEFAULT (which is RW). The mismatch
between protections prevents Mach from coalescing the VM map entries.

Signed-off-by: Sergey Bugaev <bugaevc@gmail.com>
Message-Id: <20230625231751.404120-2-bugaevc@gmail.com>
This commit is contained in:
Sergey Bugaev 2023-06-26 02:17:48 +03:00 committed by Samuel Thibault
parent 019b0bbc84
commit 4b5e576fc2
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sysdeps/mach/hurd/brk.c
View File

@ -106,7 +106,7 @@ _hurd_set_brk (vm_address_t addr)
/* First finish allocation. */ /* First finish allocation. */
err = __vm_protect (__mach_task_self (), pagebrk, err = __vm_protect (__mach_task_self (), pagebrk,
alloc_start - pagebrk, 0, alloc_start - pagebrk, 0,
VM_PROT_READ|VM_PROT_WRITE|VM_PROT_EXECUTE); VM_PROT_READ|VM_PROT_WRITE);
if (! err) if (! err)
_hurd_brk = alloc_start; _hurd_brk = alloc_start;
@ -120,7 +120,7 @@ _hurd_set_brk (vm_address_t addr)
else else
/* Make the memory accessible. */ /* Make the memory accessible. */
err = __vm_protect (__mach_task_self (), pagebrk, pagend - pagebrk, err = __vm_protect (__mach_task_self (), pagebrk, pagend - pagebrk,
0, VM_PROT_READ|VM_PROT_WRITE|VM_PROT_EXECUTE); 0, VM_PROT_READ|VM_PROT_WRITE);
if (err) if (err)
return __hurd_fail (err); return __hurd_fail (err);