diff options
author | guido <guido@FreeBSD.org> | 2004-03-18 20:58:51 +0000 |
---|---|---|
committer | guido <guido@FreeBSD.org> | 2004-03-18 20:58:51 +0000 |
commit | 365db5dd01b85276d53134f9ea822f82253fba23 (patch) | |
tree | ca4397c35f90c0e388bb6ae52f153c0faa130189 /sys | |
parent | 12c28227775bffc834e599b852c0f92a43a634b0 (diff) | |
download | FreeBSD-src-365db5dd01b85276d53134f9ea822f82253fba23.zip FreeBSD-src-365db5dd01b85276d53134f9ea822f82253fba23.tar.gz |
When mmap-ing a file from a noexec mount, be sure not to grant the right
to mmap it PROT_EXEC. This also depends on the architecture, as some
architextures (e.g. i386) do not distinguish between read and exec pages
Inspired by: http://linux.bkbits.net:8080/linux-2.4/cset@1.1267.1.85
Reviewed by: alc
Diffstat (limited to 'sys')
-rw-r--r-- | sys/vm/vm_mmap.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/sys/vm/vm_mmap.c b/sys/vm/vm_mmap.c index becc0e8..380f086 100644 --- a/sys/vm/vm_mmap.c +++ b/sys/vm/vm_mmap.c @@ -65,6 +65,7 @@ __FBSDID("$FreeBSD$"); #include <sys/file.h> #include <sys/mac.h> #include <sys/mman.h> +#include <sys/mount.h> #include <sys/conf.h> #include <sys/stat.h> #include <sys/vmmeter.h> @@ -323,7 +324,10 @@ mmap(td, uap) * credentials do we use for determination? What if * proc does a setuid? */ - maxprot = VM_PROT_EXECUTE; /* ??? */ + if (vp->v_mount->mnt_flag & MNT_NOEXEC) + maxprot = VM_PROT_NONE; + else + maxprot = VM_PROT_EXECUTE; if (fp->f_flag & FREAD) { maxprot |= VM_PROT_READ; } else if (prot & PROT_READ) { |