cheri: malloc: Ensure the mappings have RW permission

The arena allocator incrementally applies RW mprotect to a PROT_NONE mapping. Use PROT_MAX to ensure the pointers derived from the original mapping have RW capability permission.
author: Szabolcs Nagy <szabolcs.nagy@arm.com> 2022-10-21 12:35:33 +0100
committer: Szabolcs Nagy <szabolcs.nagy@arm.com> 2022-10-26 15:32:01 +0100
commit: 44283b4f2ff4dd8976209b6438e4279a0f3f07d5 (patch)
tree: ad7027bcfedf79778c411de62ab1858df74dd823
parent: 418ede06d733e2388decf9a2b9f60674463d14d1 (diff)
download: glibc-44283b4f2ff4dd8976209b6438e4279a0f3f07d5.tar.gz
glibc-44283b4f2ff4dd8976209b6438e4279a0f3f07d5.tar.xz
glibc-44283b4f2ff4dd8976209b6438e4279a0f3f07d5.zip
1 files changed, 9 insertions, 1 deletions
diff --git a/malloc/malloc.c b/malloc/malloc.c
index cc222eaba2..392116a5ac 100644
--- a/malloc/malloc.c
+++ b/malloc/malloc.c
@@ -1284,8 +1284,16 @@ static mchunkptr mremap_chunk(mchunkptr p, size_t new_size);
 # define MAP_NORESERVE 0
 #endif
 
+/* Allow RW mprotect later, on CHERI this means RW capability permission.  */
+#ifdef PROT_MAX
+# define PROT_MAX_RW PROT_MAX (PROT_READ | PROT_WRITE)
+#else
+# define PROT_MAX_RW 0
+#endif
+
 #define MMAP(addr, size, prot, flags) \
- __mmap((addr), (size), (prot), (flags)|MAP_ANONYMOUS|MAP_PRIVATE, -1, 0)
+ __mmap((addr), (size), (prot)|PROT_MAX_RW, \
+	(flags)|MAP_ANONYMOUS|MAP_PRIVATE, -1, 0)
 
 
 /*
author	Szabolcs Nagy <szabolcs.nagy@arm.com>	2022-10-21 12:35:33 +0100
committer	Szabolcs Nagy <szabolcs.nagy@arm.com>	2022-10-26 15:32:01 +0100
commit	44283b4f2ff4dd8976209b6438e4279a0f3f07d5 (patch)
tree	ad7027bcfedf79778c411de62ab1858df74dd823
parent	418ede06d733e2388decf9a2b9f60674463d14d1 (diff)
download	glibc-44283b4f2ff4dd8976209b6438e4279a0f3f07d5.tar.gz glibc-44283b4f2ff4dd8976209b6438e4279a0f3f07d5.tar.xz glibc-44283b4f2ff4dd8976209b6438e4279a0f3f07d5.zip