diff options
| author | Sergey Bugaev <bugaevc@gmail.com> | 2023-06-26 02:17:48 +0300 |
|---|---|---|
| committer | Samuel Thibault <samuel.thibault@ens-lyon.org> | 2023-07-03 01:38:08 +0200 |
| commit | 4b5e576fc21931969c0a1b53fdaf7ce3bfcebb86 (patch) | |
| tree | d43ea87d74c802ee718b178c2138066a902dd204 | |
| parent | 019b0bbc84e2048556ac1a6b6df3a61e45fc1e17 (diff) | |
| download | glibc-4b5e576fc21931969c0a1b53fdaf7ce3bfcebb86.tar.gz glibc-4b5e576fc21931969c0a1b53fdaf7ce3bfcebb86.tar.xz glibc-4b5e576fc21931969c0a1b53fdaf7ce3bfcebb86.zip | |
hurd: Map brk non-executable
The rest of the heap (backed by individual pages) is already mapped RW. Mapping these pages RWX presents a security hazard. Also, in another branch memory gets allocated using vm_allocate, which sets memory protection to VM_PROT_DEFAULT (which is RW). The mismatch between protections prevents Mach from coalescing the VM map entries. Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Message-Id: <20230625231751.404120-2-bugaevc@gmail.com>
| -rw-r--r-- | sysdeps/mach/hurd/brk.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sysdeps/mach/hurd/brk.c b/sysdeps/mach/hurd/brk.c index f1349495f5..3a335194f5 100644 --- a/sysdeps/mach/hurd/brk.c +++ b/sysdeps/mach/hurd/brk.c @@ -106,7 +106,7 @@ _hurd_set_brk (vm_address_t addr) /* First finish allocation. */ err = __vm_protect (__mach_task_self (), pagebrk, alloc_start - pagebrk, 0, - VM_PROT_READ|VM_PROT_WRITE|VM_PROT_EXECUTE); + VM_PROT_READ|VM_PROT_WRITE); if (! err) _hurd_brk = alloc_start; @@ -120,7 +120,7 @@ _hurd_set_brk (vm_address_t addr) else /* Make the memory accessible. */ err = __vm_protect (__mach_task_self (), pagebrk, pagend - pagebrk, - 0, VM_PROT_READ|VM_PROT_WRITE|VM_PROT_EXECUTE); + 0, VM_PROT_READ|VM_PROT_WRITE); if (err) return __hurd_fail (err); |