kern/150260: mmap(2) fails with EPERM (not documented) if
read-only shared memory is mmapped with MAP_PRIVATE & PROT_WRITE
Alan Cox
alc at rice.edu
Sun Sep 19 19:40:48 UTC 2010
arundel at FreeBSD.org wrote:
> Synopsis: mmap(2) fails with EPERM (not documented) if read-only shared memory is mmapped with MAP_PRIVATE & PROT_WRITE
>
> Responsible-Changed-From-To: freebsd-bugs->alc
> Responsible-Changed-By: arundel
> Responsible-Changed-When: Sun Sep 5 15:21:21 UTC 2010
> Responsible-Changed-Why:
> Alan might have an opinion on this PR.
>
> http://www.freebsd.org/cgi/query-pr.cgi?pr=150260
>
>
It's a legitimate bug.
The attached program has a couple minor issues. It crashes on amd64
because string.h is not included. (strerror() needs to be declared,
otherwise its return value is believed to be a 32-bit int, and not a
pointer.) Also, contrary to the bug description, the attached program
specifies MAP_SHARED where it clearly means to use MAP_PRIVATE.
I believe that the following change addresses the bug:
Index: vm/vm_mmap.c
===================================================================
--- vm/vm_mmap.c (revision 212830)
+++ vm/vm_mmap.c (working copy)
@@ -1373,7 +1373,8 @@ vm_mmap_shm(struct thread *td, vm_size_t objsize,
{
int error;
- if ((*maxprotp & VM_PROT_WRITE) == 0 &&
+ if ((*flagsp & MAP_SHARED) != 0 &&
+ (*maxprotp & VM_PROT_WRITE) == 0 &&
(prot & PROT_WRITE) != 0)
return (EACCES);
#ifdef MAC
More information about the freebsd-bugs
mailing list