[Bug 217062] for file systems mounted with -o noexec, exec=off property does not work for mmap
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sun Feb 19 20:51:43 UTC 2017
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=217062
--- Comment #7 from commit-hook at freebsd.org ---
A commit references this bug:
Author: kib
Date: Sun Feb 19 20:51:05 UTC 2017
New revision: 313967
URL: https://svnweb.freebsd.org/changeset/base/313967
Log:
Apply noexec mount option for mmap(PROT_EXEC).
Right now the noexec mount option disallows image activators to try
execve the files on the mount point. Also, after r127187, noexec
also limits max_prot map entries permissions for mappings of files
from such mounts, but not the actual mapping permissions.
As result, the API behaviour is inconsistent. The files from noexec
mount can be mapped with PROT_EXEC, but if mprotect(2) drops execution
permission, it cannot be re-enabled later. Make this consistent
logically and aligned with behaviour of other systems, by disallowing
PROT_EXEC for mmap(2).
Note that this change only ensures aligned results from mmap(2) and
mprotect(2), it does not prevent actual code execution from files
coming from noexec mount. Such files can always be read into
anonymous executable memory and executed from there.
Reported by: shamaz.mazum at gmail.com
PR: 217062
Reviewed by: alc
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Changes:
head/sys/fs/devfs/devfs_vnops.c
head/sys/kern/vfs_vnops.c
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-fs
mailing list