Date: Mon, 15 Sep 2003 15:05:25 +0100 From: Peter Edwards <peter.edwards@openet-telecom.com> To: Terry Lambert <tlambert2@mindspring.com> Cc: current@freebsd.org Subject: Re: Text file busy Message-ID: <3F65C725.6090300@openet-telecom.com> In-Reply-To: <3F584702.82473957@mindspring.com> References: <1062686653.67807.77.camel@localhost> <20030904174858.L78363@volatile.chemikals.org> <3F584702.82473957@mindspring.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format.
--------------060405060803020304090006
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Terry Lambert wrote:
>Wesley Morgan wrote:
>
>
>>It's also unfortunate that this protection does not seem to extend to
>>libaries. I've had some in-use X libraries get overwritten with some very
>>colorful results.
>>
>>
>
>So send patches.
>
>
I did a year ago :-) See PR 37554. (Not the original patch, the
self-follow-up).
That was for 4.5-STABLE: It's been running on a box that does nightly
builds of -current and -stable (and infrequent installworlds of -stable)
since then without any ill effects. A -current equivalent (with a sysctl
knob, "vm.mmap_exec_immutable", to turn the behaviour on/off) is
attached, in case anyone's interested.
As noted in the original PR, the choice of PROT_EXEC to decide to add
VV_TEXT to the vnode might be better done with a new mmap flag, say,
PROT_IMMUTABLE or something, but PROT_EXEC works fine for me.
--------------060405060803020304090006
Content-Type: text/plain;
name="vm_mmap_patch.txt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="vm_mmap_patch.txt"
Index: sys/vm/vm_mmap.c
===================================================================
RCS file: /pub/FreeBSD/development/FreeBSD-CVS/src/sys/vm/vm_mmap.c,v
retrieving revision 1.165
diff -u -r1.165 vm_mmap.c
--- sys/vm/vm_mmap.c 7 Sep 2003 18:47:54 -0000 1.165
+++ sys/vm/vm_mmap.c 15 Sep 2003 13:36:46 -0000
@@ -91,6 +91,11 @@
static int max_proc_mmap;
SYSCTL_INT(_vm, OID_AUTO, max_proc_mmap, CTLFLAG_RW, &max_proc_mmap, 0, "");
+static int mmap_exec_immutable = 1;
+SYSCTL_INT(_vm, OID_AUTO, mmap_exec_immutable, CTLFLAG_RW,
+ &mmap_exec_immutable, 1, "mmap(2) of a regular file for execute access "
+ "marks the file as immutable");
+
/*
* Set the maximum number of vm_map_entry structures per process. Roughly
* speaking vm_map_entry structures are tiny, so allowing them to eat 1/100
@@ -443,8 +448,18 @@
error = vm_mmap(&vms->vm_map, &addr, size, prot, maxprot,
flags, handle, pos);
mtx_lock(&Giant);
- if (error == 0)
+ if (error == 0) {
+ /*
+ * If mapping a regular file as PROT_EXEC, and configured to,
+ * mark the file as immutable
+ */
+ if (mmap_exec_immutable &&
+ handle != NULL && vp != NULL &&
+ (prot & PROT_EXEC) && vp->v_type == VREG)
+ vp->v_vflag |= VV_TEXT;
td->td_retval[0] = (register_t) (addr + pageoff);
+ }
+
done:
if (vp)
vput(vp);
--------------060405060803020304090006--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F65C725.6090300>