Date: Sun, 19 Sep 2010 14:23:10 -0500 From: Alan Cox <alc@rice.edu> To: arundel@FreeBSD.org Cc: alc@FreeBSD.org, freebsd-bugs@FreeBSD.org Subject: Re: kern/150260: mmap(2) fails with EPERM (not documented) if read-only shared memory is mmapped with MAP_PRIVATE & PROT_WRITE Message-ID: <4C96631E.40400@rice.edu> In-Reply-To: <201009051525.o85FPFLa055194@freefall.freebsd.org> References: <201009051525.o85FPFLa055194@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
arundel@FreeBSD.org wrote: > Synopsis: mmap(2) fails with EPERM (not documented) if read-only shared memory is mmapped with MAP_PRIVATE & PROT_WRITE > > Responsible-Changed-From-To: freebsd-bugs->alc > Responsible-Changed-By: arundel > Responsible-Changed-When: Sun Sep 5 15:21:21 UTC 2010 > Responsible-Changed-Why: > Alan might have an opinion on this PR. > > http://www.freebsd.org/cgi/query-pr.cgi?pr=150260 > > It's a legitimate bug. The attached program has a couple minor issues. It crashes on amd64 because string.h is not included. (strerror() needs to be declared, otherwise its return value is believed to be a 32-bit int, and not a pointer.) Also, contrary to the bug description, the attached program specifies MAP_SHARED where it clearly means to use MAP_PRIVATE. I believe that the following change addresses the bug: Index: vm/vm_mmap.c =================================================================== --- vm/vm_mmap.c (revision 212830) +++ vm/vm_mmap.c (working copy) @@ -1373,7 +1373,8 @@ vm_mmap_shm(struct thread *td, vm_size_t objsize, { int error; - if ((*maxprotp & VM_PROT_WRITE) == 0 && + if ((*flagsp & MAP_SHARED) != 0 && + (*maxprotp & VM_PROT_WRITE) == 0 && (prot & PROT_WRITE) != 0) return (EACCES); #ifdef MAC
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4C96631E.40400>