From owner-freebsd-bugs  Thu Jun 13 12:20:11 2002
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 0542937B41F
	for <freebsd-bugs@hub.freebsd.org>; Thu, 13 Jun 2002 12:20:04 -0700 (PDT)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.6/8.11.6) id g5DJK4V67244;
	Thu, 13 Jun 2002 12:20:04 -0700 (PDT)
	(envelope-from gnats)
Date: Thu, 13 Jun 2002 12:20:04 -0700 (PDT)
Message-Id: <200206131920.g5DJK4V67244@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
Cc: 
From: Peter Edwards <peter.edwards@openet-telecom.com>
Subject: Re: kern/37554: [PATCH] Make ELF shared libraries immutable once
 loaded (like executables)
Reply-To: Peter Edwards <peter.edwards@openet-telecom.com>
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-bugs>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-bugs>
X-Loop: FreeBSD.org

The following reply was made to PR kern/37554; it has been noted by GNATS.

From: Peter Edwards <peter.edwards@openet-telecom.com>
To: freebsd-gnats-submit@FreeBSD.org, pmedwards@eircom.net
Cc:  
Subject: Re: kern/37554: [PATCH] Make ELF shared libraries immutable once
 loaded (like executables)
Date: Thu, 13 Jun 2002 20:19:11 +0100

 Hm. This is possibly a nicer way to do it, and certainly a smaller, if more 
 intrusive, patch. It changes the semantics of mmap() somewhat, but I think 
 in a reasonable way, and it avoids all that ugliness in the run-time linker.
 
 Basically, a request for PROT_EXEC on a regular file will cause it to become 
 immutable:
 
 
 --- vm_mmap.c   3 Nov 2001 01:41:10 -0000       1.108.2.5
 +++ vm_mmap.c   13 Jun 2002 19:15:28 -0000
 @@ -406,8 +406,17 @@
 
          error = vm_mmap(&vms->vm_map, &addr, size, prot, maxprot,
              flags, handle, pos);
 -       if (error == 0)
 +       if (error == 0) {
                  p->p_retval[0] = (register_t) (addr + pageoff);
 +               /*
 +                * A successful map for a regular file, with execute access:
 +                * mark the vnode immutable.
 +                * XXX: GCC warns, but (handle == 0 || handle == vp)
 +                * I'm not sure of the "correct" way to avoid this.
 +                */
 +               if (handle && vp->v_type == VREG && (prot & PROT_EXEC))
 +                       vp->v_flag |= VTEXT;
 +       }
   done:
          if (fp)
                  fdrop(fp, p);
 
 
 
 Of course, the utility of all this is questionable: I just wanted the 
 functionality for something locally.
 Cheers,
 Peter
 

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message