From owner-freebsd-current@FreeBSD.ORG Mon Sep 15 07:05:29 2003 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C349E16A4BF for ; Mon, 15 Sep 2003 07:05:29 -0700 (PDT) Received: from sweeper.openet-telecom.com (mail.openet-telecom.com [62.17.151.60]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2A66743FB1 for ; Mon, 15 Sep 2003 07:05:27 -0700 (PDT) (envelope-from peter.edwards@openet-telecom.com) Received: from mail.openet-telecom.com (unverified) by sweeper.openet-telecom.com ; Mon, 15 Sep 2003 15:09:18 +0100 Received: from openet-telecom.com (10.0.0.40) by mail.openet-telecom.com (NPlex 6.5.027) (authenticated as peter.edwards@openet-telecom.com) id 3F56E5C100008245; Mon, 15 Sep 2003 15:02:36 +0100 Message-ID: <3F65C725.6090300@openet-telecom.com> Date: Mon, 15 Sep 2003 15:05:25 +0100 From: Peter Edwards User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.4) Gecko/20030825 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Terry Lambert References: <1062686653.67807.77.camel@localhost> <20030904174858.L78363@volatile.chemikals.org> <3F584702.82473957@mindspring.com> In-Reply-To: <3F584702.82473957@mindspring.com> Content-Type: multipart/mixed; boundary="------------060405060803020304090006" cc: Paul Richards cc: current@freebsd.org Subject: Re: Text file busy X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: pmedwards@eircom.net List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Sep 2003 14:05:30 -0000 This is a multi-part message in MIME format. --------------060405060803020304090006 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Terry Lambert wrote: >Wesley Morgan wrote: > > >>It's also unfortunate that this protection does not seem to extend to >>libaries. I've had some in-use X libraries get overwritten with some very >>colorful results. >> >> > >So send patches. > > I did a year ago :-) See PR 37554. (Not the original patch, the self-follow-up). That was for 4.5-STABLE: It's been running on a box that does nightly builds of -current and -stable (and infrequent installworlds of -stable) since then without any ill effects. A -current equivalent (with a sysctl knob, "vm.mmap_exec_immutable", to turn the behaviour on/off) is attached, in case anyone's interested. As noted in the original PR, the choice of PROT_EXEC to decide to add VV_TEXT to the vnode might be better done with a new mmap flag, say, PROT_IMMUTABLE or something, but PROT_EXEC works fine for me. --------------060405060803020304090006 Content-Type: text/plain; name="vm_mmap_patch.txt" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="vm_mmap_patch.txt" Index: sys/vm/vm_mmap.c =================================================================== RCS file: /pub/FreeBSD/development/FreeBSD-CVS/src/sys/vm/vm_mmap.c,v retrieving revision 1.165 diff -u -r1.165 vm_mmap.c --- sys/vm/vm_mmap.c 7 Sep 2003 18:47:54 -0000 1.165 +++ sys/vm/vm_mmap.c 15 Sep 2003 13:36:46 -0000 @@ -91,6 +91,11 @@ static int max_proc_mmap; SYSCTL_INT(_vm, OID_AUTO, max_proc_mmap, CTLFLAG_RW, &max_proc_mmap, 0, ""); +static int mmap_exec_immutable = 1; +SYSCTL_INT(_vm, OID_AUTO, mmap_exec_immutable, CTLFLAG_RW, + &mmap_exec_immutable, 1, "mmap(2) of a regular file for execute access " + "marks the file as immutable"); + /* * Set the maximum number of vm_map_entry structures per process. Roughly * speaking vm_map_entry structures are tiny, so allowing them to eat 1/100 @@ -443,8 +448,18 @@ error = vm_mmap(&vms->vm_map, &addr, size, prot, maxprot, flags, handle, pos); mtx_lock(&Giant); - if (error == 0) + if (error == 0) { + /* + * If mapping a regular file as PROT_EXEC, and configured to, + * mark the file as immutable + */ + if (mmap_exec_immutable && + handle != NULL && vp != NULL && + (prot & PROT_EXEC) && vp->v_type == VREG) + vp->v_vflag |= VV_TEXT; td->td_retval[0] = (register_t) (addr + pageoff); + } + done: if (vp) vput(vp); --------------060405060803020304090006--