Date: Thu, 20 Jul 2023 14:12:54 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 272585] calling mprotect in an mmap-ed stack can affect non-target pages Message-ID: <bug-272585-227-bfnyUUpXBf@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-272585-227@https.bugs.freebsd.org/bugzilla/> References: <bug-272585-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272585 --- Comment #2 from commit-hook@FreeBSD.org --- A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3D21e45c30c35c9aa732073f725924caf58= 1c93460 commit 21e45c30c35c9aa732073f725924caf581c93460 Author: Konstantin Belousov <kib@FreeBSD.org> AuthorDate: 2023-07-19 11:05:32 +0000 Commit: Konstantin Belousov <kib@FreeBSD.org> CommitDate: 2023-07-20 14:11:42 +0000 mmap(MAP_STACK): on stack grow, use original protection If mprotect(2) changed protection in the bottom of the currently grown stack region, currently the changed protection would be used for the stack grow on next fault. This is arguably unexpected. Store the original protection for the entry at mmap(2) time in the offset member of the gap vm_map_entry, and use it for protection of the grown stack region. PR: 272585 Reported by: John F. Carr <jfc@mit.edu> Reviewed by: alc, markj Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D41089 sys/vm/vm_map.c | 24 ++++++++++++++++-------- sys/vm/vm_map.h | 4 ++++ 2 files changed, 20 insertions(+), 8 deletions(-) --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-272585-227-bfnyUUpXBf>