Date: Tue, 14 Feb 2017 10:42:23 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-fs@FreeBSD.org Subject: [Bug 217062] for file systems mounted with -o noexec, exec=off property does not work for mmap Message-ID: <bug-217062-3630-zzADqpyv6y@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-217062-3630@https.bugs.freebsd.org/bugzilla/> References: <bug-217062-3630@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D217062 --- Comment #3 from shamaz.mazum@gmail.com --- Created attachment 179980 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D179980&action= =3Dedit Minimal test (In reply to Konstantin Belousov from comment #2) Oh, I thought noexec means complete 100% protection from any execution ;) B= ut I have some doubts. What does the following code means in sys/kern/vfs_vnops.= c ? /* * Ensure that file and memory protections are * compatible. Note that we only worry about * writability if mapping is shared; in this case, * current and max prot are dictated by the open file. * XXX use the vnode instead? Problem is: what * credentials do we use for determination? What if * proc does a setuid? */ mp =3D vp->v_mount; if (mp !=3D NULL && (mp->mnt_flag & MNT_NOEXEC) !=3D 0) maxprot =3D VM_PROT_NONE; else maxprot =3D VM_PROT_EXECUTE; if ((fp->f_flag & FREAD) !=3D 0) maxprot |=3D VM_PROT_READ; else if ((prot & VM_PROT_READ) !=3D 0) return (EACCES); The source is vn_map() function in source src/sys/kern/vfs_vnops.c A minimal test as you asked. Compile it and launch with any file on no-exec filesystem as its only argument. It tries to do mmap() and mprotect() and returns results --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-217062-3630-zzADqpyv6y>