On Tue, Feb 18, 2020 at 07:26:31PM -0800, Jordan Hand wrote:
> if (!page || (~page->vm_max_prot_bits & vm_prot_bits))
> return -EACCESS
>
> This means that for any process where READ_IMPLIES_EXECUTE is set and
> page where (vma->vm_flags & VM_MAYEXEC) == true, mmap/mprotect calls to
> that request PROT_READ on a page that was not added with PROT_EXEC will
> fail.
Right. You would end up requesting RX from a R region.
And you are suggesting that we tweak it along the lines of to make RIE
processes work:
unsigned long max_prot_bits = page->vm_max_prot_bits;
if (!!(current->personality & READ_IMPLIES_EXEC) &&
vma->vm_flags & VM_MAY_EXEC)
max_prot_bits |= VM_EXEC;
/* ... */
if (!page || (~max_prot_bits & vm_prot_bits))
return -EACCESS
?
/Jarkko
