On 15/08/25(Fri) 09:39, Miod Vallat wrote:
> > Please don't. Keeping that page read-only is important for security.
> > Maybe if nobody cares about the amd64 and i386 pmaps we should just
> > delete those architectures?
>
> But remember, because the end argument was wrong (sz instead of va +
> sz), this call did *nothing*.
>
> At least the commented out code will be correct now.
Exactly. Since you committed this code Mark it does nothing. That's
what I said in the original report it's dead code.
Index: kern/kern_exec.c
===================================================================
RCS file: /cvs/src/sys/kern/kern_exec.c,v
diff -u -p -r1.266 kern_exec.c
--- kern/kern_exec.c 15 Aug 2025 04:21:00 -0000 1.266
+++ kern/kern_exec.c 15 Aug 2025 09:33:27 -0000
@@ -875,12 +875,11 @@ exec_sigcode_map(struct process *pr)
int r;
sigobject = uao_create(sz, 0);
- uao_reference(sigobject); /* permanent reference */
-
if ((r = uvm_map(kernel_map, &va, round_page(sz), sigobject,
0, 0, UVM_MAPFLAG(PROT_READ | PROT_WRITE, PROT_READ |
PROT_WRITE,
MAP_INHERIT_SHARE, MADV_RANDOM, 0)))) {
uao_detach(sigobject);
+ sigobject = NULL;
return (ENOMEM);
}
@@ -891,9 +890,20 @@ exec_sigcode_map(struct process *pr)
left -= chunk;
}
memcpy((caddr_t)va, sigcode, sz);
-
- (void) uvm_map_protect(kernel_map, va, round_page(sz),
+#if notyet
+ /*
+ * This has never been tested on pmap_kernel() and blow up
+ * at least on amd64.
+ */
+ r = uvm_map_protect(kernel_map, va, round_page(va + sz),
PROT_READ, 0, FALSE, FALSE);
+ if (r) {
+ uvm_unmap(kernel_map, va, round_page(va + sz));
+ sigobject = NULL;
+ return (r);
+ }
+#endif
+ uao_reference(sigobject); /* permanent reference */
sigcode_va = va;
sigcode_sz = round_page(sz);
}
