On Mon, Jan 23, 2023 at 05:10:08PM +0100, David Hildenbrand wrote:
On 23.01.23 17:04, Catalin Marinas wrote:
quoted
On Mon, Jan 23, 2023 at 01:53:46PM +0100, David Hildenbrand wrote:
quoted
That at least would be then similar to how we handle mmaped files: if the
file is not executable, we clear VM_MAYEXEC. If the file is not writable, we
clear VM_MAYWRITE.
We still allow VM_MAYWRITE for private mappings, though we do clear
VM_MAYEXEC if not executable.
It would be nice to use VM_MAY* flags for this logic but we can only
emulate MDWE if we change the semantics of 'MAY': only check the 'MAY'
flags for permissions being changed (e.g. allow PROT_EXEC if the vma is
already VM_EXEC even if !VM_MAYEXEC). Another issue is that we end up
with some weird combinations like having VM_EXEC without VM_MAYEXEC
(maybe that's fine).
No, we wouldn't want VM_EXEC if VM_MAYEXEC is not set. I don't immediately
see how that would happen.
You are right, this shouldn't happen. What I had in mind was the current
MDWE model where after an mmap(PROT_EXEC), any mprotect(PROT_EXEC) is
denied. But this series departs slightly from this since we want to
allow PROT_EXEC if already executable.
--
Catalin
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel