Re: [PATCH][RFC] introduce a mmap MAP

All of lore.kernel.org
 help / color / mirror / Atom feed

* Re: [PATCH][RFC] introduce a mmap MAP_DONTEXPAND flag
       [not found] <1yz3a-k2-33@gated-at.bofh.it>
@ 2004-03-18  0:58 ` Andi Kleen
  2004-03-11 15:22   ` Bart Oldeman
  0 siblings, 1 reply; 3+ messages in thread
From: Andi Kleen @ 2004-03-18  0:58 UTC (permalink / raw)
  To: Bart Oldeman; +Cc: linux-kernel

Bart Oldeman <bartoldeman@users.sourceforge.net> writes:

>  			return -EPERM;
> --- include/asm-i386/mman.h~	Sat Oct 25 19:42:58 2003
> +++ include/asm-i386/mman.h	Thu Mar 11 13:37:33 2004
> @@ -22,6 +22,7 @@
>  #define MAP_NORESERVE	0x4000		/* don't check for reservations */
>  #define MAP_POPULATE	0x8000		/* populate (prefault) pagetables */
>  #define MAP_NONBLOCK	0x10000		/* do not block on IO */
> +#define MAP_DONTEXPAND	0x20000		/* do not allow mremap to expand */

*always* when you change something in asm-i386 check if other architectures
need changing too. Your patch would break compilation for everybody !i386

-Andi


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH][RFC] introduce a mmap MAP_DONTEXPAND flag
  2004-03-18  0:58 ` [PATCH][RFC] introduce a mmap MAP_DONTEXPAND flag Andi Kleen
@ 2004-03-11 15:22   ` Bart Oldeman
  0 siblings, 0 replies; 3+ messages in thread
From: Bart Oldeman @ 2004-03-11 15:22 UTC (permalink / raw)
  To: Andi Kleen; +Cc: linux-kernel

On Thu, 18 Mar 2004, Andi Kleen wrote:

> Bart Oldeman <bartoldeman@users.sourceforge.net> writes:
>
> >  			return -EPERM;
> > --- include/asm-i386/mman.h~	Sat Oct 25 19:42:58 2003
> > +++ include/asm-i386/mman.h	Thu Mar 11 13:37:33 2004
> > @@ -22,6 +22,7 @@
> >  #define MAP_NORESERVE	0x4000		/* don't check for reservations */
> >  #define MAP_POPULATE	0x8000		/* populate (prefault) pagetables */
> >  #define MAP_NONBLOCK	0x10000		/* do not block on IO */
> > +#define MAP_DONTEXPAND	0x20000		/* do not allow mremap to expand */
>
> *always* when you change something in asm-i386 check if other architectures
> need changing too. Your patch would break compilation for everybody !i386

that's the reason for my i386 comment and the "RFC". Just asking if people
do or do not like the idea. Anyway, I've done the whole bunch now.

--- mm/mmap.c~	Wed Feb 25 19:21:10 2004
+++ mm/mmap.c	Thu Mar 11 13:39:52 2004
@@ -511,6 +511,10 @@
 	vm_flags = calc_vm_prot_bits(prot) | calc_vm_flag_bits(flags) |
 			mm->def_flags | VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC;

+	if (flags & MAP_DONTEXPAND) {
+		vm_flags |= VM_DONTEXPAND;
+	}
+
 	if (flags & MAP_LOCKED) {
 		if (!capable(CAP_IPC_LOCK))
 			return -EPERM;
diff -ur include_old/asm-alpha/mman.h include/asm-alpha/mman.h
--- include_old/asm-alpha/mman.h	Sat Oct 25 19:42:47 2003
+++ include/asm-alpha/mman.h	Thu Mar 11 15:09:03 2004
@@ -28,6 +28,7 @@
 #define MAP_NORESERVE	0x10000		/* don't check for reservations */
 #define MAP_POPULATE	0x20000		/* populate (prefault) pagetables */
 #define MAP_NONBLOCK	0x40000		/* do not block on IO */
+#define MAP_DONTEXPAND	0x80000		/* do not allow mremap to expand */

 #define MS_ASYNC	1		/* sync memory asynchronously */
 #define MS_SYNC		2		/* synchronous memory sync */
diff -ur include_old/asm-arm/mman.h include/asm-arm/mman.h
--- include_old/asm-arm/mman.h	Sat Oct 25 19:43:19 2003
+++ include/asm-arm/mman.h	Thu Mar 11 15:09:09 2004
@@ -22,6 +22,7 @@
 #define MAP_NORESERVE	0x4000		/* don't check for reservations */
 #define MAP_POPULATE	0x8000		/* populate (prefault) page tables */
 #define MAP_NONBLOCK	0x10000		/* do not block on IO */
+#define MAP_DONTEXPAND	0x20000		/* do not allow mremap to expand */

 #define MS_ASYNC	1		/* sync memory asynchronously */
 #define MS_INVALIDATE	2		/* invalidate the caches */
diff -ur include_old/asm-arm26/mman.h include/asm-arm26/mman.h
--- include_old/asm-arm26/mman.h	Sat Oct 25 19:42:49 2003
+++ include/asm-arm26/mman.h	Thu Mar 11 15:09:15 2004
@@ -22,6 +22,7 @@
 #define MAP_NORESERVE	0x4000		/* don't check for reservations */
 #define MAP_POPULATE    0x8000          /* populate (prefault) page tables */
 #define MAP_NONBLOCK    0x10000         /* do not block on IO */
+#define MAP_DONTEXPAND	0x20000		/* do not allow mremap to expand */

 #define MS_ASYNC	1		/* sync memory asynchronously */
 #define MS_INVALIDATE	2		/* invalidate the caches */
diff -ur include_old/asm-cris/mman.h include/asm-cris/mman.h
--- include_old/asm-cris/mman.h	Sat Oct 25 19:44:49 2003
+++ include/asm-cris/mman.h	Thu Mar 11 15:09:19 2004
@@ -24,6 +24,7 @@
 #define MAP_NORESERVE	0x4000		/* don't check for reservations */
 #define MAP_POPULATE	0x8000		/* populate (prefault) pagetables */
 #define MAP_NONBLOCK	0x10000		/* do not block on IO */
+#define MAP_DONTEXPAND	0x20000		/* do not allow mremap to expand */

 #define MS_ASYNC	1		/* sync memory asynchronously */
 #define MS_INVALIDATE	2		/* invalidate the caches */
diff -ur include_old/asm-h8300/mman.h include/asm-h8300/mman.h
--- include_old/asm-h8300/mman.h	Sat Oct 25 19:43:51 2003
+++ include/asm-h8300/mman.h	Thu Mar 11 15:09:40 2004
@@ -19,6 +19,7 @@
 #define MAP_EXECUTABLE	0x1000		/* mark it as an executable */
 #define MAP_LOCKED	0x2000		/* pages are locked */
 #define MAP_NORESERVE	0x4000		/* don't check for reservations */
+#define MAP_DONTEXPAND	0x8000		/* do not allow mremap to expand */

 #define MS_ASYNC	1		/* sync memory asynchronously */
 #define MS_INVALIDATE	2		/* invalidate the caches */
diff -ur include_old/asm-i386/mman.h include/asm-i386/mman.h
--- include_old/asm-i386/mman.h	Sat Oct 25 19:42:58 2003
+++ include/asm-i386/mman.h	Thu Mar 11 15:08:26 2004
@@ -22,6 +22,7 @@
 #define MAP_NORESERVE	0x4000		/* don't check for reservations */
 #define MAP_POPULATE	0x8000		/* populate (prefault) pagetables */
 #define MAP_NONBLOCK	0x10000		/* do not block on IO */
+#define MAP_DONTEXPAND	0x20000		/* do not allow mremap to expand */

 #define MS_ASYNC	1		/* sync memory asynchronously */
 #define MS_INVALIDATE	2		/* invalidate the caches */
diff -ur include_old/asm-ia64/mman.h include/asm-ia64/mman.h
--- include_old/asm-ia64/mman.h	Wed Feb 25 19:21:01 2004
+++ include/asm-ia64/mman.h	Thu Mar 11 15:11:10 2004
@@ -30,6 +30,7 @@
 #define MAP_NORESERVE	0x04000		/* don't check for reservations */
 #define MAP_POPULATE	0x08000		/* populate (prefault) pagetables */
 #define MAP_NONBLOCK	0x10000		/* do not block on IO */
+#define MAP_DONTEXPAND	0x20000		/* do not allow mremap to expand */

 #define MS_ASYNC	1		/* sync memory asynchronously */
 #define MS_INVALIDATE	2		/* invalidate the caches */
diff -ur include_old/asm-m68k/mman.h include/asm-m68k/mman.h
--- include_old/asm-m68k/mman.h	Sat Oct 25 19:43:02 2003
+++ include/asm-m68k/mman.h	Thu Mar 11 15:11:06 2004
@@ -22,6 +22,7 @@
 #define MAP_NORESERVE	0x4000		/* don't check for reservations */
 #define MAP_POPULATE	0x8000		/* populate (prefault) pagetables */
 #define MAP_NONBLOCK	0x10000		/* do not block on IO */
+#define MAP_DONTEXPAND	0x20000		/* do not allow mremap to expand */

 #define MS_ASYNC	1		/* sync memory asynchronously */
 #define MS_INVALIDATE	2		/* invalidate the caches */
diff -ur include_old/asm-ppc/mman.h include/asm-ppc/mman.h
--- include_old/asm-ppc/mman.h	Sat Oct 25 19:45:07 2003
+++ include/asm-ppc/mman.h	Thu Mar 11 15:10:54 2004
@@ -23,6 +23,7 @@
 #define MAP_EXECUTABLE	0x1000		/* mark it as an executable */
 #define MAP_POPULATE	0x8000		/* populate (prefault) pagetables */
 #define MAP_NONBLOCK	0x10000		/* do not block on IO */
+#define MAP_DONTEXPAND	0x20000		/* do not allow mremap to expand */

 #define MS_ASYNC	1		/* sync memory asynchronously */
 #define MS_INVALIDATE	2		/* invalidate the caches */
diff -ur include_old/asm-ppc64/mman.h include/asm-ppc64/mman.h
--- include_old/asm-ppc64/mman.h	Sat Oct 25 19:43:30 2003
+++ include/asm-ppc64/mman.h	Thu Mar 11 15:10:50 2004
@@ -28,6 +28,7 @@
 #define MAP_GROWSDOWN	0x0100		/* stack-like segment */
 #define MAP_DENYWRITE	0x0800		/* ETXTBSY */
 #define MAP_EXECUTABLE	0x1000		/* mark it as an executable */
+#define MAP_DONTEXPAND	0x2000		/* do not allow mremap to expand */

 #define MS_ASYNC	1		/* sync memory asynchronously */
 #define MS_INVALIDATE	2		/* invalidate the caches */
diff -ur include_old/asm-s390/mman.h include/asm-s390/mman.h
--- include_old/asm-s390/mman.h	Sat Oct 25 19:42:53 2003
+++ include/asm-s390/mman.h	Thu Mar 11 15:10:42 2004
@@ -30,6 +30,7 @@
 #define MAP_NORESERVE	0x4000		/* don't check for reservations */
 #define MAP_POPULATE	0x8000		/* populate (prefault) pagetables */
 #define MAP_NONBLOCK	0x10000		/* do not block on IO */
+#define MAP_DONTEXPAND	0x20000		/* do not allow mremap to expand */

 #define MS_ASYNC	1		/* sync memory asynchronously */
 #define MS_INVALIDATE	2		/* invalidate the caches */
diff -ur include_old/asm-sh/mman.h include/asm-sh/mman.h
--- include_old/asm-sh/mman.h	Sat Oct 25 19:44:35 2003
+++ include/asm-sh/mman.h	Thu Mar 11 15:10:37 2004
@@ -22,6 +22,7 @@
 #define MAP_NORESERVE	0x4000		/* don't check for reservations */
 #define MAP_POPULATE	0x8000		/* populate (prefault) page tables */
 #define MAP_NONBLOCK	0x10000		/* do not block on IO */
+#define MAP_DONTEXPAND	0x20000		/* do not allow mremap to expand */

 #define MS_ASYNC	1		/* sync memory asynchronously */
 #define MS_INVALIDATE	2		/* invalidate the caches */
diff -ur include_old/asm-sparc/mman.h include/asm-sparc/mman.h
--- include_old/asm-sparc/mman.h	Sat Oct 25 19:44:48 2003
+++ include/asm-sparc/mman.h	Thu Mar 11 15:10:30 2004
@@ -26,6 +26,7 @@
 #define MAP_GROWSDOWN	0x0200		/* stack-like segment */
 #define MAP_DENYWRITE	0x0800		/* ETXTBSY */
 #define MAP_EXECUTABLE	0x1000		/* mark it as an executable */
+#define MAP_DONTEXPAND	0x2000		/* do not allow mremap to expand */

 #define MS_ASYNC	1		/* sync memory asynchronously */
 #define MS_INVALIDATE	2		/* invalidate the caches */
diff -ur include_old/asm-sparc64/mman.h include/asm-sparc64/mman.h
--- include_old/asm-sparc64/mman.h	Sat Oct 25 19:43:36 2003
+++ include/asm-sparc64/mman.h	Thu Mar 11 15:10:21 2004
@@ -26,6 +26,7 @@
 #define MAP_GROWSDOWN	0x0200		/* stack-like segment */
 #define MAP_DENYWRITE	0x0800		/* ETXTBSY */
 #define MAP_EXECUTABLE	0x1000		/* mark it as an executable */
+#define MAP_DONTEXPAND	0x2000		/* do not allow mremap to expand */

 #define MS_ASYNC	1		/* sync memory asynchronously */
 #define MS_INVALIDATE	2		/* invalidate the caches */
diff -ur include_old/asm-v850/mman.h include/asm-v850/mman.h
--- include_old/asm-v850/mman.h	Sat Oct 25 19:44:34 2003
+++ include/asm-v850/mman.h	Thu Mar 11 15:10:00 2004
@@ -19,6 +19,7 @@
 #define MAP_EXECUTABLE	0x1000		/* mark it as an executable */
 #define MAP_LOCKED	0x2000		/* pages are locked */
 #define MAP_NORESERVE	0x4000		/* don't check for reservations */
+#define MAP_DONTEXPAND	0x8000		/* do not allow mremap to expand */

 #define MS_ASYNC	1		/* sync memory asynchronously */
 #define MS_INVALIDATE	2		/* invalidate the caches */
diff -ur include_old/asm-x86_64/mman.h include/asm-x86_64/mman.h
--- include_old/asm-x86_64/mman.h	Sat Oct 25 19:44:05 2003
+++ include/asm-x86_64/mman.h	Thu Mar 11 15:08:38 2004
@@ -23,6 +23,7 @@
 #define MAP_NORESERVE	0x4000		/* don't check for reservations */
 #define MAP_POPULATE	0x8000		/* populate (prefault) pagetables */
 #define MAP_NONBLOCK	0x10000		/* do not block on IO */
+#define MAP_DONTEXPAND	0x20000		/* do not allow mremap to expand */

 #define MS_ASYNC	1		/* sync memory asynchronously */
 #define MS_INVALIDATE	2		/* invalidate the caches */


^ permalink raw reply	[flat|nested] 3+ messages in thread

* [PATCH][RFC] introduce a mmap MAP_DONTEXPAND flag
@ 2004-03-11 14:03 Bart Oldeman
  0 siblings, 0 replies; 3+ messages in thread
From: Bart Oldeman @ 2004-03-11 14:03 UTC (permalink / raw)
  To: linux-kernel

Sometimes it is advantageous to mmap a special portion of /dev/mem
(framebuffer, ...) before dropping root priviliges. However right now a
program can simply mremap that area even after dropping root and if the
/dev/mem file descriptor is closed, thus being able to access arbitrary
portions of /dev/mem beyond the initial VMA start.

An idea to get around this is to expose the VM_DONTEXPAND flag to user
space via a MAP_DONTEXPAND flag, to be able to get failure in the
following example program (when it's suid-root):

#include <fcntl.h>
#include <unistd.h>
#include <stdio.h>
#include <sys/mman.h>

#define MAP_DONTEXPAND 0x20000

int main(void)
{
	int fd = open("/dev/mem", O_RDWR);
	mmap((char *)0xb8000, 0x8000, PROT_READ | PROT_WRITE,
          MAP_SHARED|MAP_FIXED|MAP_DONTEXPAND, fd, 0xb8000);
	close(fd);
	setuid(getuid());
	printf("%x\n", mremap((char *)0xb8000, 0x8000, 0x1000000, 0));
}


The patch below (for 2.6.3) is for i386 only but is easy to adjust
for other architectures, just because each of them has their own asm/mman.h.

Unless I'm completely overlooking something here ....

Bart

--- mm/mmap.c~	Wed Feb 25 19:21:10 2004
+++ mm/mmap.c	Thu Mar 11 13:39:52 2004
@@ -511,6 +511,10 @@
 	vm_flags = calc_vm_prot_bits(prot) | calc_vm_flag_bits(flags) |
 			mm->def_flags | VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC;

+	if (flags & MAP_DONTEXPAND) {
+		vm_flags |= VM_DONTEXPAND;
+	}
+
 	if (flags & MAP_LOCKED) {
 		if (!capable(CAP_IPC_LOCK))
 			return -EPERM;
--- include/asm-i386/mman.h~	Sat Oct 25 19:42:58 2003
+++ include/asm-i386/mman.h	Thu Mar 11 13:37:33 2004
@@ -22,6 +22,7 @@
 #define MAP_NORESERVE	0x4000		/* don't check for reservations */
 #define MAP_POPULATE	0x8000		/* populate (prefault) pagetables */
 #define MAP_NONBLOCK	0x10000		/* do not block on IO */
+#define MAP_DONTEXPAND	0x20000		/* do not allow mremap to expand */

 #define MS_ASYNC	1		/* sync memory asynchronously */
 #define MS_INVALIDATE	2		/* invalidate the caches */


^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2004-03-11 15:22 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
     [not found] <1yz3a-k2-33@gated-at.bofh.it>
2004-03-18  0:58 ` [PATCH][RFC] introduce a mmap MAP_DONTEXPAND flag Andi Kleen
2004-03-11 15:22   ` Bart Oldeman
2004-03-11 14:03 Bart Oldeman

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.