[PATCH] mm: add a note about partially hardcoded VM_* flags
Paolo 'Blaisorblade' Giarrusso [Wed, 21 Sep 2005 16:55:39 +0000 (09:55 -0700)]
Hugh made me note this line for permission checking in mprotect():

if ((newflags & ~(newflags >> 4)) & 0xf) {

after figuring out what's that about, I decided it's nasty enough.  Btw
Hugh itself didn't like the 0xf.

We can safely change it to VM_READ|VM_WRITE|VM_EXEC because we never change
VM_SHARED, so no need to check that.

Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Acked-by: Hugh Dickins <hugh@veritas.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

include/linux/mm.h
mm/mprotect.c

index 0d94c94..097b3a3 100644 (file)
@@ -136,6 +136,7 @@ extern unsigned int kobjsize(const void *objp);
 #define VM_EXEC                0x00000004
 #define VM_SHARED      0x00000008
 
+/* mprotect() hardcodes VM_MAYREAD >> 4 == VM_READ, and so for r/w/x bits. */
 #define VM_MAYREAD     0x00000010      /* limits for mprotect() etc */
 #define VM_MAYWRITE    0x00000020
 #define VM_MAYEXEC     0x00000040
index e9fbd01..57577f6 100644 (file)
@@ -248,7 +248,8 @@ sys_mprotect(unsigned long start, size_t len, unsigned long prot)
 
                newflags = vm_flags | (vma->vm_flags & ~(VM_READ | VM_WRITE | VM_EXEC));
 
-               if ((newflags & ~(newflags >> 4)) & 0xf) {
+               /* newflags >> 4 shift VM_MAY% in place of VM_% */
+               if ((newflags & ~(newflags >> 4)) & (VM_READ | VM_WRITE | VM_EXEC)) {
                        error = -EACCES;
                        goto out;
                }