Delay permission checks for VCHR vnodes until after vnode is locked in

vm_mmap_vnode function, where we can safely check for a special /dev/zero case. Rev. 1.180 has reordered checks and introduced a regression. Submitted by: alc Was broken by: kan
2004-04-05 04:54:22 +00:00 · 2004-04-05 04:54:22 +00:00 · 4cdcf07096
commit 4cdcf07096
parent 6ce9793803
1 changed files with 7 additions and 2 deletions
--- a/sys/vm/vm_mmap.c
+++ b/sys/vm/vm_mmap.c
@ -341,14 +341,14 @@ mmap(td, uap)
 		 * permission although we opened it without asking
 		 * for it, bail out.
 		 */
-		if ((flags & MAP_SHARED) != 0 || vp->v_type == VCHR) {
+		if ((flags & MAP_SHARED) != 0) {
 			if ((fp->f_flag & FWRITE) != 0) {
 				maxprot |= VM_PROT_WRITE;
 			} else if ((prot & PROT_WRITE) != 0) {
 				error = EACCES;
 				goto done;
 			}
-		} else {
+		} else if (vp->v_type != VCHR || (fp->f_flag & FWRITE) != 0) {
 			maxprot |= VM_PROT_WRITE;
 		}
 		handle = (void *)vp;
@ -1113,6 +1113,11 @@ vm_mmap_vnode(struct thread *td, vm_size_t objsize,
 		/*
 		 * cdevs does not provide private mappings of any kind.
 		 */
+		if ((*maxprotp & VM_PROT_WRITE) == 0 &&
+		    (prot & PROT_WRITE) != 0) {
+			error = EACCES;
+			goto done;
+		}
 		/*
 		 * However, for XIG X server to continue to work,
 		 * we should allow the superuser to do it anyway.