vm_map_growstack(): handle max protection for stacks

Do not assume that protection is same as max_protection. Store both in offset, packed in the same way as the prot syscall parameter. Reviewed by: alc, markj (previous version) Tested by: pho Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D41099
2023-07-25 16:56:29 +03:00 · 2023-07-25 16:56:29 +03:00 · aa928a5216
commit aa928a5216
parent 0fb6aae7f0
1 changed files with 5 additions and 4 deletions
--- a/sys/vm/vm_map.c
+++ b/sys/vm/vm_map.c
@ -4605,7 +4605,7 @@ vm_map_stack_locked(vm_map_t map, vm_offset_t addrbos, vm_size_t max_ssize,
 		 * object offset.
 		 */
 		gap_entry->next_read = sgp;
-		gap_entry->offset = prot;
+		gap_entry->offset = prot | PROT_MAX(max);
 	} else {
 		(void)vm_map_delete(map, bot, top);
 	}
@ -4625,7 +4625,7 @@ vm_map_growstack(vm_map_t map, vm_offset_t addr, vm_map_entry_t gap_entry)
 	struct ucred *cred;
 	vm_offset_t gap_end, gap_start, grow_start;
 	vm_size_t grow_amount, guard, max_grow;
-	vm_prot_t prot;
+	vm_prot_t prot, max;
 	rlim_t lmemlim, stacklim, vmemlim;
 	int rv, rv1 __diagused;
 	bool gap_deleted, grow_down, is_procstack;
@ -4770,7 +4770,8 @@ vm_map_growstack(vm_map_t map, vm_offset_t addr, vm_map_entry_t gap_entry)
 		 * The gap_entry "offset" field is overloaded.  See
 		 * vm_map_stack_locked().
 		 */
-		prot = gap_entry->offset;
+		prot = PROT_EXTRACT(gap_entry->offset);
+		max = PROT_MAX_EXTRACT(gap_entry->offset);

 		grow_start = gap_entry->end - grow_amount;
 		if (gap_entry->start + grow_amount == gap_entry->end) {
@ -4784,7 +4785,7 @@ vm_map_growstack(vm_map_t map, vm_offset_t addr, vm_map_entry_t gap_entry)
 			gap_deleted = false;
 		}
 		rv = vm_map_insert(map, NULL, 0, grow_start,
-		    grow_start + grow_amount, prot, prot, MAP_STACK_GROWS_DOWN);
+		    grow_start + grow_amount, prot, max, MAP_STACK_GROWS_DOWN);
 		if (rv != KERN_SUCCESS) {
 			if (gap_deleted) {
 				rv1 = vm_map_insert(map, NULL, 0, gap_start,