Fix write only mappings on arm64

When trapping on a wrote access to a buffer the kernel has mapped as write
only we should only pass the VM_PROT_WRITE flag. Previously the call to
vm_fault_trap as the VM_PROT_READ flag was unexpected.

Reported by:	manu
Sponsored by:	Innovate UK
This commit is contained in:
Andrew Turner 2020-10-13 10:26:15 +00:00
parent 2cef3afd7b
commit f56a08c810
2 changed files with 17 additions and 1 deletions

View File

@ -301,7 +301,7 @@ data_abort(struct thread *td, struct trapframe *frame, uint64_t esr,
break;
default:
ftype = (esr & ISS_DATA_WnR) == 0 ? VM_PROT_READ :
VM_PROT_READ | VM_PROT_WRITE;
VM_PROT_WRITE;
break;
}

View File

@ -259,6 +259,21 @@ ATF_TC_BODY(mmap__dev_zero_shared, tc)
close(fd);
}
ATF_TC_WITHOUT_HEAD(mmap__write_only);
ATF_TC_BODY(mmap__write_only, tc)
{
void *p;
int pagesize;
ATF_REQUIRE((pagesize = getpagesize()) > 0);
p = mmap(NULL, pagesize, PROT_WRITE, MAP_ANON, -1, 0);
ATF_REQUIRE(p != MAP_FAILED);
*(volatile uint32_t *)p = 0x12345678;
munmap(p, pagesize);
}
ATF_TP_ADD_TCS(tp)
{
@ -266,6 +281,7 @@ ATF_TP_ADD_TCS(tp)
ATF_TP_ADD_TC(tp, mmap__bad_arguments);
ATF_TP_ADD_TC(tp, mmap__dev_zero_private);
ATF_TP_ADD_TC(tp, mmap__dev_zero_shared);
ATF_TP_ADD_TC(tp, mmap__write_only);
return (atf_no_error());
}