Acquire write permissions before zeroing page in ELF loader

f81b722bf0 is a regression. If a read-only segment does not begin on a page boundary, it would cause the ELF loader to blow up.
10 years ago · c6b55ce3a8
2 changed files with 6 additions and 2 deletions
--- a/pk/elf.c
+++ b/pk/elf.c
@ -74,9 +74,12 @@ void load_elf(const char* fn, elf_info* info)
        info->brk_min = vaddr + ph[i].p_memsz;
      int flags2 = flags | (prepad ? MAP_POPULATE : 0);
      int prot = get_prot(ph[i].p_flags);
-      if (__do_mmap(vaddr - prepad, ph[i].p_filesz + prepad, prot, flags2, file, ph[i].p_offset - prepad) != vaddr - prepad)
+      if (__do_mmap(vaddr - prepad, ph[i].p_filesz + prepad, prot | PROT_WRITE, flags2, file, ph[i].p_offset - prepad) != vaddr - prepad)
        goto fail;
      memset((void*)vaddr - prepad, 0, prepad);
+      if (!(prot & PROT_WRITE))
+        if (do_mprotect(vaddr - prepad, ph[i].p_filesz + prepad, prot))
+          goto fail;
      size_t mapped = ROUNDUP(ph[i].p_filesz + prepad, RISCV_PGSIZE) - prepad;
      if (ph[i].p_memsz > mapped)
        if (__do_mmap(vaddr + mapped, ph[i].p_memsz - mapped, prot, flags|MAP_ANONYMOUS, 0, 0) != vaddr + mapped)
--- a/pk/mmap.c
+++ b/pk/mmap.c
@ -354,7 +354,8 @@ uintptr_t do_mprotect(uintptr_t addr, size_t length, int prot)
      }
    }
  spinlock_unlock(&vm_lock);
- 
+
+  flush_tlb();
  return res;
 }