From: deraadt Date: Sat, 20 Jan 2024 13:19:37 +0000 (+0000) Subject: Early during mimmutable(2) development, we had a big problem with the X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=38558285c928dfef552f8b65b2631f0a433f7b4c;p=openbsd Early during mimmutable(2) development, we had a big problem with the chrome v8_flags variable's placement in bss, and as a workaround made it possible to demote a mimmutable mapping's permissions from RW to R. Further mimmutable-related work in libc's malloc created the same problem, which led to a better design: objects could be placed into .openbsd.mutable region, and then at runtime their permission and immutability could be manipulated better. So the RW to R demotion logic is no longer being used, and now this semantic is being deleted. ok kettenis --- diff --git a/lib/libc/sys/mimmutable.2 b/lib/libc/sys/mimmutable.2 index b97783559a7..03fff5cc747 100644 --- a/lib/libc/sys/mimmutable.2 +++ b/lib/libc/sys/mimmutable.2 @@ -1,4 +1,4 @@ -.\" $OpenBSD: mimmutable.2,v 1.3 2022/11/06 20:15:44 jmc Exp $ +.\" $OpenBSD: mimmutable.2,v 1.4 2024/01/20 13:19:37 deraadt Exp $ .\" .\" Copyright (c) 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -29,7 +29,7 @@ .\" .\" @(#)mimmutable.2 8.1 (Berkeley) 6/9/93 .\" -.Dd $Mdocdate: November 6 2022 $ +.Dd $Mdocdate: January 20 2024 $ .Dt MIMMUTABLE 2 .Os .Sh NAME @@ -81,16 +81,3 @@ The .Fn mimmutable function first appeared in .Ox 7.3 . -.Sh CAVEATS -At present, -.Xr mprotect 2 -may reduce permissions on immutable pages marked -.Dv PROT_READ | PROT_WRITE -to the less permissive -.Dv PROT_READ . -This one-way operation is permitted for an introductory period to observe how -software uses this mechanism. -It may change to require explicit mutable region annotation with -.Va __attribute__((section(".openbsd.mutable"))) -and explicit calls to -.Fn mimmutable . diff --git a/sys/uvm/uvm_map.c b/sys/uvm/uvm_map.c index 5164357733f..5078f3a229d 100644 --- a/sys/uvm/uvm_map.c +++ b/sys/uvm/uvm_map.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uvm_map.c,v 1.320 2024/01/16 19:05:01 deraadt Exp $ */ +/* $OpenBSD: uvm_map.c,v 1.321 2024/01/20 13:19:39 deraadt Exp $ */ /* $NetBSD: uvm_map.c,v 1.86 2000/11/27 08:40:03 chs Exp $ */ /* @@ -3144,16 +3144,9 @@ uvm_map_protect(struct vm_map *map, vaddr_t start, vaddr_t end, if (iter->start == iter->end || UVM_ET_ISHOLE(iter)) continue; - if (checkimmutable && - (iter->etype & UVM_ET_IMMUTABLE)) { - if (iter->protection == (PROT_READ | PROT_WRITE) && - new_prot == PROT_READ) { - /* Permit RW to R as a data-locking mechanism */ - ; - } else { - error = EPERM; - goto out; - } + if (checkimmutable && (iter->etype & UVM_ET_IMMUTABLE)) { + error = EPERM; + goto out; } old_prot = iter->protection; if (old_prot == PROT_NONE && new_prot != old_prot) {