Re: CVS commit: src/sys/uvm

To: source-changes-d%NetBSD.org@localhost
Subject: Re: CVS commit: src/sys/uvm
From: Joerg Sonnenberger <joerg%bec.de@localhost>
Date: Fri, 19 May 2017 18:22:32 +0200

On Fri, May 19, 2017 at 04:14:03PM +0000, coypu%sdf.org@localhost wrote:
> On Fri, May 19, 2017 at 03:30:19PM +0000, Chuck Silvers wrote:
> > Module Name:	src
> > Committed By:	chs
> > Date:		Fri May 19 15:30:19 UTC 2017
> > 
> > Modified Files:
> > 	src/sys/uvm: uvm_map.c uvm_mmap.c
> > 
> > Log Message:
> > make MAP_FIXED mapping operations atomic. fixes PR 52239.
> > previously, unmapping any entries being replaced was done separately
> > from entering the new mapping, which allowed another thread doing
> > a non-MAP_FIXED mapping to allocate the range out from under the
> > MAP_FIXED thread.
> 
> Does that have security ramifications?

It's a form of memory corruption under races. We should issue a SN for
it, but I don't think MAP_FIXED is that popular in general. The case in
jemalloc is now better served by using mprotect and PROT_MPROTECT, btw.

Joerg

Follow-Ups:
- Re: CVS commit: src/sys/uvm
  - From: Christos Zoulas

References:
- Re: CVS commit: src/sys/uvm
  - From: coypu

Prev by Date: Re: CVS commit: src/sys/uvm
Next by Date: Re: CVS commit: src/sys/uvm
Previous by Thread: Re: CVS commit: src/sys/uvm
Next by Thread: Re: CVS commit: src/sys/uvm
Indexes:

Home | Main Index | Thread Index | Old Index