From ea36da8271c508fe4c8bcc80af20ec81c812b95a Mon Sep 17 00:00:00 2001 From: Dmitry Vyukov Date: Sat, 18 Apr 2020 10:33:03 +0200 Subject: sys/linux: use PROT_EXEC for the data section mmap Turns out the mmap protection get out of sync between executor and C reproducers. C reproducers missed PROT_EXEC. Add PROT_EXEC for linux, freebsd and akaros. --- sys/akaros/init.go | 2 +- sys/freebsd/init.go | 2 +- sys/linux/init.go | 2 +- sys/netbsd/init.go | 2 +- sys/openbsd/init.go | 2 +- sys/targets/common.go | 5 ++++- 6 files changed, 9 insertions(+), 6 deletions(-) diff --git a/sys/akaros/init.go b/sys/akaros/init.go index 5458f1462..c5098ce7f 100644 --- a/sys/akaros/init.go +++ b/sys/akaros/init.go @@ -16,7 +16,7 @@ func InitTarget(target *prog.Target) { arch := &arch{ MAP_FIXED: target.GetConst("MAP_FIXED"), } - target.MakeMmap = targets.MakePosixMmap(target) + target.MakeMmap = targets.MakePosixMmap(target, true) target.Neutralize = arch.Neutralize } diff --git a/sys/freebsd/init.go b/sys/freebsd/init.go index ecb976f91..8629ea235 100644 --- a/sys/freebsd/init.go +++ b/sys/freebsd/init.go @@ -13,7 +13,7 @@ func InitTarget(target *prog.Target) { unix: targets.MakeUnixNeutralizer(target), } - target.MakeMmap = targets.MakePosixMmap(target) + target.MakeMmap = targets.MakePosixMmap(target, true) target.Neutralize = arch.unix.Neutralize } diff --git a/sys/linux/init.go b/sys/linux/init.go index e1474995b..7638860d5 100644 --- a/sys/linux/init.go +++ b/sys/linux/init.go @@ -48,7 +48,7 @@ func InitTarget(target *prog.Target) { ARCH_SET_GS: target.ConstMap["ARCH_SET_GS"], } - target.MakeMmap = targets.MakePosixMmap(target) + target.MakeMmap = targets.MakePosixMmap(target, true) target.Neutralize = arch.neutralize target.SpecialTypes = map[string]func(g *prog.Gen, typ prog.Type, old prog.Arg) ( prog.Arg, []*prog.Call){ diff --git a/sys/netbsd/init.go b/sys/netbsd/init.go index 6591e67b7..5a07bcb09 100644 --- a/sys/netbsd/init.go +++ b/sys/netbsd/init.go @@ -13,7 +13,7 @@ func InitTarget(target *prog.Target) { unix: targets.MakeUnixNeutralizer(target), } - target.MakeMmap = targets.MakePosixMmap(target) + target.MakeMmap = targets.MakePosixMmap(target, false) target.Neutralize = arch.unix.Neutralize } diff --git a/sys/openbsd/init.go b/sys/openbsd/init.go index e27ba8d60..9f9a59ebf 100644 --- a/sys/openbsd/init.go +++ b/sys/openbsd/init.go @@ -19,7 +19,7 @@ func InitTarget(target *prog.Target) { S_IFCHR: target.GetConst("S_IFCHR"), } - target.MakeMmap = targets.MakePosixMmap(target) + target.MakeMmap = targets.MakePosixMmap(target, false) target.Neutralize = arch.neutralize target.AnnotateCall = arch.annotateCall } diff --git a/sys/targets/common.go b/sys/targets/common.go index a5a4838c2..72c485f81 100644 --- a/sys/targets/common.go +++ b/sys/targets/common.go @@ -8,9 +8,12 @@ import ( ) // MakePosixMmap creates a "normal" posix mmap call that maps [addr, addr+size) range. -func MakePosixMmap(target *prog.Target) func(addr, size uint64) *prog.Call { +func MakePosixMmap(target *prog.Target, exec bool) func(addr, size uint64) *prog.Call { meta := target.SyscallMap["mmap"] prot := target.GetConst("PROT_READ") | target.GetConst("PROT_WRITE") + if exec { + prot |= target.GetConst("PROT_EXEC") + } flags := target.GetConst("MAP_ANONYMOUS") | target.GetConst("MAP_PRIVATE") | target.GetConst("MAP_FIXED") const invalidFD = ^uint64(0) return func(addr, size uint64) *prog.Call { -- cgit mrf-deployment