16 Oct
2023
16 Oct
'23
2:38 p.m.
From: Jeff Xu jeffxu@google.com
check sealing for mprotect(2).
Signed-off-by: Jeff Xu jeffxu@google.com --- mm/mprotect.c | 6 ++++++ 1 file changed, 6 insertions(+)
diff --git a/mm/mprotect.c b/mm/mprotect.c index 130db91d3a8c..5b67c66d55f7 100644 --- a/mm/mprotect.c +++ b/mm/mprotect.c @@ -753,6 +753,12 @@ static int do_mprotect_pkey(unsigned long start, size_t len, } }
+ if (!can_modify_mm(current->mm, start, end, MM_ACTION_MPROTECT, + ON_BEHALF_OF_USERSPACE)) { + error = -EACCES; + goto out; + } + prev = vma_prev(&vmi); if (start > vma->vm_start) prev = vma;
--
2.42.0.609.gbb76f46606-goog