[PATCH] PROT_GROWSDOWN/PROT_GROWSUP flags for mprotect
There is currently no clean and efficient way to apply mprotect to all of a program's stack, i.e. to the moving edge of a GROWSDOWN or GROWSUP mapping. Some processes want to change these protections, particularly to set or clear the PROT_EXEC bits on stack space. As it is, an mprotect done to cover the precise edge page of the mapping will have the desired effect of changing the protection for existing pages and having that new protection carried over to new pages grown later. But there is no very reasonable way of ascertaining where the edge of the mapping is if it might have grown in the past beyond the usage at the moment. An mprotect call that doesn't cover the edge page splits the mapping and doesn't do what we need. This patch adds flags that can be OR'd into the protection bits in an mprotect system call. PROT_GROWSDOWN means the memory lies in a GROWSDOWN mapping and the start address of the region to be changed should be extended down to the current low page of that mapping. Similarly, PROT_GROWSUP means the pages lie in a GROWSUP mapping and the length of the region to be changed should be extended up to include its highest page. These flags also explicitly request the (already implicit) behavior that the protection change applied to the lowest/highest page of a growing mapping is passed on to new pages grown later. There are no other changes to the mprotect behavior; in particular, the boundary in the non-growing direction (the end address computed from the start+len arguments in the GROWSDOWN case, and the start argument in the GROWSUP case) is as given by the arguments to the system call. This is desireable in the use of this call by a process on its stack, so it can change the protections of the growing mapping used for program stack distinctly from the protections on the arguments, environment, and AT_* data from exec.
Showing
Please register or sign in to comment