search

bitwiseworks / libcx

kLIBC Extension Library
GNU Lesser General Public License v2.1
11 stars 1 forks source link

mprotect() fails in file project #33

Open SilvanScherrer opened 7 years ago

SilvanScherrer commented 7 years ago

the call to mprotect() at http://trac.netlabs.org/ports/browser/file/trunk/src/apprentice.c#L2989 fails with Permission denied. To see the issue build the source and run make check. This will show it easy. As I didn't release the updated spec, better ask me how to build, as it needs 2 special settings.

dmik commented 7 years ago

This failure is expected, this functionality isn't implemented yet. This is what the comment in LIBCx mprotect (https://github.com/bitwiseworks/libcx/blob/master/src/mmap/mmap.c#L2073) says:

 /*
   * We prevent changing protection for mappings backed up by files.
   * First, because their protection is bound to the underlying file's
   * access mode (that was checked and confirmed at creation). Second,
   * because we already (ab)use protection flags on our own (to implement
   * on-demand page read semantics as well as asynchronous dirty page
   * writes) so messing up with them makes things too complex to manage.
   * Third, _std_mprotect() is written so that it commits pages unless
   * PAG_NONE is requested and this will also break things up (e.g.
   * on-demand page reading). And forth, it makes little sense to change
   * permissions of such mappings in real life (at least that's the case
   * in the absense of real life examples).
   *
   * @todo We may re-consider things later given that on e.g. Linux
   * it is possible to change protection of such mappings (though the
   * consequences of such a change are not fully documented, testing is
   * needed). But this will at least require to drop _std_mprotect usage
   * to avoid unnecessary committing of pages in the given range that
   * belong to file-bound mappings.
   *
   * Note also that although we let mprotect change protection of shared
   * anonymous mappings, it's not actually possible to set PROT_NONE
   * on them because a shared page can't be decommitted on OS/2 (and
   * protection can't be set to "no read, no write" for any kind of pages
   * there, both private and shared, either). We will simply return EINVAL
   * in such a case.
   */

So I guess now we got a real example which needs attention. I will learn what the code actually does and we will consider if it's worth implementing. As it might be non-trivial.