commit 95e8ffa97e413c19c7257c9e6dc9511e98347b68
parent ee4e9f7506d87be71fb85e0bce0a671f541ff059
Author: Micah Elizabeth Scott <beth@torproject.org>
Date: Fri, 25 Aug 2023 10:31:33 -0700
hashx: Fix compiled hash function on NetBSD
NetBSD includes the idea of a 'maximum protection' per-region,
and an mprotect which exceeds the max protection will be denied.
If we explicitly ask for a maximum which includes execute permission, we
can successfully swap our code buffer's permissions between read-write
and read-execute when each hash program is compiled.
With this patch, the crypto/hashx tests pass on NetBSD 9.
This addresses bug #40844
Diffstat:
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/ext/equix/hashx/src/virtual_memory.c b/src/ext/equix/hashx/src/virtual_memory.c
@@ -18,6 +18,11 @@
#define PAGE_READWRITE (PROT_READ | PROT_WRITE)
#define PAGE_EXECUTE_READ (PROT_READ | PROT_EXEC)
#define PAGE_EXECUTE_READWRITE (PROT_READ | PROT_WRITE | PROT_EXEC)
+#if defined(__NetBSD__) && defined(PROT_MPROTECT)
+#define PAGE_MMAP_PROT (PAGE_READWRITE | PROT_MPROTECT(PROT_EXEC))
+#else
+#define PAGE_MMAP_PROT PAGE_READWRITE
+#endif
#endif
#ifdef HASHX_WIN
@@ -57,7 +62,7 @@ void* hashx_vm_alloc(size_t bytes) {
#ifdef HASHX_WIN
mem = VirtualAlloc(NULL, bytes, MEM_COMMIT, PAGE_READWRITE);
#else
- mem = mmap(NULL, bytes, PAGE_READWRITE, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0);
+ mem = mmap(NULL, bytes, PAGE_MMAP_PROT, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0);
if (mem == MAP_FAILED)
return NULL;
#endif
