From: Amit Daniel Kachhap amitdaniel.kachhap@arm.com
Check that the requested prot flags can be set based on the input capability's permissions for the mprotect syscall.
Signed-off-by: Amit Daniel Kachhap amitdaniel.kachhap@arm.com Signed-off-by: Kevin Brodsky kevin.brodsky@arm.com --- mm/mprotect.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/mm/mprotect.c b/mm/mprotect.c index 7bf46faa7fd6..0f84e680ca5a 100644 --- a/mm/mprotect.c +++ b/mm/mprotect.c @@ -705,7 +705,8 @@ static int do_mprotect_pkey(user_uintptr_t user_ptr, size_t len, return -ENOMEM;
if (reserv_is_supported(current->mm) && - !(check_user_ptr_owning(user_ptr, len))) + !(check_user_ptr_owning(user_ptr, len) && + user_ptr_may_set_prot(user_ptr, prot))) return -EINVAL;
if (!arch_validate_prot(prot, start))