hashx: Fix compiled hash function on NetBSD

NetBSD includes the idea of a 'maximum protection' per-region,
and an mprotect which exceeds the max protection will be denied.

If we explicitly ask for a maximum which includes execute permission, we
can successfully swap our code buffer's permissions between read-write
and read-execute when each hash program is compiled.

With this patch, the crypto/hashx tests pass on NetBSD 9.
This addresses bug #40844
This commit is contained in:
Micah Elizabeth Scott 2023-08-25 10:31:33 -07:00
parent ee4e9f7506
commit 95e8ffa97e

View File

@ -18,6 +18,11 @@
#define PAGE_READWRITE (PROT_READ | PROT_WRITE) #define PAGE_READWRITE (PROT_READ | PROT_WRITE)
#define PAGE_EXECUTE_READ (PROT_READ | PROT_EXEC) #define PAGE_EXECUTE_READ (PROT_READ | PROT_EXEC)
#define PAGE_EXECUTE_READWRITE (PROT_READ | PROT_WRITE | PROT_EXEC) #define PAGE_EXECUTE_READWRITE (PROT_READ | PROT_WRITE | PROT_EXEC)
#if defined(__NetBSD__) && defined(PROT_MPROTECT)
#define PAGE_MMAP_PROT (PAGE_READWRITE | PROT_MPROTECT(PROT_EXEC))
#else
#define PAGE_MMAP_PROT PAGE_READWRITE
#endif
#endif #endif
#ifdef HASHX_WIN #ifdef HASHX_WIN
@ -57,7 +62,7 @@ void* hashx_vm_alloc(size_t bytes) {
#ifdef HASHX_WIN #ifdef HASHX_WIN
mem = VirtualAlloc(NULL, bytes, MEM_COMMIT, PAGE_READWRITE); mem = VirtualAlloc(NULL, bytes, MEM_COMMIT, PAGE_READWRITE);
#else #else
mem = mmap(NULL, bytes, PAGE_READWRITE, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); mem = mmap(NULL, bytes, PAGE_MMAP_PROT, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0);
if (mem == MAP_FAILED) if (mem == MAP_FAILED)
return NULL; return NULL;
#endif #endif