Kernel: Implement an axallowed mount option

Similar to `W^X` and `wxallowed`, this allows for anonymous executable mappings.
2025-01-23 18:02:05 -05:00 · 2022-05-05 18:30:24 +02:00 · 2022-05-05 18:30:24 +02:00 · 5efa8e507b
commit 5efa8e507b
parent 6187cf72cc
5 changed files with 8 additions and 1 deletions
--- a/Base/usr/share/man/man2/mount.md
+++ b/Base/usr/share/man/man2/mount.md
@ -38,6 +38,7 @@ The following `flags` are supported:
 * `MS_RDONLY`: Mount the filesystem read-only.
 * `MS_REMOUNT`: Remount an already mounted filesystem (see below).
 * `MS_WXALLOWED`: Allow W^X protection circumvention for executables on this file system.
+* `MS_AXALLOWED`: Allow anonymous executable mappings for executables on this file system.

 These flags can be used as a security measure to limit the possible abuses of the newly
 mounted file system.
--- a/Kernel/API/POSIX/unistd.h
+++ b/Kernel/API/POSIX/unistd.h
@ -28,6 +28,7 @@ extern "C" {
 #define MS_RDONLY (1 << 4)
 #define MS_REMOUNT (1 << 5)
 #define MS_WXALLOWED (1 << 6)
+#define MS_AXALLOWED (1 << 7)

 enum {
    _SC_MONOTONIC_CLOCK,
--- a/Kernel/Syscalls/mmap.cpp
+++ b/Kernel/Syscalls/mmap.cpp
@ -75,7 +75,7 @@ ErrorOr<void> Process::validate_mmap_prot(int prot, bool map_stack, bool map_ano
    bool make_writable = prot & PROT_WRITE;
    bool make_executable = prot & PROT_EXEC;

-    if (map_anonymous && make_executable)
+    if (map_anonymous && make_executable && !(executable()->mount_flags() & MS_AXALLOWED))
        return EINVAL;

    if (map_stack && make_executable)
--- a/Userland/Applications/SystemMonitor/main.cpp
+++ b/Userland/Applications/SystemMonitor/main.cpp
@ -287,6 +287,7 @@ public:
                check(MS_BIND, "bind");
                check(MS_RDONLY, "ro");
                check(MS_WXALLOWED, "wxallowed");
+                check(MS_AXALLOWED, "axallowed");
                if (builder.string_view().is_empty())
                    return String("defaults");
                return builder.to_string();
--- a/Userland/Utilities/mount.cpp
+++ b/Userland/Utilities/mount.cpp
@ -38,6 +38,8 @@ static int parse_options(StringView options)
            flags |= MS_REMOUNT;
        else if (part == "wxallowed")
            flags |= MS_WXALLOWED;
+        else if (part == "axallowed")
+            flags |= MS_AXALLOWED;
        else
            warnln("Ignoring invalid option: {}", part);
    }
@ -180,6 +182,8 @@ static ErrorOr<void> print_mounts()
            out(",bind");
        if (mount_flags & MS_WXALLOWED)
            out(",wxallowed");
+        if (mount_flags & MS_AXALLOWED)
+            out(",axallowed");

        outln(")");
    });