ntdll: Add a noexec flag for memory views where we don't want to force exec permission.

2008-11-04 13:16:01 +01:00 · 2008-11-04 13:16:01 +01:00 · 7e94787948
parent 0b0b6c351a
commit 7e94787948
3 changed files with 7 additions and 3 deletions
--- a/dlls/ntdll/virtual.c
+++ b/dlls/ntdll/virtual.c
@ -473,7 +473,7 @@ static NTSTATUS create_view( struct file_view **view_ret, void *base, size_t siz
    *view_ret = view;
    VIRTUAL_DEBUG_DUMP_VIEW( view );

-    if (force_exec_prot && (unix_prot & PROT_READ) && !(unix_prot & PROT_EXEC))
+    if (force_exec_prot && !(vprot & VPROT_NOEXEC) && (unix_prot & PROT_READ) && !(unix_prot & PROT_EXEC))
    {
        TRACE( "forcing exec permission on %p-%p\n", base, (char *)base + size - 1 );
        mprotect( base, size, unix_prot | PROT_EXEC );
@ -585,7 +585,8 @@ static BOOL VIRTUAL_SetProt( FILE_VIEW *view, /* [in] Pointer to view */
        return TRUE;
    }

-    if (force_exec_prot && (unix_prot & PROT_READ) && !(unix_prot & PROT_EXEC))
+    if (force_exec_prot && !(view->protect & VPROT_NOEXEC) &&
+        (unix_prot & PROT_READ) && !(unix_prot & PROT_EXEC))
    {
        TRACE( "forcing exec permission on %p-%p\n", base, (char *)base + size - 1 );
        if (!mprotect( base, size, unix_prot | PROT_EXEC )) goto done;
@ -1386,6 +1387,7 @@ void VIRTUAL_SetForceExec( BOOL enable )
            char *addr = view->base;
            BYTE prot = view->prot[0];

+            if (view->protect & VPROT_NOEXEC) continue;
            for (count = i = 1; i < view->size >> page_shift; i++, count++)
            {
                if (view->prot[i] == prot) continue;
@ -1525,7 +1527,7 @@ NTSTATUS WINAPI NtAllocateVirtualMemory( HANDLE process, PVOID *ret, ULONG zero_

    if (type & MEM_SYSTEM)
    {
-        if (type & MEM_IMAGE) vprot |= VPROT_IMAGE;
+        if (type & MEM_IMAGE) vprot |= VPROT_IMAGE | VPROT_NOEXEC;
        status = create_view( &view, base, size, vprot | VPROT_COMMITTED | VPROT_SYSTEM );
        if (status == STATUS_SUCCESS) base = view->base;
    }
--- a/include/wine/server_protocol.h
+++ b/include/wine/server_protocol.h
@ -1692,6 +1692,7 @@ struct create_mapping_reply
 #define VPROT_IMAGE      0x0100
 #define VPROT_SYSTEM     0x0200
 #define VPROT_VALLOC     0x0400
+#define VPROT_NOEXEC     0x0800



--- a/server/protocol.def
+++ b/server/protocol.def
@ -1334,6 +1334,7 @@ enum char_info_mode
 #define VPROT_IMAGE      0x0100  /* mapping for an exe image */
 #define VPROT_SYSTEM     0x0200  /* system view (underlying mmap not under our control) */
 #define VPROT_VALLOC     0x0400  /* allocated by VirtualAlloc */
+#define VPROT_NOEXEC     0x0800  /* don't force exec permission */


 /* Open a mapping */