bp@cs.brown.edu (Boris Putanec) (04/13/91)
Why are tasks permitted to change their maximum protections with vm_protect? Why have maximum protections at all if they can be changed to allow greater access? Shouldn't the maximum protection set by vm_map stick? Here is the relevant portion from the Mach 3.0 vm_map.c, old_prot = current->protection; if (set_max) current->protection = (current->max_protection = new_prot) & old_prot; else current->protection = new_prot; We are trying to design a file server which will map files directly into a tasks address space and need a way to restrict access. Since the server would be performing the vm_map, maximum protections seemed an ideal solution. The source seems to indicate otherwise. Am I missing something? Is there another way to do it? boris bp@cs.brown.edu
bp@cs.brown.edu (Boris Putanec) (04/14/91)
In article <BP.91Apr12233650@flint.cs.brown.edu> bp@cs.brown.edu (Boris Putanec) writes:
Why are tasks permitted to change their maximum protections with
vm_protect? Why have maximum protections at all if they can be changed
to allow greater access? Shouldn't the maximum protection set by
vm_map stick?
[ bad example deleted ]
Am I missing something? Is there another way to do it?
Clearly I was missing something. The check for raising maximum
protection is about 5 lines higher in the code that I quoted. Sleep
deprivation can do it to you.
The maximum protection set by vm_map cannot be raised by vm_protect.
Exatcly what the doctor orderd.
boris
bp@cs.brown.edu