Kernel+LibELF: Enable SMAP protection during non-syscall exec()

When loading a new executable, we now map the ELF image in kernel-only
memory and parse it there. Then we use copy_to_user() when initializing
writable regions with data from the executable.

Note that the exec() syscall still disables SMAP protection and will
require additional work. This patch only affects kernel-originated
process spawns.

2 files changed, 8 insertions, 0 deletions

diff --git a/Kernel/VM/Region.cpp b/Kernel/VM/Region.cpp
index 85e84bd92e..5a0917d44c 100644
--- a/Kernel/VM/Region.cpp
+++ b/Kernel/VM/Region.cpp
@@ -189,6 +189,13 @@ NonnullOwnPtr<Region> Region::create_kernel_only(const Range& range, const Strin
     return region;
 }
 
+NonnullOwnPtr<Region> Region::create_kernel_only(const Range& range, NonnullRefPtr<VMObject> vmobject, size_t offset_in_vmobject, const StringView& name, u8 access)
+{
+    auto region = make<Region>(range, move(vmobject), offset_in_vmobject, name, access);
+    region->m_user_accessible = false;
+    return region;
+}
+
 bool Region::should_cow(size_t page_index) const
 {
     if (m_shared)
diff --git a/Kernel/VM/Region.h b/Kernel/VM/Region.h
index ddf7c4d194..3af580af79 100644
--- a/Kernel/VM/Region.h
+++ b/Kernel/VM/Region.h
@@ -30,6 +30,7 @@ public:
     static NonnullOwnPtr<Region> create_user_accessible(const Range&, NonnullRefPtr<VMObject>, size_t offset_in_vmobject, const StringView& name, u8 access);
     static NonnullOwnPtr<Region> create_user_accessible(const Range&, NonnullRefPtr<Inode>, const StringView& name, u8 access);
     static NonnullOwnPtr<Region> create_kernel_only(const Range&, const StringView& name, u8 access);
+    static NonnullOwnPtr<Region> create_kernel_only(const Range&, NonnullRefPtr<VMObject>, size_t offset_in_vmobject, const StringView& name, u8 access);
 
     ~Region();