DynamicLoader: Annotate all loaded library ranges as immutable

To further protect all virtual memory regions of the loaded libraries,
don't allow to mutate these regions both in changing their annotations
nor the protection bits.

1 files changed, 13 insertions, 5 deletions

diff --git a/Userland/Libraries/LibELF/DynamicLinker.cpp b/Userland/Libraries/LibELF/DynamicLinker.cpp
index 141d283254..b0752fc0f7 100644
--- a/Userland/Libraries/LibELF/DynamicLinker.cpp
+++ b/Userland/Libraries/LibELF/DynamicLinker.cpp
@@ -394,17 +394,25 @@ static Result<void, DlErrorMessage> link_main_library(DeprecatedString const& pa
         VERIFY(!result.is_error());
         auto& object = result.value();
 
+        if (loader.filepath().ends_with("/libc.so"sv)) {
+            initialize_libc(*object);
+        }
+
         if (loader.filepath().ends_with("/libsystem.so"sv)) {
             VERIFY(!loader.text_segments().is_empty());
             for (auto const& segment : loader.text_segments()) {
-                if (syscall(SC_annotate_mapping, segment.address().get(), static_cast<int>(VirtualMemoryRangeFlags::SyscallCode))) {
+                auto flags = static_cast<int>(VirtualMemoryRangeFlags::SyscallCode) | static_cast<int>(VirtualMemoryRangeFlags::Immutable);
+                if (syscall(SC_annotate_mapping, segment.address().get(), flags)) {
+                    VERIFY_NOT_REACHED();
+                }
+            }
+        } else {
+            for (auto const& segment : loader.text_segments()) {
+                auto flags = static_cast<int>(VirtualMemoryRangeFlags::Immutable);
+                if (syscall(SC_annotate_mapping, segment.address().get(), flags)) {
                     VERIFY_NOT_REACHED();
                 }
             }
-        }
-
-        if (loader.filepath().ends_with("/libc.so"sv)) {
-            initialize_libc(*object);
         }
     }