Skip to content

Implement mprotect syscall #54

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ryanbreen merged 2 commits into from
Dec 7, 2025
Merged

Implement mprotect syscall #54

ryanbreen merged 2 commits into from
Dec 7, 2025

Conversation

@ryanbreen
Copy link
Owner

@ryanbreen ryanbreen commented Dec 7, 2025

Summary

  • Add mprotect syscall (Linux syscall number 10) for changing memory protection flags on existing mapped regions
  • Implement update_page_flags method in ProcessPageTable using unmap-remap strategy to preserve physical frames while changing protection
  • Update VMA tracking to reflect new protection flags
  • Add libbreenix wrapper for userspace access
  • Extend test_mmap.rs with Test 3 to verify mprotect works correctly

Implementation Details

The mprotect syscall:

  1. Validates that address is page-aligned and length > 0
  2. Finds the VMA covering the specified range
  3. Converts PROT_* flags to PageTableFlags
  4. Updates each page via update_page_flags (unmap → remap with new flags)
  5. Flushes TLB to ensure changes take effect
  6. Updates VMA protection tracking

Test plan

  • Build completes with zero warnings
  • All 54 boot stages pass
  • mmap test creates region, writes pattern, changes to PROT_READ, verifies read still works
  • Integrity audit passed (A- grade)

🤖 Generated with Claude Code

ryanbreen and others added 2 commits December 7, 2025 05:47
@ryanbreen @claude
Implement mprotect syscall for memory protection changes
79544d2 
Add the mprotect syscall (Linux syscall number 10) to allow changing
memory protection flags on existing mapped regions.

Implementation details:
- Kernel: sys_mprotect validates page alignment, finds VMA covering
  the region, updates page table flags via unmap-remap strategy, and
  flushes TLB
- ProcessPageTable: Added update_page_flags method that preserves
  the physical frame while changing protection flags
- VMA: Protection flags are updated in the VMA tracking structure
- libbreenix: Added MPROTECT syscall constant and mprotect wrapper
- Tests: Extended test_mmap.rs with Test 3 that verifies mprotect
  can change a read-write region to read-only

All 54 boot stages pass with zero warnings.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@ryanbreen @claude
Add Mprotect case to dispatcher.rs
57b228c 
The dispatcher.rs file also has a match on SyscallNumber that needed
the Mprotect case added alongside handler.rs.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@ryanbreen ryanbreen merged commit 30c23c2 into main Dec 7, 2025
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ryanbreen