[PR #3660] [MERGED] Core: Handle various edge cases related to executable permissions. #3639

New issue

Closed

opened 2026-02-27 22:04:26 +03:00 by kerem · 0 comments

kerem commented

2026-02-27 22:04:26 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/shadps4-emu/shadPS4/pull/3660
Author: @StevenMiller123
Created: 9/26/2025
Status: ✅ Merged
Merged: 9/28/2025
Merged by: @georgemoralis

Base: main ← Head: exec-prot-fixes

📝 Commits (10+)

7572be3 Fix flag handling on Windows
1ea7755 Fix backing protects
8347b57 Fix error code for sceKernelMapDirectMemory2
25eea05 Fix prot setting in ProtectBytes
526348c Handle some extra protection-related edge cases.
67915dc Properly handle exec permission behavior for memory pools
7b40a16 Clang
74f3ee5 Allow execution protection for direct memory
a3e4b95 Clang
c6ff305 More descriptive assert message

📊 Changes

4 files changed (+167 additions, -53 deletions)

View changed files

📝 src/core/address_space.cpp (+83 -28)
📝 src/core/libraries/kernel/memory.cpp (+15 -5)
📝 src/core/memory.cpp (+66 -18)
📝 src/core/memory.h (+3 -2)

📄 Description

As I tested various forms of protections on memory, I found a handful of inaccuracies this PR will address.

Execute permissions are hidden from direct memory mappings.
Attempting to map backed memory with execute permssions could fail on Windows, due to an edge case related to MapViewOfFile3. Fixing this is necessary for sceKernelMprotect to work properly on flexible memory after #3639
Protecting memory with read | execute (and no write permissions) would behave strangely on Windows. This was due to an issue with the flags we applied in AddressSpace::Impl::Protect, so I cleaned up the logic there too.
Internally, the PS4 kernel seems to treat read and write permissions separately, but applies read permissions whenever only write is specified. Handling this properly fixes the raw value of VMA protections occasionally being exactly one less than equivalent mappings on real hardware.
sceKernelMapDirectMemory2 returns EINVAL when requesting execute permissions, not EACCES.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/shadps4-emu/shadPS4/pull/3660 **Author:** [@StevenMiller123](https://github.com/StevenMiller123) **Created:** 9/26/2025 **Status:** ✅ Merged **Merged:** 9/28/2025 **Merged by:** [@georgemoralis](https://github.com/georgemoralis) **Base:** `main` ← **Head:** `exec-prot-fixes` --- ### 📝 Commits (10+) - [`7572be3`](https://github.com/shadps4-emu/shadPS4/commit/7572be3075a2e61e6345070c372561914795892d) Fix flag handling on Windows - [`1ea7755`](https://github.com/shadps4-emu/shadPS4/commit/1ea775564c83439464a8fd4b61194cf64b5f9964) Fix backing protects - [`8347b57`](https://github.com/shadps4-emu/shadPS4/commit/8347b5750836a50268c6babd22b79c9cab3a9750) Fix error code for sceKernelMapDirectMemory2 - [`25eea05`](https://github.com/shadps4-emu/shadPS4/commit/25eea05fe5c839cb3feca57d1f3f0b3464b753c3) Fix prot setting in ProtectBytes - [`526348c`](https://github.com/shadps4-emu/shadPS4/commit/526348caaa74c992b3e9709d41e487043e69decf) Handle some extra protection-related edge cases. - [`67915dc`](https://github.com/shadps4-emu/shadPS4/commit/67915dc4360dbeed0a06321d7cb603f2e9f1e489) Properly handle exec permission behavior for memory pools - [`7b40a16`](https://github.com/shadps4-emu/shadPS4/commit/7b40a162bc6f6c7e4f3a83a58c931f1053470f1b) Clang - [`74f3ee5`](https://github.com/shadps4-emu/shadPS4/commit/74f3ee50116bc82cfa83785a16f00b50b139040f) Allow execution protection for direct memory - [`a3e4b95`](https://github.com/shadps4-emu/shadPS4/commit/a3e4b95b533859be3ad3c2ca7af919490e78a737) Clang - [`c6ff305`](https://github.com/shadps4-emu/shadPS4/commit/c6ff3057f5a9b1bd502a6446bd8cb3e478b17e6b) More descriptive assert message ### 📊 Changes **4 files changed** (+167 additions, -53 deletions) <details> <summary>View changed files</summary> 📝 `src/core/address_space.cpp` (+83 -28) 📝 `src/core/libraries/kernel/memory.cpp` (+15 -5) 📝 `src/core/memory.cpp` (+66 -18) 📝 `src/core/memory.h` (+3 -2) </details> ### 📄 Description As I tested various forms of protections on memory, I found a handful of inaccuracies this PR will address. - Execute permissions are hidden from direct memory mappings. - Attempting to map backed memory with execute permssions could fail on Windows, due to an edge case related to `MapViewOfFile3`. Fixing this is necessary for `sceKernelMprotect` to work properly on flexible memory after #3639 - Protecting memory with read | execute (and no write permissions) would behave strangely on Windows. This was due to an issue with the flags we applied in `AddressSpace::Impl::Protect`, so I cleaned up the logic there too. - Internally, the PS4 kernel seems to treat read and write permissions separately, but applies read permissions whenever only write is specified. Handling this properly fixes the raw value of VMA protections occasionally being exactly one less than equivalent mappings on real hardware. - `sceKernelMapDirectMemory2` returns EINVAL when requesting execute permissions, not EACCES. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>