From 1425e9621234316fe35f84c1668fb94c9ee32a73 Mon Sep 17 00:00:00 2001
From: Ian Beer <ian.beer@chromium.org>
Date: Mon, 25 Nov 2013 12:31:55 +0100
Subject: remove PROT_WRITE from islands and hooked functions

---
 mach_override.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/mach_override.c b/mach_override.c
index a2fe80b..4a41efa 100644
--- a/mach_override.c
+++ b/mach_override.c
@@ -163,7 +163,7 @@ mach_error_t makeIslandExecutable(void *address) {
     host_page_size( mach_host_self(), &pageSize );
     uintptr_t page = (uintptr_t)address & ~(uintptr_t)(pageSize-1);
     int e = err_none;
-    e |= mprotect((void *)page, pageSize, PROT_EXEC | PROT_READ | PROT_WRITE);
+    e |= mprotect((void *)page, pageSize, PROT_EXEC | PROT_READ);
     e |= msync((void *)page, pageSize, MS_INVALIDATE );
     if (e) {
         err = err_cannot_override;
@@ -342,6 +342,11 @@ mach_override_ptr(
 #endif
 		if ( !err )
 			atomic_mov64((uint64_t *)originalFunctionPtr, jumpRelativeInstruction);
+		mach_error_t prot_err = err_none;
+		prot_err = vm_protect( mach_task_self(),
+				       (vm_address_t) originalFunctionPtr, 8, false,
+				       (VM_PROT_READ | VM_PROT_EXECUTE) );
+		if(prot_err) fprintf(stderr, "err = %x %s:%d\n", prot_err, __FILE__, __LINE__);
 	}
 #endif
 	
-- 
cgit v1.2.3