On Mon, Nov 18, 2019 at 12:54:57PM -0800, Andrew Morton wrote: > On Mon, 18 Nov 2019 17:51:15 +0300 Alexey Dobriyan <adobriyan@xxxxxxxxx> wrote: > > > PT_GNU_STACK is fail open design, > > Not sure what this means. Please expand on the motivation for this > change. > > > at least warn people that something > > isn't right. > > People who use an executable stack get a kernel splat. How is that > useful? There were two stories about silent downgrade to an executable stack: 1) compiling .S file and linking it to normal code: $ cat f.S .intel_syntax noprefix .text .globl f f: ret will silently add PT_GNU_STACK segment with RWE permissions 2) closures with nested functions will require executable stack https://nullprogram.com/blog/2019/11/15/ > > --- a/fs/exec.c > > +++ b/fs/exec.c > > @@ -762,6 +762,13 @@ int setup_arg_pages(struct linux_binprm *bprm, > > goto out_unlock; > > BUG_ON(prev != vma); > > > > +#ifdef CONFIG_MMU This code is already under CONFIG_MMU. I'll resend.
