Ping?
On Thu, Jan 18, 2024 at 7:07 AM Max Filippov <jcmvbkbc@xxxxxxxxx> wrote:
>
> Static FDPIC executable may get an executable stack even when it has
> non-executable GNU_STACK segment. This happens when STACK segment has rw
> permissions, but does not specify stack size. In that case FDPIC loader
> uses permissions of the interpreter's stack, and for static executables
> with no interpreter it results in choosing the arch-default permissions
> for the stack.
>
> Fix that by using the interpreter's properties only when the interpreter
> is actually used.
>
> Signed-off-by: Max Filippov <jcmvbkbc@xxxxxxxxx>
> ---
> fs/binfmt_elf_fdpic.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/binfmt_elf_fdpic.c b/fs/binfmt_elf_fdpic.c
> index be4e7ac3efbc..f6d72fe3998c 100644
> --- a/fs/binfmt_elf_fdpic.c
> +++ b/fs/binfmt_elf_fdpic.c
> @@ -322,7 +322,7 @@ static int load_elf_fdpic_binary(struct linux_binprm *bprm)
> else
> executable_stack = EXSTACK_DEFAULT;
>
> - if (stack_size == 0) {
> + if (stack_size == 0 && interp_params.flags & ELF_FDPIC_FLAG_PRESENT) {
> stack_size = interp_params.stack_size;
> if (interp_params.flags & ELF_FDPIC_FLAG_EXEC_STACK)
> executable_stack = EXSTACK_ENABLE_X;
> --
> 2.39.2
>
--
Thanks.
-- Max
