On Thu, Apr 18, 2019 at 01:30:07AM -0500, Kees Cook wrote: > Anything running with READ_IMPLIES_EXEC (i.e. a gnu stack marked WITH > execute) should be considered broken. Now, the trouble is that this > personality flag is carried across execve(), so if you have a launcher > that doesn't fix up the personality for children, you'll see this > spread all over your process tree. What is doing rdma mmap calls with > an executable stack? That really feels to me like the real source of > the problem. Apparently the Fortran runtime forces the READ_IMPLIES_EXEC and requires it for some real reason or another - Fortran and RDMA go together in alot of cases. > Is the file for the driver coming out of /dev? Seems like that should > be mounted noexec and it would solve this too. (Though now I wonder > why /dev isn't noexec by default? /dev/pts is noexec... Yes - maybe? > Regardless, if you wanted to add a "ignore READ_IMPLIES_EXEC" flag to > struct file, maybe this bit could be populated by drivers? This would solve our problem.. How about a flag in struct file_operations? Do you agree it is worth drivers banning VM_EXEC for these truely non-executable pages? Thanks, Jason
