exec: fix stack excutability without PT_GNU_STACK

commit 96a8e13ed44e380fc2bb6c711d74d5ba698c00b2 upstream

Kernel Bugzilla #11063 points out that on some architectures (e.g. x86_32)
exec'ing an ELF without a PT_GNU_STACK program header should default to an
executable stack; but this got broken by the unlimited argv feature because
stack vma is now created before the right personality has been established:
so breaking old binaries using nested function trampolines.

Therefore re-evaluate VM_STACK_FLAGS in setup_arg_pages, where stack
vm_flags used to be set, before the mprotect_fixup.  Checking through
our existing VM_flags, none would have changed since insert_vm_struct:
so this seems safer than finding a way through the personality labyrinth.

Reported-by: pageexec@freemail.hu
Signed-off-by: Hugh Dickins <hugh@veritas.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

diff --git a/fs/exec.c b/fs/exec.c
index 54a0a557b6781ecf379015bbd60dc6f3fd37c176..30809154bb8f6d75e96d71190ce6f7ab0cd0b832 100644 (file)
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -605,7 +605,7 @@ int setup_arg_pages(struct linux_binprm *bprm,
        bprm->exec -= stack_shift;
 
        down_write(&mm->mmap_sem);
-       vm_flags = vma->vm_flags;
+       vm_flags = VM_STACK_FLAGS;
 
        /*
         * Adjust stack execute permissions; explicitly enable for