Skip to content
Commit 48f99c8e authored by Dong Bo's avatar Dong Bo Committed by Will Deacon
Browse files

arm64: Preventing READ_IMPLIES_EXEC propagation 



Like arch/arm/, we inherit the READ_IMPLIES_EXEC personality flag across
fork(). This is undesirable for a number of reasons:

  * ELF files that don't require executable stack can end up with it
    anyway

  * We end up performing un-necessary I-cache maintenance when mapping
    what should be non-executable pages

  * Restricting what is executable is generally desirable when defending
    against overflow attacks

This patch clears the personality flag when setting up the personality for
newly spwaned native tasks. Given that semi-recent AArch64 toolchains emit
a non-executable PT_GNU_STACK header, userspace applications can already
not rely on READ_IMPLIES_EXEC so shouldn't be adversely affected by this
change.

Cc: <stable@vger.kernel.org>
Reported-by: default avatarPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: default avatarDong Bo <dongbo4@huawei.com>
[will: added comment to compat code, rewrote commit message]
Signed-off-by: default avatarWill Deacon <will.deacon@arm.com>
parent 5ed02dbb
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment