[PATCH] mmap PROT_NONE fix for NX patch

This works around the current PROT_NONE problem from elf binaries that do not have the PT_GNU_STACK so that the do not have execute permission. The problem was that setting "def_flags" to include the VM_EXEC bit for compatibility reasons would also make PROT_NONE pages executable, which is obviously not correct. Signed-off-by: Daniel McNeil <daniel@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>

[PATCH] mmap PROT_NONE fix for NX patch
This works around the current PROT_NONE problem from elf binaries that do not have the PT_GNU_STACK so that the do not have execute permission. The problem was that setting "def_flags" to include the VM_EXEC bit for compatibility reasons would also make PROT_NONE pages executable, which is obviously not correct. Signed-off-by: Daniel McNeil <daniel@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
bf39d18e · Daniel McNeil · Linus Torvalds · d313a47f · bf39d18e
Commit bf39d18e authored Jul 15, 2004 by Daniel McNeil Committed by Linus Torvalds Jul 15, 2004
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 0 deletions

mm/mmap.c mm/mmap.c +6 -0

No files found.
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -792,6 +792,12 @@ unsigned long do_mmap_pgoff(struct file * file, unsigned long addr,
 	vm_flags = calc_vm_prot_bits(prot) | calc_vm_flag_bits(flags) |
 			mm->def_flags | VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC;
+	/*
+	 * mm->def_flags might have VM_EXEC set, which PROT_NONE does NOT want.
+	 */
+	if (prot == PROT_NONE)
+		vm_flags &= ~VM_EXEC;
 	if (flags & MAP_LOCKED) {
 		if (!capable(CAP_IPC_LOCK))
 			return -EPERM;