i386: NX emulation

This is old code with some cruft, all originally by Ingo with much later rebasing by Fedora folks and at least one arcane fix by Roland a few years ago. Signed-off-by: Roland McGrath <roland@redhat.com> Signed-off-by: Kees Cook <kees.cook@canonical.com> Signed-off-by: Andy Whitcroft <apw@canonical.com>
author: Roland McGrath <roland@redhat.com> 2010-07-14 00:50:02 -0700
committer: John Rigby <john.rigby@linaro.org> 2011-03-16 15:48:27 -0600
commit: e2322cd2c3322a660794b558e548e917f608fa90 (patch)
tree: 13c51d4aef9bab723ae118ed946515b4507f8639 /fs
parent: e8e01abc2473e9e8c35c3ab11faf020144ee580b (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
index d5b640ba6cb1..fbf9002a148c 100644
--- a/fs/binfmt_elf.c
+++ b/fs/binfmt_elf.c
@@ -712,6 +712,15 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
 	if (retval)
 		goto out_free_dentry;
 
+#ifdef CONFIG_X86_32
+	/*
+	 * Turn off the CS limit completely if exec-shield disabled or
+	 * NX active:
+	 */
+	if (!exec_shield || executable_stack != EXSTACK_DISABLE_X || (__supported_pte_mask & _PAGE_NX))
+		arch_add_exec_range(current->mm, -1);
+#endif
+
 	/* OK, This is the point of no return */
 	current->flags &= ~PF_FORKNOEXEC;
 	current->mm->def_flags = def_flags;
author	Roland McGrath <roland@redhat.com>	2010-07-14 00:50:02 -0700
committer	John Rigby <john.rigby@linaro.org>	2011-03-16 15:48:27 -0600
commit	e2322cd2c3322a660794b558e548e917f608fa90 (patch)
tree	13c51d4aef9bab723ae118ed946515b4507f8639 /fs
parent	e8e01abc2473e9e8c35c3ab11faf020144ee580b (diff)