[PATCH] take noexec checks to very few callers that care
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
diff --git a/fs/exec.c b/fs/exec.c
index 346e3f6..eca58c2 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -118,6 +118,10 @@
if (!S_ISREG(nd.path.dentry->d_inode->i_mode))
goto exit;
+ error = -EACCES;
+ if (nd.path.mnt->mnt_flags & MNT_NOEXEC)
+ goto exit;
+
error = vfs_permission(&nd, MAY_READ | MAY_EXEC | MAY_OPEN);
if (error)
goto exit;
@@ -668,6 +672,9 @@
if (!S_ISREG(nd.path.dentry->d_inode->i_mode))
goto out_path_put;
+ if (nd.path.mnt->mnt_flags & MNT_NOEXEC)
+ goto out_path_put;
+
err = vfs_permission(&nd, MAY_EXEC | MAY_OPEN);
if (err)
goto out_path_put;