/* External variables not in a header file. */
extern int sysctl_overcommit_memory;
extern int sysctl_overcommit_ratio;
+#ifdef CONFIG_MMU
+extern int sysctl_mmap_noexec_taint;
+#endif
extern int max_threads;
extern int core_uses_pid;
extern int suid_dumpable;
.mode = 0644,
.proc_handler = mmap_min_addr_handler,
},
+ {
+ .procname = "mmap_noexec_taint",
+ .data = &sysctl_mmap_noexec_taint,
+ .maxlen = sizeof(unsigned long),
+ .mode = 0644,
+ .proc_handler = proc_dointvec_minmax,
+ .extra1 = &zero,
+ .extra2 = &one,
+ },
#endif
#ifdef CONFIG_NUMA
{
This value can be changed after boot using the
/proc/sys/vm/mmap_min_addr tunable.
+config MMAP_NOEXEC_TAINT
+ int "Turns on tainting of mmap()d files from noexec mountpoints"
+ depends on MMU
+ default 1
+ help
+ By default, the ability to change the protections of a virtual
+ memory area to allow execution depend on if the vma has the
+ VM_MAYEXEC flag. When mapping regions from files, VM_MAYEXEC
+ will be unset if the containing mountpoint is mounted MNT_NOEXEC.
+ By setting the value to 0, any mmap()d region may be later
+ mprotect()d with PROT_EXEC.
+
+ If unsure, keep the value set to 1.
+
+ This value can be changed after boot using the
+ /proc/sys/vm/mmap_noexec_taint tunable.
+
config ARCH_SUPPORTS_MEMORY_FAILURE
bool
int sysctl_overcommit_memory __read_mostly = OVERCOMMIT_GUESS; /* heuristic overcommit */
int sysctl_overcommit_ratio __read_mostly = 50; /* default is 50% */
int sysctl_max_map_count __read_mostly = DEFAULT_MAX_MAP_COUNT;
+int sysctl_mmap_noexec_taint __read_mostly = CONFIG_MMAP_NOEXEC_TAINT;
/*
* Make sure vm_committed_as in one cacheline and not cacheline shared with
* other variables. It can be updated by several CPUs frequently.
if (file->f_path.mnt->mnt_flags & MNT_NOEXEC) {
if (vm_flags & VM_EXEC)
return -EPERM;
- vm_flags &= ~VM_MAYEXEC;
+ if (sysctl_mmap_noexec_taint)
+ vm_flags &= ~VM_MAYEXEC;
}
if (!file->f_op || !file->f_op->mmap)