diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2016-05-30 21:22:47 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2016-05-30 21:22:47 +0000 |
| commit | ae02134a7804a7b8bddf8f1d414ff9b165851125 (patch) | |
| tree | 4c386968de2d296b31f9bca49231d34dec879053 /sys/kern/exec_elf.c | |
| parent | 3d02846c346d22bdb68a4e0cff7f2e853a541110 (diff) | |
*** empty log message ***
Diffstat (limited to 'sys/kern/exec_elf.c')
| -rw-r--r-- | sys/kern/exec_elf.c | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/sys/kern/exec_elf.c b/sys/kern/exec_elf.c index bc344f334b2..61550fbec81 100644 --- a/sys/kern/exec_elf.c +++ b/sys/kern/exec_elf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: exec_elf.c,v 1.121 2016/05/10 18:39:51 deraadt Exp $ */ +/* $OpenBSD: exec_elf.c,v 1.122 2016/05/30 21:22:45 deraadt Exp $ */ /* * Copyright (c) 1996 Per Fogelstrom @@ -76,6 +76,7 @@ #include <sys/namei.h> #include <sys/vnode.h> #include <sys/core.h> +#include <sys/syslog.h> #include <sys/exec.h> #include <sys/exec_elf.h> #include <sys/file.h> @@ -880,6 +881,23 @@ ELFNAME(os_pt_note)(struct proc *p, struct exec_package *epp, Elf_Ehdr *eh, goto out1; for (ph = hph; ph < &hph[eh->e_phnum]; ph++) { + if (ph->p_type == PT_OPENBSD_WXNEEDED) { + int wxallowed = (epp->ep_vp->v_mount && + (epp->ep_vp->v_mount->mnt_flag & MNT_WXALLOWED)); + + if (!wxallowed) { + log(LOG_NOTICE, + "%s(%d): W^X binary outside wxallowed mountpoint\n", + epp->ep_name, p->p_pid); + error = ENOEXEC; + goto out1; + } + epp->ep_flags |= EXEC_WXNEEDED; + break; + } + } + + for (ph = hph; ph < &hph[eh->e_phnum]; ph++) { if (ph->p_type != PT_NOTE || ph->p_filesz > 1024 || ph->p_filesz < sizeof(Elf_Note) + name_size) |