-
Dmitry Safonov authored
Flag `noexecstack' for ld implies `EXSTACK_DISABLE_X' ELF flag on CRIU binary. Without this flag the kernel ELF loader will set `READ_IMPLIES_EXEC' personality bit: > if (elf_read_implies_exec(loc->elf_ex, executable_stack)) > current->personality |= READ_IMPLIES_EXEC; This flag is checked by sys_mmap(): > if ((prot & PROT_READ) && (current->personality & READ_IMPLIES_EXEC)) > if (!(file && path_noexec(&file->f_path))) > prot |= PROT_EXEC; Which results in each mmap() syscall returning +x mapping for any readable mapping for CRIU binary, e.g: Before C/R: 76fc4000-76fc5000 r--p 0001f000 b3:02 131656 /usr/lib/ld-2.25.so 76fc5000-76fc6000 rw-p 00020000 b3:02 131656 /usr/lib/ld-2.25.so After restore: 76fc4000-76fc5000 r-xp 0001f000 b3:02 131656 /usr/lib/ld-2.25.so 76fc5000-76fc6000 rwxp 00020000 b3:02 131656 /usr/lib/ld-2.25.so Which also makes ZDTM very sad: 1: Old maps lost: set(["76f80000-76f81000 ['rw-p', '0120400']", "25000-26000 ['rw-p', '0120400']", "76f7d000-76f7f000 ['rw-p']", "14a8000-14c9000 ['rw-p']", "76f4a000-76f4c000 ['r--p', '0120400']", "7ed3d000-7ed7f000 ['rw-p']", "76f7f000-76f80000 ['r--p', '0120400']", "24000-25000 ['r--p', '0120400']", "76f4c000-76f50000 ['rw-p', '0120400']"]) 1: New maps appeared: set(["76f7f000-76f80000 ['r-xp', '0120400']", "7ed3d000-7ed7f000 ['rwxp']", "76f4a000-76f4c000 ['r-xp', '0120400']", "76f80000-76f81000 ['rwxp', '0120400']", "24000-25000 ['r-xp', '0120400']", "14a8000-14c9000 ['rwxp']", "25000-26000 ['rwxp', '0120400']", "76f7d000-76f7f000 ['rwxp']", "76f4c000-76f50000 ['rwxp', '0120400']"]) Maybe we also need to set it for arm64 or even for all archs, but that needs to be tested in the first place, so add it now to arm32, x86 already has it. Acked-by:
Cyrill Gorcunov <gorcunov@openvz.org> Signed-off-by:
Dmitry Safonov <dsafonov@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
d7c86c8b
