FEX doesn't handle executable stack flags correctly. #5149
Description
Kernel documentation:
* CPU: | lacks NX* | has NX, ia32 | has NX, x86_64 |
* ELF: | | | |
* ---------------------|------------|------------------|----------------|
* missing PT_GNU_STACK | exec-all | exec-all | exec-none |
* PT_GNU_STACK == RWX | exec-stack | exec-stack | exec-stack |
* PT_GNU_STACK == RW | exec-none | exec-none | exec-none |
FEX implementation:
* CPU: | has NX, ia32 | has NX, x86_64 |
* ELF: | | |
* ---------------------|------------------|----------------|
* missing PT_GNU_STACK | exec-none | exec-none |
* PT_GNU_STACK == RWX | exec-all | exec-all |
* PT_GNU_STACK == RW | exec-none | exec-none |
Effectively if PT_GNU_STACK exists with RWX then we should only enable executable stack.
If PT_GNU_STACK /doesn't/ exist then we should enable exec-all on only x86, but leave it alone on x86-64.
Needs some unittests to ensure correct behaviours for the matrix of six behaviours (We don't emulate a system without NX these days).
Low prio as this isn't affecting anything we know of.
There's also the additional quirk that if an executable is mapped from a noexec filesystem that mappings should inherit that. Not sure if there is a clean way to detect that.... Might only matter with execve, not mmap?