um: Don't mark stack executable

richardweinberger · jmberg-intel · commit c45601306aa5 · 2025-09-10T14:24:13.000+02:00
On one of my machines UML failed to start after enabling
SELinux.
UML failed to start because SELinux's execmod rule denies
executable pages on a modified file mapping.

Historically UML marks it's stack rwx.
AFAICT, these days this is no longer needed, so let's remove
PROT_EXEC.

Signed-off-by: Richard Weinberger &lt;richard@nod.at&gt;
Signed-off-by: Johannes Berg &lt;johannes.berg@intel.com&gt;
diff --git a/arch/um/os-Linux/util.c b/arch/um/os-Linux/util.c
@@ -20,8 +20,7 @@
 
 void stack_protections(unsigned long address)
 {
-	if (mprotect((void *) address, UM_THREAD_SIZE,
-		    PROT_READ | PROT_WRITE | PROT_EXEC) < 0)
+	if (mprotect((void *) address, UM_THREAD_SIZE, PROT_READ | PROT_WRITE) < 0)
 		panic("protecting stack failed, errno = %d", errno);
 }
 

Original file line number	Diff line number	Diff line change
`@@ -20,8 +20,7 @@`
`20`	`20`
`21`	`21`	`void stack_protections(unsigned long address)`
`22`	`22`	`{`
`23`		`- if (mprotect((void *) address, UM_THREAD_SIZE,`
`24`		`- PROT_READ \| PROT_WRITE \| PROT_EXEC) < 0)`
	`23`	`+ if (mprotect((void *) address, UM_THREAD_SIZE, PROT_READ \| PROT_WRITE) < 0)`
`25`	`24`	`panic("protecting stack failed, errno = %d", errno);`
`26`	`25`	`}`
`27`	`26`