From: Arjan van de Ven Even though there is a global flag to disable randomisation, it's useful to have a per process flag too; the patch below introduces this per process flag and automatically sets it for "new" binaries. Eventually we will want to tie this to the legacy-va-space personality Signed-off-by: Arjan van de Ven Signed-off-by: Ingo Molnar Signed-off-by: Andrew Morton --- 25-akpm/fs/binfmt_elf.c | 2 ++ 25-akpm/fs/exec.c | 1 + 25-akpm/include/linux/sched.h | 1 + 3 files changed, 4 insertions(+) diff -puN fs/binfmt_elf.c~randomisation-add-pf_randomize fs/binfmt_elf.c --- 25/fs/binfmt_elf.c~randomisation-add-pf_randomize 2005-02-22 18:16:05.000000000 -0800 +++ 25-akpm/fs/binfmt_elf.c 2005-02-22 18:16:05.000000000 -0800 @@ -760,6 +760,8 @@ static int load_elf_binary(struct linux_ if (elf_read_implies_exec(loc->elf_ex, executable_stack)) current->personality |= READ_IMPLIES_EXEC; + if (executable_stack == EXSTACK_DISABLE_X && randomize_va_space) + current->flags |= PF_RANDOMIZE; arch_pick_mmap_layout(current->mm); /* Do this so that we can load the interpreter, if need be. We will diff -puN fs/exec.c~randomisation-add-pf_randomize fs/exec.c --- 25/fs/exec.c~randomisation-add-pf_randomize 2005-02-22 18:16:05.000000000 -0800 +++ 25-akpm/fs/exec.c 2005-02-22 18:16:05.000000000 -0800 @@ -877,6 +877,7 @@ int flush_old_exec(struct linux_binprm * tcomm[i] = '\0'; set_task_comm(current, tcomm); + current->flags &= ~PF_RANDOMIZE; flush_thread(); if (bprm->e_uid != current->euid || bprm->e_gid != current->egid || diff -puN include/linux/sched.h~randomisation-add-pf_randomize include/linux/sched.h --- 25/include/linux/sched.h~randomisation-add-pf_randomize 2005-02-22 18:16:05.000000000 -0800 +++ 25-akpm/include/linux/sched.h 2005-02-22 18:16:05.000000000 -0800 @@ -735,6 +735,7 @@ do { if (atomic_dec_and_test(&(tsk)->usa #define PF_LESS_THROTTLE 0x00100000 /* Throttle me less: I clean memory */ #define PF_SYNCWRITE 0x00200000 /* I am doing a sync write */ #define PF_BORROWED_MM 0x00400000 /* I am a kthread doing use_mm */ +#define PF_RANDOMIZE 0x00800000 /* randomize virtual address space */ /* * Only the _current_ task can read/write to tsk->flags, but other _