Hunting the execmem issue on Debian sarge + SELinux
Ok, time to dive into the kernel and find out what “execmem” exactly means:
/*
* We are making executable an anonymous mapping or a
* private file mapping that will also be writable.
* This has an additional check.
*/
Basically, this appears to be a mmap with PROT_EXEC and PROT_WRITE.
Now lets see if I can find where this is used in pthreads, and if I can just remove either PROT_EXEC or PROT_WRITE there…
Okay, most likely, this is the offending line:
nptl/allocatestack.c
static int allocate_stack (...
mem = mmap (NULL, size, PROT_READ | PROT_WRITE | PROT_EXEC,
MAP_PRIVATE | MAP_ANONYMOUS | ARCH_MAP_FLAGS, -1, 0);
So pthreads stacks are executeable memory by default… but disabling that sounds risky to me… :-(