On 08/04/2021 21.57, Laurent Bercot wrote: >> 1) I think I misunderstood how the kernel warning works. It may only >> apply to images that the kernel execve() itself directly rather than >> to any execve() syscall. > > Looks like it. Otherwise, I would have seen zillions of warning messages > in my kernel logs, with all the executable-stack binaries I have > apparently been running. XD
It's checked for every execve, but it's a pr_warn_once(), so if (one of the incarnations of) PID1 triggers the warning, nothing else will during that boot. Rasmus
