Detecting that a mount point has noexec set before calling exec() on a file?

Question

My program calls exec() on a binary that has been written to a directory specified by the user. If the directory resides in a tree mounted with "noexec", the exec() fails with EACCES.

Instead of failing the exec(), I would like to be able to figure out if a directory was mounted with noexec, but none of fcntl(), stat() or mount() return this info (from reading the manpages). Looking at the kernel source for the exec system call, it looks like this info is stored in the metadata of the inode, and I don't see this info being returned from any system call.

 673     struct nameidata nd;
 (..)
 677     err = path_lookup_open(AT_FDCWD, name, LOOKUP_FOLLOW, &nd, FMODE_READ|FMODE_EXEC);
 678     file = ERR_PTR(err);
 (..)
 682         file = ERR_PTR(-EACCES);
 683         if (!(nd.mnt->mnt_flags & MNT_NOEXEC) &&
 684             S_ISREG(inode->i_mode)) {

Does anyone know of a way to do this?

Thanks.

Answer 1

You can use statvfs()

struct statvfs st;
inr rc = statvfs("/mnt/foo", &st);
if (rc == -1)
   error();
if (st.f_flag & ST_NOEXEC) {
 //no exec flags was set
}

Answer 2

Did you consider reading /proc/mounts then determining which file system your program binary resides on, perhaps using statfs(2) and/or realpath(3)?

But you always should care about, and handle, the failure of execve(2) and related exec functions, which can fail for a variety of reasons.

^{There are many ways execve can fail, and some of them are not easily reproducible; likewise for the failure of fork or any other syscall.}

I would either leave and report the EACCESS error (of execve), or, if you absolutely want to catch & explain more the noexec mount option, do the more complex thing (statfs and/or realpath and scanning of /proc/mounts or /proc/self/mounts) after such an EACCESS failure.

There is no much point in testing a binary path before execve-ing it ... just report the error after...