This needs a fixed toolchain, and a userspace rebuild to work.
For these reasons, it's had difficulty getting upstream.

ie, Fedora has a new enough toolchain, and has been rebuilt, so we don't need
the ifdefs.  Other distros don't/haven't, and this patch would break them
if pushed upstream.

--- linux-2.6.26.noarch/security/selinux/hooks.c~	2008-09-25 14:11:17.000000000 -0400
+++ linux-2.6.26.noarch/security/selinux/hooks.c	2008-09-25 14:12:17.000000000 -0400
@@ -3018,7 +3018,6 @@ static int file_map_prot_check(struct fi
 	const struct cred *cred = current_cred();
 	int rc = 0;
 
-#ifndef CONFIG_PPC32
 	if ((prot & PROT_EXEC) && (!file || (!shared && (prot & PROT_WRITE)))) {
 		/*
 		 * We are making executable an anonymous mapping or a
@@ -3029,7 +3028,6 @@ static int file_map_prot_check(struct fi
 		if (rc)
 			goto error;
 	}
-#endif
 
 	if (file) {
 		/* read access is always possible with a mapping */
@@ -3024,7 +3022,6 @@ static int selinux_file_mprotect(struct 
 	if (selinux_checkreqprot)
 		prot = reqprot;
 
-#ifndef CONFIG_PPC32
 	if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) {
 		rc = 0;
 		if (vma->vm_start >= vma->vm_mm->start_brk &&
@@ -3049,7 +3046,6 @@ static int selinux_file_mprotect(struct 
 		if (rc)
 			return rc;
 	}
-#endif
 
 	return file_map_prot_check(vma->vm_file, prot, vma->vm_flags&VM_SHARED);
 }