From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id E4392C4345F for ; Wed, 24 Apr 2024 19:21:41 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 59AAD6B02E9; Wed, 24 Apr 2024 15:21:41 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 54A736B02EA; Wed, 24 Apr 2024 15:21:41 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3C4256B02EB; Wed, 24 Apr 2024 15:21:41 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 19B166B02E9 for ; Wed, 24 Apr 2024 15:21:41 -0400 (EDT) Received: from smtpin28.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 835DB1C127D for ; Wed, 24 Apr 2024 19:21:40 +0000 (UTC) X-FDA: 82045394760.28.7F36E29 Received: from mail-ot1-f42.google.com (mail-ot1-f42.google.com [209.85.210.42]) by imf22.hostedemail.com (Postfix) with ESMTP id 9C53EC0007 for ; Wed, 24 Apr 2024 19:21:38 +0000 (UTC) Authentication-Results: imf22.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=L41sC5Wb; spf=pass (imf22.hostedemail.com: domain of keescook@chromium.org designates 209.85.210.42 as permitted sender) smtp.mailfrom=keescook@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713986498; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=rNHLJopld4jqnJrZ1oiAAgxTAlpul98lFx9bY2o4kLg=; b=nI00ZPT/gCng2+ee3706l5z1I3N2+VMzyAZg/ryfJ6EQyxot+ptdvlS7rKsU6iqHRprpe1 sdKX2qefPDYzKHDd0bYj+I+RpwkKEZr3RYGtjp5VDezOSnUwdCgqswP6qUXiGy6MkGBB+o qrjTeCR6O5QLT2xbeBrwCsG2K1zHm3g= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1713986498; a=rsa-sha256; cv=none; b=ntv+Huo281p4L7HKFquXIDrDOfp7k9ww+t12X8BV7+g4gEuKms85AuFN8BqcDXLMgasQhY Sbf75FhDiOl7l3v87UV0yuDje4uA95mLhnhsCZkK8nfO2E0Tu2i7BqChqCcSVrBo2XYoao 1ctY9EyTYWKJzIOLQ7sUTedkwB7JeMs= ARC-Authentication-Results: i=1; imf22.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=L41sC5Wb; spf=pass (imf22.hostedemail.com: domain of keescook@chromium.org designates 209.85.210.42 as permitted sender) smtp.mailfrom=keescook@chromium.org; dmarc=pass (policy=none) header.from=chromium.org Received: by mail-ot1-f42.google.com with SMTP id 46e09a7af769-6ea26393116so178305a34.0 for ; Wed, 24 Apr 2024 12:21:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1713986497; x=1714591297; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=rNHLJopld4jqnJrZ1oiAAgxTAlpul98lFx9bY2o4kLg=; b=L41sC5Wbl/vp2SQblkknz6Y3PzdPpzkpy8k+adPoD+AR/hMviXbHYT6DAGcnmoa1YG 9+sM8WakTp+C7sGDrcCbn2OGalVMPL3uacqVxfpgI/Qvp4db+cSWwISn5JD2FMG/9rxl eN5t6mF/Up3JJa17LJzkqln8aBfdmeRM/ni1w= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713986497; x=1714591297; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=rNHLJopld4jqnJrZ1oiAAgxTAlpul98lFx9bY2o4kLg=; b=RbhE7+VqTIdX5HpONaFQhFoqp+fxwhv3+FncmROV5dSoRXYfaKqOaLQaKPB8Hy1NlN vwoLp+nukXyv804YacAzsAy1z/hemJJgGBijD5jer+83EVxjvXPP5Y2dGF6fie5876iH trvIIzP/gE6xY58+FNb/8Dw1BOsqZepUaJpT7T/Q1No8wo4Y3HTkexfjnQz81wujzRWy s7SqkkuQOdwX2onm7eiPyLPvhvwhHdJ05/7PnuVQaEaHxNnaflrvXY0j2Ge5wV8rdu+K MbTioK9S++T7/rVe2m+8+AiUtN2GpNOy/pmWtVGLwvzTBS2/1fPnNM6Zw0kaOZgZkFuE +fUA== X-Forwarded-Encrypted: i=1; AJvYcCU4HOUffKtTcY1dPnUkHtOM8lrGnhePm0fVntD+lJFnBCKm5rJF/om2lH+Vx6Xy+NjPcMejXecONo+iPuW0otCt+D0= X-Gm-Message-State: AOJu0YwVf/QRgqnLyPKaQ3Nymg7y2278IvfZ+QoA+Q1t68uy5FAOv938 OtotJ8E61DRzJMAI1hATcRCQ6L8MzOo1C/kOjf228uAZj/WYica5wX5wegE2xA== X-Google-Smtp-Source: AGHT+IFuqgGNw1ep4y54aPm4dQmLi99sxiEQ9YbOo91SW07Q3tBMI8FSl2WHIOI7cdyQhNEZyiSynw== X-Received: by 2002:a05:6830:1d6f:b0:6eb:7685:b00 with SMTP id l15-20020a0568301d6f00b006eb76850b00mr4093982oti.28.1713986497681; Wed, 24 Apr 2024 12:21:37 -0700 (PDT) Received: from www.outflux.net ([198.0.35.241]) by smtp.gmail.com with ESMTPSA id l26-20020a65681a000000b00606506a95bbsm1425110pgt.13.2024.04.24.12.21.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Apr 2024 12:21:37 -0700 (PDT) From: Kees Cook To: Jiri Kosina , Kees Cook Cc: y0un9n132@gmail.com, Geert Uytterhoeven , Alexander Viro , Christian Brauner , Jan Kara , Eric Biederman , Christophe Leroy , linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Peter Zijlstra , Qi Zheng , Alexandre Ghiti , Josh Poimboeuf , "Kirill A. Shutemov" , Rick Edgecombe , Brian Gerst , Bjorn Helgaas , Tony Battersby , linux-kernel@vger.kernel.org, x86@kernel.org, linux-hardening@vger.kernel.org Subject: Re: (subset) [PATCH 2/2] binfmt_elf: Leave a gap between .bss and brk Date: Wed, 24 Apr 2024 12:20:58 -0700 Message-Id: <171398645483.3089364.2691527690120638755.b4-ty@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240217062545.1631668-2-keescook@chromium.org> References: <20240217062035.work.493-kees@kernel.org> <20240217062545.1631668-2-keescook@chromium.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit X-Rspam-User: X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 9C53EC0007 X-Stat-Signature: m96eed34eykids519x66zeu416wbytj6 X-HE-Tag: 1713986498-871178 X-HE-Meta: U2FsdGVkX1+eHoGuUOnCDffBQMnDItRAC3mWMMiT9OmVfkl+1c2aFagTjRmqieH9m3EYdeFWPmKLdYxnuLcQBv00tZKhBmEAP+VyM6yg4Lk88pe46ekFkWqniqyIO+MRf3BSaxZdvRm7B4qtfez04ItL6Prmg92I01MPyJZusHCRSkZW3RCHh0xvcanmMKXIA/imYzk//NOrkJ0+hT8v4awlXrIHs8xmyXXPE2RZsyGa2iv51A5cMfcP8bMp6yNLC8+LwdxBHFNqRISyqygX2w9Deh9RzZpJcsL5LGdLchoqnvOJ7nw4GSgOVNDfi/qTj6DPDVnY8c6qCCJ6m0qaUQCQeMJgT7f32XMiMDFDzLW4isTUxt4n9oAQpCqcA3zV2ZFTNyIdc7fvunozMd2my+EFqUabKeu6CaWz1EA2nuFFnxtVMHnQ4tDK+KqKo80T6yp04xdCuKWM4C4jWf8HHzlZXcVOv1Gk8SNGXLl2Z15T7d0tlWQPMs1/aA3AUdpccPQSPPBxOQxseZbgK+/KmHYYzqVBDKlC/1SXeYQU+k9nIils5nopAsgKB2USOtZ8P3qeWmsQlvhhFkQZN6D4oe7EMw/Bb2towWEYbX5gLYZ3p9wdbWmHl5NslDmmaOK31Jzw7R/Ox4LVCQ0kTnm8hK89iV8Ca1BJY4VN1LFV/jM726LY0WAsEqry0NBgjvBvCS9y1+KFDI3SNIhNXvGEFc2pcps8zUG6W6Uu9QpvJyZ+7xuXBeF6KQfFO7MDv5ppBG0dZybMhivnvb0/63clU7zrbGbY+N45Ls3yVfH8kOaapCHHe4j5zeMDHEczq7++GQ7TzB0EXtifJyffFjtsAHP25FvPr9/wQ3c8mq+A0ZFkVV1q03u9/CcjJrbgryRdRHe+aKsC0qYEK/xsQ5c/RYqyjDstDQDHFydKmVKwz4Tq2OhQw2pRBF8Ff/yNVq7d+8Y5ujDXLV9G8xlZkpp /jin28iq 7P1IY4qtC0v5eiI9fjWdF2UNTd28KH8rUECys6N5rFEqNVbVyvNXcIXggBEGPqnkaL9kRVO9ATB7gpcHzT0ujUaTzQGgqYQYxro+xGWD2PclhIEOs+nQl1Qq8a1vO359dFvDopy0BPWbCuCqIZvbHgUsQORT36bmGDhQIPx1WYWhEhSRhFRC0q6SVRc04vrUJfkIN3A7LTZyF0al+rBJdDiYn9PkJYPV8Yk7BI1/cWOyLQdCaiGZN0rNMcCak9GJWRctcP+8742vMcG54mAqlvhmdoJu+yt75lyM5NWPa8/4WaItkVaBTuPl+Ds56DKQBFhwJgKt44OqiYi1HlJ49b1HkPEcLILjTqSl8TTzDiZtU2UmWHS9r3sizU78AfLgOT/lNp0pTCePjgl2mZ7FXw/o7XsUpBgGHj562f0zNczo18MWJ9klxvjvGegyN5iiKIIaljCBAdDVkc8Q= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Fri, 16 Feb 2024 22:25:44 -0800, Kees Cook wrote: > Currently the brk starts its randomization immediately after .bss, > which means there is a chance that when the random offset is 0, linear > overflows from .bss can reach into the brk area. Leave at least a single > page gap between .bss and brk (when it has not already been explicitly > relocated into the mmap range). > > > [...] Patch 1/2 was already applied via x86 tip, so I'll grab this one for the execve/binfmt tree. Applied to for-next/execve. [2/2] binfmt_elf: Leave a gap between .bss and brk https://git.kernel.org/kees/c/2a5eb9995528 Take care, -- Kees Cook