From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5D40AC3DA4A for ; Wed, 14 Aug 2024 17:00:59 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id EC0856B008C; Wed, 14 Aug 2024 13:00:58 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id E72686B0096; Wed, 14 Aug 2024 13:00:58 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D38AD6B0098; Wed, 14 Aug 2024 13:00:58 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id B742E6B008C for ; Wed, 14 Aug 2024 13:00:58 -0400 (EDT) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 5B9541210C7 for ; Wed, 14 Aug 2024 17:00:58 +0000 (UTC) X-FDA: 82451465796.10.7C48307 Received: from sin.source.kernel.org (sin.source.kernel.org [145.40.73.55]) by imf24.hostedemail.com (Postfix) with ESMTP id 3FF80180030 for ; Wed, 14 Aug 2024 17:00:54 +0000 (UTC) Authentication-Results: imf24.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=FsXbUB8V; spf=pass (imf24.hostedemail.com: domain of kees@kernel.org designates 145.40.73.55 as permitted sender) smtp.mailfrom=kees@kernel.org; dmarc=pass (policy=none) header.from=kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1723654783; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=VyFnONH0s19mn8KL6pLkuiZiOVt3lJxYC5SojE3xiiI=; b=0cbNmJZEOysfG7p8WmTTC1Bdjo0kvPxqQjbG49P7y+Q8sD+phf/GzZs2x1uV3RdN74RZCp z4V/yhPCQzvDhCcTefAWDEQbsSmHTv5xyT/z66TC46L7LzqEFocAGtiXneqQ/Y7E0KohOr T0CS7aHeDEgkqtG/wYvK2t68E5psBtU= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1723654783; a=rsa-sha256; cv=none; b=ghkIDhPs2GlmKsMV315xhkj6q/FV6I3iW8b26bV6X78PpE0U0cjCvR/60MtLp5MOVXDuH8 WahaRsfR0oMdqEfr3njNfXUY/H2+i7tXKZasr3qH5+M6LOJtbyNZInPL7LeaXZF/21FDIL RWaTkzLTJBmiDruUCk9MvWStR6HnhUc= ARC-Authentication-Results: i=1; imf24.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=FsXbUB8V; spf=pass (imf24.hostedemail.com: domain of kees@kernel.org designates 145.40.73.55 as permitted sender) smtp.mailfrom=kees@kernel.org; dmarc=pass (policy=none) header.from=kernel.org Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by sin.source.kernel.org (Postfix) with ESMTP id 6713DCE1A6D; Wed, 14 Aug 2024 17:00:51 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2E575C116B1; Wed, 14 Aug 2024 17:00:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1723654849; bh=wbO7ucUoXvbBcCVpFMs1yHhmKcKeSaruFWxVAtNHZV0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=FsXbUB8VFtAetBwRuYuGCoVKoxpVYqgY6o2qHu8JOG3AKt9dmzTpF83knu/kC/C6o BKDOVSEKYXwL3zE7zVqrGxJy7/mmfr3p0QjVCOkoFUJWPFJuLkwFcNGqHCUB6k8EP4 QWIr38ZQKo1ECDHjN/FKYfdGK5Q/vhs8P3ZvBYVQOxUx6YSyzOLqSttY/6rSX58i7i 7Lz2vbNSVhgg9t03gzjKa0ZGt4Z5dhPWrJcKuwx6cVN8FrGKhNb2j9izeGs3/vF9V0 8ExF5/7+RPe0rRQ/f6qLQJAuxyaP5L1PQU8ZmrZNuPQjQtoLUKrCWXRjrKMuREuNnz ABJuj2L+tXrFQ== From: Kees Cook To: akpm@linux-foundation.org, jannh@google.com, sroettger@google.com, adhemerval.zanella@linaro.org, ojeda@kernel.org, adobriyan@gmail.com, Kees Cook , jeffxu@chromium.org Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH v2 0/1] binfmt_elf: seal address zero Date: Wed, 14 Aug 2024 09:59:47 -0700 Message-Id: <172365478431.4159848.371478248517217096.b4-ty@kernel.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240806214931.2198172-1-jeffxu@google.com> References: <20240806214931.2198172-1-jeffxu@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit X-Rspam-User: X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 3FF80180030 X-Stat-Signature: p8aqyhexw8dxzfp7x9pdik9pdya8atgt X-HE-Tag: 1723654854-691821 X-HE-Meta: U2FsdGVkX19ALwnG1Aw3eqb0blDzJt8SqQBQPGdl8OxSJJBTq8s9JjaI4MedJ65NYHG9LvXJj1plVfaNiDvNAIMfVG9pxl57TVMPzVtcJWjWqNOE3uGBEzLar0DMDH9I+OViH03o+GOwbJ69/PESoLJCMUnedcwWPy6Fj+Xgk7i6uq2DYpcKzOvHkh3qiT1Wfmi9eCAgBctVXGuhfLCGBoWiLpe0yFkcgPKWumGnDcOqUQZMvSmvT5vZdeqjj3II4Um2BM1k/OGEKQz6J4W6khSjdQZyrnXPfyJNJltX1L53pPc4pEsf7kKC15LFihRaV6TpNQ6WwM0HoneHjvpjW0VLE6/gVN61VZHDU9AMeAR1h2GkEeVB6JcKMjmc+BQpTMyCzAbcEVrAPSFtif7D6yRtVlVm80cOmYxrfTEb3dLoDM0OIYzUSTLrjcYzPDkZ9N73MIX/7A/sBFB5hrl5771Y1BtIy/XHK2TjM/rt06yqZVdruVTM7VXavjJ0sMf4NIeR/QhVtWjbZtUF3x8GpcpMtGKgdnSs4nOjw9hQOA9s8anwFkP3JUsFWzyCnb+FH8GKy1pdBpo7IwvFKQlXEkDNzeO7x+4QZEL6EZbo/66JKyI/3MYgUepit5JTdzOtnqWFh5jX6QUDXkCPsarTeq8lnaWLFE8DGrppGIotNRgbyqNsEVoMFOQfNZHVbCErCLeAWzZE3cn8hAd9vKNvV2B3/K4yZsM/qtA7NMD9V9Bp6FiPTXlzDSTYRu+peioKq0nGIoUmGfAcliqngL0OpydmcvdRLhDuBrbbMZD56Guh6vBj3SQdDrqWbl4u2bCFrKFxYYetG4jq+DiIv6c0XtoS+b3IU9RsOafP16IMw6TRw8Bvuvwy21to23kn0v9XnKILw4n/PjD56Qb1wfb0lQvNArrpJUU0UDYbpCa6OSKElZ9rR4Vj1w6evQ7F7YS42B65L/X/CTE+vWjLKDb b+b8jJzr bwgfw9ZNhbvNoZyUEU6iqxG+zU3PVZZHRdTRQsI6uQfOp3qAdhgPVXF6Ghl+cCYtrVMirUF6kfQrOmDtOXMQCkAO8XBPq0rqbXe11Zgu7JB0UcylqHAUbe3zsjDEprN0IWyr11YsPZkL/C8annOPX1BJARB5rGoJodYcG7H1ZYfAOGJgkgmPpktg6ynGDrhqJ8gY3lMoSKA8d5Au+NxD7gOD0rdAfE18zWSA3XmVQTwqtIs6VHs4H5GcDXzBECoME8Q66ZgKxZRK6dG6B2UQgR0mT/nSpSUU2ycWJD+dHqC3yVDVnG1nq+SjBa2lBHURz3lNG4tt0xD5szyKhSvHlIJLl/99bTwHFqZRAu6SWMMASPOPpNtw+QLLJqQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000518, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, 06 Aug 2024 21:49:26 +0000, jeffxu@chromium.org wrote: > From: Jeff Xu > > In load_elf_binary as part of the execve(), when the current > task’s personality has MMAP_PAGE_ZERO set, the kernel allocates > one page at address 0. According to the comment: > > /* Why this, you ask??? Well SVr4 maps page 0 as read-only, > and some applications "depend" upon this behavior. > Since we do not have the power to recompile these, we > emulate the SVr4 behavior. Sigh. */ > > [...] I added the cover letter details to the commit log and changed pr_warn() to pr_warn_ratelimited(), but otherwise, looked good. Applied to for-next/execve, thanks! [1/1] binfmt_elf: mseal address zero https://git.kernel.org/kees/c/44f65d900698 Take care, -- Kees Cook