From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 71ECBE728CC for ; Fri, 29 Sep 2023 17:06:20 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D57BA8E0002; Fri, 29 Sep 2023 13:06:19 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id CE00E8D00E3; Fri, 29 Sep 2023 13:06:19 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B5A048E0002; Fri, 29 Sep 2023 13:06:19 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id A37088D00E3 for ; Fri, 29 Sep 2023 13:06:19 -0400 (EDT) Received: from smtpin12.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 68351120B75 for ; Fri, 29 Sep 2023 17:06:19 +0000 (UTC) X-FDA: 81290263278.12.001BA09 Received: from mail-pf1-f172.google.com (mail-pf1-f172.google.com [209.85.210.172]) by imf13.hostedemail.com (Postfix) with ESMTP id 8A0602002A for ; Fri, 29 Sep 2023 17:06:17 +0000 (UTC) Authentication-Results: imf13.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=JycqsbP3; spf=pass (imf13.hostedemail.com: domain of keescook@chromium.org designates 209.85.210.172 as permitted sender) smtp.mailfrom=keescook@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1696007177; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=rxYI9ulX5XzPX5XOXonON+SMQGYguOvm0R6V5aclg6A=; b=Rmkt+gcfW769wxzP8xHZNB4ADbt8FLlFQ1k8nNM1seFZ8nZD/p4eKRbgTRzULF2Y5LYDdW c6Yd9Buu7Ee2zEzC2x6cQx3uw+NR8KYiDnh5d1UfrQggnuxRaO3pVt/qxy+SwFTdSE1sut KPP25KzSYu6OSgR+0TXQob9eNxgLmbw= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1696007177; a=rsa-sha256; cv=none; b=xn4ItXXXhb6QzROab0ssUv1TRjVGml3n09lP6ZS1fknqjYClC5p0S9vWtEdD+AhxWGHHiQ HQfJJwPrY3SNESCPzKRiZdEgWV5wxsi+LGWkL8uTRMfp7pxKHglnOGgveoUbR7i+rUYSdq aJilHP1xB+JJHIdr+hc7qUFwIDYJ7kU= ARC-Authentication-Results: i=1; imf13.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=JycqsbP3; spf=pass (imf13.hostedemail.com: domain of keescook@chromium.org designates 209.85.210.172 as permitted sender) smtp.mailfrom=keescook@chromium.org; dmarc=pass (policy=none) header.from=chromium.org Received: by mail-pf1-f172.google.com with SMTP id d2e1a72fcca58-68fb85afef4so12257349b3a.1 for ; Fri, 29 Sep 2023 10:06:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1696007176; x=1696611976; darn=kvack.org; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date:from:to :cc:subject:date:message-id:reply-to; bh=rxYI9ulX5XzPX5XOXonON+SMQGYguOvm0R6V5aclg6A=; b=JycqsbP3sRrPcZ8yHA26qRk2KdbU+0EqnXS+xR6X5aUj8OV8KFOTZcYRb0ou/Iz7i5 q6HAYQrGYeU+mXNcwkAuAEWQPJZ2EUFfVS7SSWaijLMck5k9NrZ4RF4vpBf912dIa5Rc dGOvh4qNIBfy+shJSD61iQDBXjcJnF6E7D6pQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1696007176; x=1696611976; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=rxYI9ulX5XzPX5XOXonON+SMQGYguOvm0R6V5aclg6A=; b=itb8llcwV/eFTR4I1BVQpZdhOvm5BwMfMFG/r/RbxwzAjVJs5CFa3mU07KlBRvbGKd LzsIUzAb1bngDvrkmgfhxg33FT8Yw80RPUIpAvr7i3kZNzPRFgyydiBM75bp6klxO1sY hupUtnYa90xa0EfHFalAUbp2il4BHaH5LLRtM3NscxcvPOcgRquz9uXGgMTnZLNZZ1Rf t5Bw0fxNX9+Q3gPAtEm2K+ti/hwOG3c4MdXl12OQJELjy/xP5VHkHu/RoKa1kVzJBGKH w9HJbfCUGOdlx8u9BUMhwq5z1xZSDJ+lhhY85N/W2wRiauwgDJ6v9NVIRig5956rEvbi IHYA== X-Gm-Message-State: AOJu0YxbNkK+mogDcgljX4ZdlqutzwRmjReEOGyGyEjXoCdKxiIlVKxE MfwXOdd+NfamAbhp5+9NRVam5g== X-Google-Smtp-Source: AGHT+IEEm0cgYM95RhBy+hVCohyjsNc4BHxivmWx4iHFGWyTUfY+kiazqEJ0Uju7DJ50x2sjMqjMDA== X-Received: by 2002:a05:6a20:3d04:b0:153:7978:4faa with SMTP id y4-20020a056a203d0400b0015379784faamr5859933pzi.37.1696007176255; Fri, 29 Sep 2023 10:06:16 -0700 (PDT) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id fk1-20020a056a003a8100b00682868714fdsm15810970pfb.95.2023.09.29.10.06.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 29 Sep 2023 10:06:15 -0700 (PDT) Date: Fri, 29 Sep 2023 10:06:14 -0700 From: Kees Cook To: Pedro Falcato Cc: Eric Biederman , Alexander Viro , Christian Brauner , linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, Sebastian Ott , Thomas =?iso-8859-1?Q?Wei=DFschuh?= , Andrew Morton , linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-arch@vger.kernel.org Subject: Re: [PATCH v4 4/6] binfmt_elf: Use elf_load() for library Message-ID: <202309291005.80DD5F55E9@keescook> References: <20230929031716.it.155-kees@kernel.org> <20230929032435.2391507-4-keescook@chromium.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Rspamd-Queue-Id: 8A0602002A X-Rspam-User: X-Rspamd-Server: rspam11 X-Stat-Signature: gno6zf4sbh8smkiy9dew84kapi9c5718 X-HE-Tag: 1696007177-71091 X-HE-Meta: U2FsdGVkX1/8uRiXehcSSXt7sXjjpmBIjW3gSC5sTYHM14AWOUgaU+cH6ws0s2RtdRDdT/bUyMddNcxGCbrIDVGVL2LODa3sjvjYdO47d97nx71kvK/qGSHK17IgaOhu4/PeSYYshlSeR8zvwQL3aHvfDCKwnr+9v/7foEmz7QNFkwQvEEAIOv2mNf1wjwIYw149ri34td2Xk/mcUk0brReeE7TNZCuxvE8auhsrANAywOmWVhBgcQ7hdBfhDly4zVlNKVCWWSY5QsgLdSt+rfZAiPcDgsc/ABdu7fr961b15S6kC11bIelzuYmhgebXlNv+y7ZTYL6aR3ewnW76flNcsqHbA1E14Me2HQjyJ0krIU6TgoREqCjd+UI+Wkuu6rWnYlyMOkxa7eSuDSKa34zJ0Y4x98mpzvrtTf4vb/AL3G2Qg/wcrUp1ms9XRohwi/Vcft1yvy6Q2HR1rWm1E6/+m4bXbvVFc8b1XBaVIZH8w1DVqzXSoUsQNdXiEhmg9MrT8XzFkgWCre1ASO6dmIMIZx5+x/NxhbCMi5BCO54RX9dSCWdXn6EnmDV+B8XksEo1nz8iuHASYm0np4qj6FDshBB/q3U+HjpxizOB0Z2vrZevk6NbnTD7AeB5WFfGl3fkmw3DvRU9qwYC9Uk9AmrHmbzdIKp6bCKzeKegdTm0EEn095C9Bd4+UrPIERgHGuNs94PUKteO/wKsssxd8uRsLEddUq46zLjC3mzMK0iQrjB5l6OcAto5t5UamredLkFU+O5Klzm1g1otfEVrLTGhdEpQCTPtyrZc7qo55adu8hYsOocS347Qs4JoIaB28nqqrjl8WxcKogRV3rBjWS/aHyT/vWcguOYIA/pfuBPCgOiyRuLTjMY0WSzZPFKv2tVCLIRlouA0PlK9h34OVP8k5VRvFLYCnXHnqVKmERLuolks9ixke1mfJuZEvWgeUNxTlB5m/mfteHrm6o3 bq/UN4ad t+2csoxLOHs4k0CO02BHAyD010+AEgbSK6FornACKVG9DwUhldaQamXwnxgCze9AJ+yDz7UBYb984YzTxu/zuk1MkS0xPpBEh1zeUfZGMTikIM5xfpkMv8WSK7HMLIer0v7lLGY6IGtJDAxB2FC4Fki4gYpd9bTdf5Zf9aPCa7SZiUhtPv7mJalSqKdtGCjGNHTkpFDR76E5N042GQjTXCLyBAYQ2zuEFwSP9Wi7Ba9wBl4Ztwihz1yLTkMnW6QHt+dPi7IXZhz1pEssdnB/qnB6Rm5tLCN5trVqpy4MX2Fta9Fti8Oeg4zg1BfNGP5y74l5MdxvuNlsbGOITlGS48CG+R9FKfANnhk7OLNXh/Hrntlss2/F5CLqq4n4LfAH1SItneDBV3TuYJr3jR7NOxJbij545g2V37fmcJk1IZUXeMtFhsWdm72dN4xV2NNuimRCu+h98yLdWNgya0uOCq+3IgJW/pcca4owmCozxrHCfThiphF3HlFG9TDmcij4T8fH2BsPcNXgoRqgcavW8UE3tCA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000015, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Fri, Sep 29, 2023 at 01:12:13PM +0100, Pedro Falcato wrote: > On Fri, Sep 29, 2023 at 4:24 AM Kees Cook wrote: > > > > While load_elf_library() is a libc5-ism, we can still replace most of > > its contents with elf_load() as well, further simplifying the code. > > While I understand you want to break as little as possible (as the ELF > loader maintainer), I'm wondering if we could axe CONFIG_USELIB > altogether? Since CONFIG_BINFMT_AOUT also got axed. Does this have > users anywhere? I can't even find a libc5 image I can test. :P I made it non-default in '22: 7374fa33dc2d ("init/Kconfig: remove USELIB syscall by default") I'm not sure we can drop it entirely, though. -- Kees Cook