From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 55465E728CC for ; Fri, 29 Sep 2023 17:09:22 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DCE1A8E0003; Fri, 29 Sep 2023 13:09:21 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id D7E898D00E3; Fri, 29 Sep 2023 13:09:21 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C47068E0003; Fri, 29 Sep 2023 13:09:21 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id B1B418D00E3 for ; Fri, 29 Sep 2023 13:09:21 -0400 (EDT) Received: from smtpin25.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 72FB4120C82 for ; Fri, 29 Sep 2023 17:09:21 +0000 (UTC) X-FDA: 81290270922.25.A29115C Received: from mail-pj1-f45.google.com (mail-pj1-f45.google.com [209.85.216.45]) by imf11.hostedemail.com (Postfix) with ESMTP id 83D2740015 for ; Fri, 29 Sep 2023 17:09:19 +0000 (UTC) Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b="ICLk2o/X"; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf11.hostedemail.com: domain of keescook@chromium.org designates 209.85.216.45 as permitted sender) smtp.mailfrom=keescook@chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1696007359; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=deGBloOMDVyisXpRq7z1cbAOp1P4FMweZQk3k+cDqXE=; b=ptQHn+wUww59Rpz5z6O6EVjH1LEj97veVvdaWvsm0WSGCXA3yM3cQir7tm+zWZDBHq9Utu na47Jwzv864PvVeem/V4Ya1NE+KnUZaTbSSrF9OXWwHg9mhmusbg9OwRoZxlLx4oF1v3gG L/cuY6wXcOLofmFC4ondvTifMdU6/0g= ARC-Authentication-Results: i=1; imf11.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b="ICLk2o/X"; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf11.hostedemail.com: domain of keescook@chromium.org designates 209.85.216.45 as permitted sender) smtp.mailfrom=keescook@chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1696007359; a=rsa-sha256; cv=none; b=r/spuzgQKC1KUiIFg+chpDITXRN7+G3SYBjn4RyV6lGevmf/GfUEUeEZZXJ/MD5cYFLrt7 DOvZVuqWZyLM2ZGzFTthGJmj9VFz9D/WT6jiOWb3djAlTdYqlawcAtglCCiC403rk3H29e GwzryBbyrasVu47AZ3bB3L3EJyzsHbk= Received: by mail-pj1-f45.google.com with SMTP id 98e67ed59e1d1-2774f6943b1so7987138a91.0 for ; Fri, 29 Sep 2023 10:09:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1696007358; x=1696612158; darn=kvack.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=deGBloOMDVyisXpRq7z1cbAOp1P4FMweZQk3k+cDqXE=; b=ICLk2o/XmnQQ+pA/fJ0mmb3kLTO2e4eyKKhZAS/gVMJptlBSVZ4t6vldbNUYPEn+Kx PZ4ie41Mun9RluWRo1N7fGJ9V94A16QZVYeK4G4nfNlO3LHp3vX6Fd8J7frI637nfdrl HQN4kcQAbUiDlE4Yh/xJ9Zsa6OopgE2tjSGrQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1696007358; x=1696612158; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=deGBloOMDVyisXpRq7z1cbAOp1P4FMweZQk3k+cDqXE=; b=ounj8VSslbcj840hsEZboSxKcY08Rn4AzQ1WKko9FPRyOcvKpA+dC7ER48AgmzcM97 7aGJ9fiVh25yqQNeqoaM6UHCC6Ek+SxZ68DRedHGjmigF+6dtyABmdJXEAwk/nX2de/b FHbKtABArrCtKFG73VVWnjyTOzprk0VT1jz+Os9LpMAMfzaOrXuJHFHc6JmLP1zwHLNB 7u8Lb0adnVcV/PE7GxRkjhK96tKIAayoakWX4SSN4tECVJYYMn2y9v+YNjllvuczz/ZI zZ6OMrvpMhLSMXg++0J3rnTZnpoxjhiUMQLapvdNzw5MybG7G2OR0514I9ER+cik9cE8 Ov5g== X-Gm-Message-State: AOJu0Yx1Nl9zYYyU+KHJnKTGvoANjDSLm4Vrkj8tH7rPY+pEUIUHHYMg RkFTscTWsBSw6+t/0UPD9lCacg== X-Google-Smtp-Source: AGHT+IHLVTOQ4nVYQ8HdmqbwBKA9K1DzJw40mT+QGwnZ2ewCFQ1ZJGmd3D5AE8sWdX/j80dyqzBFJQ== X-Received: by 2002:a17:90a:9d82:b0:26d:2162:f596 with SMTP id k2-20020a17090a9d8200b0026d2162f596mr4608964pjp.6.1696007358393; Fri, 29 Sep 2023 10:09:18 -0700 (PDT) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id t9-20020a17090a5d8900b00277560ecd5dsm1690993pji.46.2023.09.29.10.09.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 29 Sep 2023 10:09:18 -0700 (PDT) Date: Fri, 29 Sep 2023 10:09:17 -0700 From: Kees Cook To: Sebastian Ott Cc: Eric Biederman , Thomas =?iso-8859-1?Q?Wei=DFschuh?= , Pedro Falcato , Al Viro , Christian Brauner , Andrew Morton , linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH v4 0/6] binfmt_elf: Support segments with 0 filesz and misaligned starts Message-ID: <202309291007.A0640DD@keescook> References: <20230929031716.it.155-kees@kernel.org> <7ddc633e-c724-ad8d-e7ca-62d6b012b9e9@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <7ddc633e-c724-ad8d-e7ca-62d6b012b9e9@redhat.com> X-Rspamd-Queue-Id: 83D2740015 X-Rspam-User: X-Rspamd-Server: rspam04 X-Stat-Signature: h7wchhewkwwniw86wmid74dikbqr5qe9 X-HE-Tag: 1696007359-509554 X-HE-Meta: U2FsdGVkX18S6KYtc+xaMEV7nFgwbAH/fHYYxOcGZxve7c2f4M1xKhORXScWEUDXYAgOScdza8UdloxJkJN7DNeUZGOVgOU1V1bSTxNQw9Tk6af4tklkNIKU9Ehz5mHlyr7hg9yZ10aHmgyhyrgACSxWmfjjbgPsc5lHxsp3pLyNpAbnP/23VAOFugV2/R+HUmz69W6algYfHbYi1av2cwvcXU81PzNDquns9tlJdxBk38g+EcaTU5Sx0WRRBPSVZV/vKYo+JTI255c6iFIFnbPJHjaacVfcTwOEXNVGHPUDI2DWAJgBTaNKO1NHoGDmZcftbz4kAiVxO9OM0gZERiQfS9MYkesejmLQSfKRO0TtEB1PhSzBc41wo1MghrFr/ClRmXNJnReyRVL8lldHe/crYXplG+ms9J2cCGI8Ocu6CDG02wYaFEcGPmf0KMiZFihBvD/GgExI3YPXhyv7C0PyuX1IEAsFbbz1HyWorR6+8xgITdUCfMPz6ogqXZOx78KbbjBvPk8lBkKImCI1bMyENfsMAjShcAuY1frUviWL17aH1H3o9LjiYty0hn/gqequgQfi1y1mhRv/gO4mKR4PR4jkRYriAi4Kaf86TiJ6sG9qwzbnY6w9f/ffa+XRlKfyWZ9qMhNxht1gXAUKqz7UsY+hcgZi+Z/j0NSL+gXCYmda2YINrsyVMd1mTs2bGLbHBr3kJOFQgdS0rYHyDS0JK1QEgfae2GRCsJMXl1f5TckGE1/r2tn0B9+OYi3yXDD8wQlFa6Qp9eVDVFnZH7dxFz7sKIvIiOCEfzD1URVTiGlsWl6Qjp3rmFAcekBkzaRm5s5IC+xJImmhC6Wzb1yLYx2RKpEqIYXdGfW9D7PYVmnNdlmCyYHBR4kiu0irhoWuylQzghFA7gJEgKjnHxY3NawOH3KwIUvSxfNyODYmH2Hivu3M5tBXuKCXJUtphbrrp9xbN2mU9kaaFPI 0Pn598mw KfDtIIGYKWt5MxPA9W5Q6vXuwwzTFiLU9vROJtVLCbzXTSXvEVYlmvq8V3OVBrBFEjm4/MfgK3zGloomk0SzuHhfVyIftQCmwyWFXBLP4PmenKZXkglhcS4NXS4rMlbYM0wUvOGF1QY33WxOjnRN28kL8tSrL2mug7n3LX2Fy/C37FHFW/SQ9cTc+T+dlB+M/3eeE+8XQvh+zsLq73ldhEnCSljoKdT/Dqmtgd/32k65YWYJ0vhemJ/O4caVZI2YI9B1sG5ebrdU9sYm+AIw38/37YtH+oy2S2QkPwJtWv8128DoJZ7QomeYJsXDLWKmxlkrVSD18ImoqVQ0N7LSGekKRMrKK+J7cgaH1nV0QUqgWXtFwM1abmw7NtCitEnDwYqrRkN0iK0YkqBtEglQTeeDU9mUeGgMrdtQVVnIGPF+YhhmAnlrmqlvVGskzlspzK6qKtvxTsruMJdubVTJoF0aLE9YR/P20ZWH6FgsORBdpIera3/MFXZJuD/cxUz7hROv0fqHoWMU7GMLsRUgriPS4oA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000063, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Fri, Sep 29, 2023 at 01:33:50PM +0200, Sebastian Ott wrote: > Hello Kees, > > On Thu, 28 Sep 2023, Kees Cook wrote: > > This is the continuation of the work Eric started for handling > > "p_memsz > p_filesz" in arbitrary segments (rather than just the last, > > BSS, segment). I've added the suggested changes: > > > > - drop unused "elf_bss" variable > > - refactor load_elf_interp() to use elf_load() > > - refactor load_elf_library() to use elf_load() > > - report padzero() errors when PROT_WRITE is present > > - drop vm_brk() > > While I was debugging the initial issue I stumbled over the following > - care to take it as part of this series? > ----->8 > [PATCH] mm: vm_brk_flags don't bail out while holding lock > > Calling vm_brk_flags() with flags set other than VM_EXEC > will exit the function without releasing the mmap_write_lock. > > Just do the sanity check before the lock is acquired. This > doesn't fix an actual issue since no caller sets a flag other > than VM_EXEC. Oh, eek. Yeah, that seems like a good idea. :) Reviewed-by: Kees Cook -Kees -- Kees Cook