From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id ACC42CD6E7F for ; Wed, 11 Oct 2023 15:59:18 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 45D038E000E; Wed, 11 Oct 2023 11:59:18 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 40D828D0050; Wed, 11 Oct 2023 11:59:18 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 2D4E78E000E; Wed, 11 Oct 2023 11:59:18 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 1F21B8D0050 for ; Wed, 11 Oct 2023 11:59:18 -0400 (EDT) Received: from smtpin20.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 009101A0315 for ; Wed, 11 Oct 2023 15:59:17 +0000 (UTC) X-FDA: 81333639954.20.F758B89 Received: from mail-pl1-f181.google.com (mail-pl1-f181.google.com [209.85.214.181]) by imf17.hostedemail.com (Postfix) with ESMTP id 11D4040006 for ; Wed, 11 Oct 2023 15:59:15 +0000 (UTC) Authentication-Results: imf17.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=aYcwTEuq; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf17.hostedemail.com: domain of keescook@chromium.org designates 209.85.214.181 as permitted sender) smtp.mailfrom=keescook@chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697039956; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=4EBM6QELn8ef1132SlMYb+b5mnbgclrgGpye79FUDoA=; b=wEi/Z2mhfmhh286Rg+7ZJBCkU+ijtJj+ut+zC54+7SFNw/KCU0+m1gwjUIlZXjmn87u6o8 PZwtFECP8jgO23j9sZq5b+AEaSpprR/pZnG9ficsrikk0x6KCVa4ACOUlidstVnwDWv1m9 9hcr/7Ire2HftYl0gXFgXGoFj1AZHmM= ARC-Authentication-Results: i=1; imf17.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=aYcwTEuq; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf17.hostedemail.com: domain of keescook@chromium.org designates 209.85.214.181 as permitted sender) smtp.mailfrom=keescook@chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1697039956; a=rsa-sha256; cv=none; b=45NcvtsT/su1NumSnlFpOux34pa6pJXyYYglSAiJXUdq0x3QKJXKRUdPW6Rp1xZP7VCr8N IxyoN+kPx2IQp0YUp/No2jjDlIpjaa7X+KO5GD2DDHKHc0n1x/6JGlZZnhTqAMpXv7mDWg mtLkys52jCs/q1UF2j1itHhcvF4Y6ZQ= Received: by mail-pl1-f181.google.com with SMTP id d9443c01a7336-1c9b7c234a7so16449615ad.3 for ; Wed, 11 Oct 2023 08:59:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1697039955; x=1697644755; darn=kvack.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=4EBM6QELn8ef1132SlMYb+b5mnbgclrgGpye79FUDoA=; b=aYcwTEuqAmw2/2hKvTQMb5i+Y5sBqtM72+uryKGxdIWHb30kdmUXgiD8SM8nbZ+/ru VXsqNvltg8A//W5UErhUTwh3r2dJQZSZv6/mEQMNPteLm3q46mwUEcs1GnYjDmf39q17 F/8/oq4CzMSsz9eRXFliAX09T1sG9wUhHicKk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697039955; x=1697644755; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=4EBM6QELn8ef1132SlMYb+b5mnbgclrgGpye79FUDoA=; b=D+tvxoPncObt0z6X5ow7lHS3olU0bBkCcMAHx30pQ5hGxF+eVtQoEBMNqQbw5HQotk 5jgQYF5IOyJRJITWHpmrzTjjwRgPCikPunutUkDpvRmLU/lK0qeL4B/zpG8pvgkYWIm2 4Xw/iLz23lxJNHMycBc04SycUZPKTqOdbjwgi0DsG6b5USKls2FkA8UuZb9DZmTBpulg TIWG3i/WcDJvdH74cHgrPc68RbvfkOuyaIP9E9oBHrFsOSjIpRTXBaJ4WtCAi6TYUiWQ 7j8Xw5vek2YZPWQkTjyEnL4EcgXq7m3OP+JedOWPudPh3KRT9yacciDiwWwTMNWITUvM ZBQg== X-Gm-Message-State: AOJu0YxQwH7cPZUWbjVbvgWsvIe8Hy6GgjnL70gSlwcY5aY5TIE793U3 wCLUYAlxMfsm3D1COHBN5Bz+yA== X-Google-Smtp-Source: AGHT+IFnhzRKmMknQABhdyRSLqQ/OlvokCEslWYllvOvh9DztjV2jkf9w6Z8A6ji3ZgSPg2SoS9dEQ== X-Received: by 2002:a17:902:d716:b0:1c7:37e2:13e5 with SMTP id w22-20020a170902d71600b001c737e213e5mr18437786ply.21.1697039954910; Wed, 11 Oct 2023 08:59:14 -0700 (PDT) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id u7-20020a170902b28700b001c46d04d001sm9681plr.87.2023.10.11.08.59.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 11 Oct 2023 08:59:14 -0700 (PDT) Date: Wed, 11 Oct 2023 08:59:12 -0700 From: Kees Cook To: Alyssa Ross Cc: Alexander Viro , Christian Brauner , Tetsuo Handa , Eric Biederman , linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] exec: allow executing block devices Message-ID: <202310110857.522FAFCA@keescook> References: <20231010092133.4093612-1-hi@alyssa.is> <202310101535.CEDA4DB84@keescook> <87o7h5vcao.fsf@alyssa.is> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <87o7h5vcao.fsf@alyssa.is> X-Rspam-User: X-Stat-Signature: ae354yd9ortsqcxnns4mkqfrdxxfho8x X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 11D4040006 X-HE-Tag: 1697039955-648407 X-HE-Meta: U2FsdGVkX1/R9HY2JWXWF/3E72rMC/ZEdI7kqculYPHKjvbA9LQgfjqZPvOb5u8MiZnYA/IiVgGR6Oh2Nqqo3J6KzPgQGJO3qG9HFhLd/qQX/+dV3KVWAug/FQQfZiDUvZjPr+iYxehwFPaDKK/AKCkkMVcld6IdHd3opUFLMueoucEB58DV+AzDPiKtkQ+T5N3Ea4iHZ3x5+dPIB1wn2mJDEs0j0uhX5OfZZeMI+GTsDvKgmxCrsj2V61Zfd9+2Z6ofRtKnm/cEK4pTBvB5bDf3v84RykYLhC71N0if0djpUeeZPQMc+UMFSt47z/+QHs1hmr/VGMJMrtTc84zJZrQrwo1aJkSrAFXIr4zsyLai3K86OgoMTQEuGb/HpYYJ9PAsLaa0SucS+tKa6el+1kLYrVWL7H/d680xMl2030OyF40abvf4MT0EF9NbEenjOjhjg50cPYrhq1Bg37GnElLwSWhKNyHTzJJbIcAJuGeLkWtCBnW/SZ+YEARhPE3VEqocV9py1niXYNg8VqjzVcvHUMzxI70pOqwMQxSphTItEOIJ3ZmKRMMsHnHPti+TfEiHOpI099WP2hfmnToiet4Lxs07wHS5xqMJu/E3TJqd6rTbYYiLZki1Q8cm/yLYDWzMT46Wyfyr1i1uPVcazKsOxYZrEvDUvWJmuVNJ4XDfT36810SSMksHybSo5ebTxvUA3htRwpA3uTsKoYHMejhWijCAFEdvCrjnd/MARmP2VzANiU4FMIK/7bZCKhlD/bjnZIy+wqiAG+f1E8rxaTPNDXU9kjpN67mb98tfHVfNBV0HeqK1h5BT3r4pNY+rb2sJOnMzcCujCbz9+o3c7KF6Fkv1DjWwr12NUZyR50L74Ik4oZgR1ORDQL/I5KIVr9rDbUUyMacwlM4NSXMFLYG7xdtpkkkl3o4/yMzsJAyd4mDa22o1TNAp4lTPAKHpz58/JydKGxE3CPVRxmJ JOzy+sg3 PjmpSbF/H8wjn62+icqDW4nm0lTseWXFgNBSjc5QzAXh9CEO4XICBAdFOgd+YORxrFXQTop7vByM7/McLiPWqH4tPyTmrWmb26ZwYq5+189HTgaZaDxLooowyW5Jmg2xv5hAKtDNYyJEK5k9DmFB6tfhBT/8IJwu9w4Jaa5WVkb81QOZOvKKsDQkBkd8KrHkM5wB0nldJnL6zv9CFMvNzXpi+XwFg7SyvYiUC40BJjcCz9063sFG6XzaAHRXrnHGXmHblJvbm/svSaBC+mBOvi+dmGHJ6X4n6cffmB2zCMXj5OWxe76ioIkRNh0nzOsxLS2hX8U3qlvtOnzudoPsdGuV+I/yukvq/xvyr X-Bogosity: Ham, tests=bogofilter, spamicity=0.017236, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Wed, Oct 11, 2023 at 07:38:39AM +0000, Alyssa Ross wrote: > Is it possible to have a file-backed memfd? Strange name if so! Not that I'm aware, but a program could just read the ELF from the block device and stick it in a memfd and execute the result. -- Kees Cook