From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3BD2CC48BF6 for ; Tue, 27 Feb 2024 02:30:42 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A46304401DF; Mon, 26 Feb 2024 21:30:41 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 9F64E44017F; Mon, 26 Feb 2024 21:30:41 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8BDB54401DF; Mon, 26 Feb 2024 21:30:41 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 7E34244017F for ; Mon, 26 Feb 2024 21:30:41 -0500 (EST) Received: from smtpin09.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 22331A007F for ; Tue, 27 Feb 2024 02:30:41 +0000 (UTC) X-FDA: 81836005482.09.6B48EA3 Received: from mail-oi1-f173.google.com (mail-oi1-f173.google.com [209.85.167.173]) by imf29.hostedemail.com (Postfix) with ESMTP id 55A15120011 for ; Tue, 27 Feb 2024 02:30:39 +0000 (UTC) Authentication-Results: imf29.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=QN2sz8Km; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf29.hostedemail.com: domain of keescook@chromium.org designates 209.85.167.173 as permitted sender) smtp.mailfrom=keescook@chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1709001039; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=memibgJZNOyBXI4CIvwtBXRp9WBttR7QAtL1A6J1jew=; b=t4jtT2Mp316BRa6VE62NkGVvafG2ofmDqCYwEAj7g5K/N2WQnj0nVxYwerI8R1A+55QAZ7 A4NvdkAd6tTcT/yvXgYKt0T7Hz54gROMjJ/emH1+FStxavS62ZVIR82Aia+mblgiwvzWxD FNImBkKKmVQsDWO9DKkUGZoUFnt8k18= ARC-Authentication-Results: i=1; imf29.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=QN2sz8Km; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf29.hostedemail.com: domain of keescook@chromium.org designates 209.85.167.173 as permitted sender) smtp.mailfrom=keescook@chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1709001039; a=rsa-sha256; cv=none; b=k0YHIgKCBnGNmk0IgzosJBoWEjksmEIZHoN6v02CZBdesWxa3tUpUBdprxUNJ8114Q3gEv c4bg48p9Z/6sF7cFqiJhbXwSbRGOEC7LlTddjQVt88AjnRZw6ALe7WRdbMG8wjoz7xWf4x 1opggVzzQcF+1fBi75ZoJvmqD1WlOQg= Received: by mail-oi1-f173.google.com with SMTP id 5614622812f47-3c19937913fso1979387b6e.3 for ; Mon, 26 Feb 2024 18:30:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1709001038; x=1709605838; darn=kvack.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=memibgJZNOyBXI4CIvwtBXRp9WBttR7QAtL1A6J1jew=; b=QN2sz8KmLIa1SkJj76SmAKTx/TzNJ2k3PGTQyOjS7yk37ebKpZ8uva6ayM7XJHvMRF duMnf+jpZ+WNFPpgaEVEvyAd/+wenOwb8kPXK/2Yku+mxnEkNNullIozVg7vGbiBAN0R tmAR3Pr9AbbfHxQiqUgLmXaqrRc7YpLU6tEJU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709001038; x=1709605838; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=memibgJZNOyBXI4CIvwtBXRp9WBttR7QAtL1A6J1jew=; b=FLCda83MDyjb5NdvutlpzjW7YiqBLVcrFrodSmRlHJWn72niMDCS/Qzn3jl3h7KQXe vittWvmSkZELCFfeRkoR1bqxJ6g3ZqhKa66+0YoPa7dJ82WvOcHP33FajeQo8IsvCFtN iX8CtC1EBZZF6rEOS/Rna6gF1QaI62aV9XEm4zCikSV7PT/hq9QmkFqNNsXrsIzt/Kij CLNAuS2SIkeuRbwobABMfxZjGDMP1v2YXo+9SIa0AI5qx4QQTUVgtAFp44ZYQEQlI+Cc wAK0EfzoJXK5+oKT2vgvChg5nsKDgfpwo9DGpr4tBCVe+SXe9WMJZZ7Yta7CgLYGYSza Un6w== X-Forwarded-Encrypted: i=1; AJvYcCXiXtsG+Psp9XOMRTO+LswWk5PZ+8C9rl0SGNUOWNIsXUssK4cJJGUffvD6d7A+QrElPG7ucNsxCPKC7ERkXlLyQTw= X-Gm-Message-State: AOJu0YyviiPI84N1yOJrgBkb0Lf2TOaNIXoWn0nz/6yHOt1vi9IdC1jk 9QlpXIXRuCKBA1lDAEYCktGDAGDWx0cViPTuU26XU2SHMADmLEt4OkRACjiTc+iEO2pfIGsF3WU = X-Google-Smtp-Source: AGHT+IFplsJJIA7+1tesLzAlhF8/AJorGVOwn8v8Uyrd5ZzwmXskYJ3krHczx70GyhRbNqa7HaaPyg== X-Received: by 2002:a17:902:f542:b0:1dc:a40c:31c6 with SMTP id h2-20020a170902f54200b001dca40c31c6mr4656751plf.25.1709000596048; Mon, 26 Feb 2024 18:23:16 -0800 (PST) Received: from www.outflux.net ([198.0.35.241]) by smtp.gmail.com with ESMTPSA id mn12-20020a1709030a4c00b001dca6d1d574sm343800plb.302.2024.02.26.18.23.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 26 Feb 2024 18:23:15 -0800 (PST) Date: Mon, 26 Feb 2024 18:23:15 -0800 From: Kees Cook To: Jan Bujak Cc: Pedro Falcato , ebiederm@xmission.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org, viro@zeniv.linux.org.uk, brauner@kernel.org, linux-fsdevel@vger.kernel.org Subject: Re: Recent-ish changes in binfmt_elf made my program segfault Message-ID: <202402261821.F2812C9475@keescook> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspam-User: X-Stat-Signature: thxbiwoibn8c4wgefgjidkq3c6w5ggdq X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 55A15120011 X-HE-Tag: 1709001039-496132 X-HE-Meta: U2FsdGVkX19+/z161UJVsaXvveYNooXqRgqfy3yQnIjkaH396Ufsk+H81FvE0Nhdn+0OLpyLFpKRfjFWu0lqJ4zwiyn1baAeS8R7+MxcXv7kkoaEfNEJSwI74xi9KcMyxMW7B72dAs89vH7ps8KH+frRXmilvQYG0Z483kESMZ1H6jo/M4xX7+30WsfAgUdI/kLKUj1IgRyXgiqVa/3Kka/aVYAOQ6kEeuZzHP2Qm1k6OLFqB1NzJ/oj5Q7wl7IYoO/5b4iD01/BDIf+XcrhPG4j4vtKobz1WfwwgF/iqd1sj35UNcwrYGZN2ugmdztpszMsUxbxNMqyv6H84Rrn68t1UohiKivd24eW30vVgyhV9zHiJ49Ze3ap4rB+DqLgusqhRyiYMx3fkfPIsVg8aivZa/F/6fd8eFaRG+l8zPJhTYaASbeDoEY4UQGprjLXCysYnCWUDyRSWiRY7VFtyelEvF2rTY5M/5+DKbAGfyUFp3jQIQMfUPUu2zAgeJC94YlTSpAEq4FLVFXbIlLtxzxhj624jd9T0zQ3bBGoGZknUnEfECh+BciR/rxhAUXTz4c/K7GUne40lQA74PJJQqyIVfRvRb/c1rSdoAUaaPhjKwSMv31Z1LvcE49vsicki/2TCJblGd8AVdC9U5EThIQ0m4AJVe4eVlxPaYrQU25Kkc6AkaVNGEj8JOpn7Y6XYB/cIjEo/zOPLwoDQIst2AvM8cRgCKIN4PXzvCUIvPNlsisUecENCYt2dQVj8lw1pQXkpZwE/OEusgmMLliozOEY3ZJ02aDusUKElpN3ex6H7rQoNeN1K6JmRrpylbc489gvle5ThbXFeKeZqk37tbzCiyukrDBroXmGVtT5J28IUHBfpxvj1FVgnBSlfH8AFvFP8wdJPRW6aAHt70G576yJrhg5pQgQpqyjfs3bI7RVgxKEbhMKLNKdc0cLKRMnr22oJe3P7VIBBmeH0A/ vkf1SIBd g3YezxOa4JHum9yf1OUZmPDgpwBm0pt3nou46k6m6ybrSa77nPd6F+NcGYPtJbSB0TJtqxtDQuNSI66ghecNi4r2pgiy+ENgV1jxKIG0xTgNX6RCXjbwyp+zLu90VNw0744GrJ/W2dCOGpDd/q7aEpFEbC1fK/ZjEqWBcrf5qsAyLsj3T78EqdRIQOCn/T3S/vhh7ehRrx4b4r/8AVur2i+ipAilzOb69cyMwVvBO0naLAiSneaKpDkZ9ngXZe7rbusTuo7Pa8yG0YMvOY6QFSSQ8IxehmlGX/I1uVxASlKAU55YYqk8G2yhDEh/K24GxnwLUqWVVloznAvubMoWXraxKRJ3QS5OauLtKf5ftnuJ5mGmlK+O+/xkflIv/TIBBKiBIjN9OS6Q45c2zdx9OLoirDSvJzwLS27179ork/jAizReL9Bdpljr6Pz828PLu02che5fWoMlkQG0pyggY8jiANNxu3q9pAEPKxTeCgRVzMH2rfrTOdAcQTSElxiBYCoKGPuRAJ3bNeFO7DU0A2jOlRpfsuKb3faboyqGPEY4tVCbCJBQLa9NHkBGLUoQnFNjI2EM+VrBDiRY3K1+qtb0HcUzrtDyrPMMU X-Bogosity: Ham, tests=bogofilter, spamicity=0.016097, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, Jan 23, 2024 at 12:23:27AM +0900, Jan Bujak wrote: > On 1/22/24 23:54, Pedro Falcato wrote: > > Hi! > > > > Where did you get that linker script? > > > > FWIW, I catched this possible issue in review, and this was already > > discussed (see my email and Eric's reply): > > https://lore.kernel.org/all/CAKbZUD3E2if8Sncy+M2YKncc_Zh08-86W6U5wR0ZMazShxbHHA@mail.gmail.com/ > > > > This was my original testcase > > (https://github.com/heatd/elf-bug-questionmark), which convinced the > > loader to map .data over a cleared .bss. Your bug seems similar, but > > does the inverse: maps .bss over .data. > > > > I wrote the linker script myself from scratch. Do you still need this addressed, or have you been able to adjust the linker script? (I ask to try to assess the priority of needing to fix this behavior change...) -Kees -- Kees Cook