From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id CC213C2BD09 for ; Thu, 27 Jun 2024 19:50:05 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 595D76B00A7; Thu, 27 Jun 2024 15:50:05 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 51F106B00A8; Thu, 27 Jun 2024 15:50:05 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3E6EB6B00A9; Thu, 27 Jun 2024 15:50:05 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 1DF5C6B00A7 for ; Thu, 27 Jun 2024 15:50:05 -0400 (EDT) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id C39CC1A0FFE for ; Thu, 27 Jun 2024 19:50:04 +0000 (UTC) X-FDA: 82277709528.03.38C1CE0 Received: from sin.source.kernel.org (sin.source.kernel.org [145.40.73.55]) by imf09.hostedemail.com (Postfix) with ESMTP id BE12C14000E for ; Thu, 27 Jun 2024 19:50:01 +0000 (UTC) Authentication-Results: imf09.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=Cauf3q+K; dmarc=pass (policy=none) header.from=kernel.org; spf=pass (imf09.hostedemail.com: domain of kees@kernel.org designates 145.40.73.55 as permitted sender) smtp.mailfrom=kees@kernel.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1719517789; a=rsa-sha256; cv=none; b=Yx1WfBb/Ct0Ry+e9DwGhAjNYUC/Mbv93g8/CAMNwqrFCvoNukVIGMu5ltQU4E4RhpCvd/l q8/gXxPy5E/bh+iLiLSO5yTnej5omBQ26DHMNr44ig/ZSKBBWQXHP3UslzOwNMgd1b9CG1 huyBn8880uZo+CCM8OvYc0l3OjEInMs= ARC-Authentication-Results: i=1; imf09.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=Cauf3q+K; dmarc=pass (policy=none) header.from=kernel.org; spf=pass (imf09.hostedemail.com: domain of kees@kernel.org designates 145.40.73.55 as permitted sender) smtp.mailfrom=kees@kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1719517789; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=BTVIfNzLUfrnqaTrK+NN9cSCUde1tCDUcDcxUZGJmjg=; b=uZdcUjb7bxLev+B5eix6IUcMbd3cHP5WfWDAJY1tdhYtB7gcpaMjwoCq4DmEHM8BmPeIV1 3rWwXiqdBvkL7d9YJ/1SH77MkDMuhqt32dNqCCl4jMvzd/6An30thVqAu8bfE1o89uRVbi JTAX8PgnWDGAPKh2bOfnvM+ktIH0pMg= Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by sin.source.kernel.org (Postfix) with ESMTP id 6F7EFCE065E; Thu, 27 Jun 2024 19:49:58 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id AFDACC2BBFC; Thu, 27 Jun 2024 19:49:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1719517797; bh=LbeZhTvrMZr4xHjYq9W0eB0sW/WT+bIkqEA5WOLp22k=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Cauf3q+KQYQjNPaWrsg141tb/JEl1S5eiFZkngyocugydl8zul3a8txXte+5vZT0Q APKXcBSW++K4W+64pTyLr5fWbELUd1NW6zSmglSdH1VkmXVFQqqdo0KXchv7ZtsiDz 8UH5y8U65YJ2fjGubMXRy1SI2C8V1o8DM8sm2qPaD6OLaP7kD3/C8PvHyj7n+YuBuG Q2eq4zrCFhU58tBYCGS/vE4JuG1Avfu8lhGWVh3tMeMfKaPIcN/hWIssBrJjkhbbdZ gk7manOYTOm8Ekl0a7XeEfK35ISq9GFOvrsxLwdpJIuBjUNRftEAit0lx4OOpQSmZL M9BicI/lma1hw== Date: Thu, 27 Jun 2024 12:49:57 -0700 From: Kees Cook To: Guenter Roeck Cc: Eric Biederman , Al Viro , Christian Brauner , Jan Kara , Alexey Dobriyan , Laurent Vivier , Lukas Bulwahn , Justin Stitt , linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH v2 0/2] exec: Avoid pathological argc, envc, and bprm->p values Message-ID: <202406271248.622193ABB@keescook> References: <20240621204729.it.434-kees@kernel.org> <674c2009-4c55-421c-ba57-10463e00fd62@roeck-us.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <674c2009-4c55-421c-ba57-10463e00fd62@roeck-us.net> X-Rspamd-Queue-Id: BE12C14000E X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: rrey91xxdfzgmhjn1wm84tfx9rjnqeca X-HE-Tag: 1719517801-921867 X-HE-Meta: U2FsdGVkX18b+eLNlgE5vaDrUQcnMOUxhc7Isatzk6TdWEwELGjSQEWil+/onTx26FqS7mpKeSA3iP4IaFrywqg3T/XO0v+/lq2rXTWBX2RJx4XqPjefCQyErp0aexyK9L07gwdX5JFgqzuJqVWABTNY0aVAhTMPR9CIwXXVoLS88mdNCPQZNn6AUjw9I38hECIEwKyG+cgOkTF63InFcVIajC6/LK/Zq8iYJOGaDptEYIVOhHbiRiuRgL6JZNq3uAF0j2sA9tyzuLB5rxr+4lS2bDmMsR6a+WaOdbcy/b9g8JYf6GsVPbd0GK46EsgZVQq7pAV/d1QLzOXHOC5Tg8l2eoY3qxRi3kKEipkTaSC2fVADYzfI9LgRbmYJpPu2+J9PvqZnmVLQrazyLMe0NNUdXnP56yp26ZhjOJW2rV0X6FyAWyK1ulLuyZfaxPmrxl/fB410lLL0Sz0FqH471Rm7kA9Z0jZ3jTijO2/wILKRwLNNLBARGXqg6oUadnYFjd24FWuVyW0Eytof7+xwpgRSchbmGl5bBrZfjXBYSi/hN29aXY5hDF9Yncygt3g7XkBAfAMcSNIfjr1I64+UDLwz0T76j2rQ/CG1UoxCtVeXXolKcI7qxcDGagRUt7P4RsKHRZDb0LOWgLu4wJunGwVrmZrjwmAWREoyaT7wF/1GUss/tJ8Eydf3I9ZjVKmuI2wLmuOoeI6Hll67D7grN7yfCMqWX1MpIQPYDqwxQgPQoUPzuYkNpzaAFMDoICeBJ46W+w7ijBlqvDB2fiHhZgRC1EL3uR+k59OxQDWpNqDnW/K1gT+3dxa/0R2pYXQNX6aS3Hy1dVGL9jghKI7MFj9uGan2ChdaxIjUSOJfK01eQWSkGWQ9s0tfnFKUBOG0Ohah1JOhnCTtVZHIvDR8DZzrMNDBpnkM+Dz7HaT3CmSF4pGBnI0CbbUI3+VekobJ3KkLXp/ecj7mLXuPCeB 00n3qGHw 2aC7MHWaEXL5arOxuJFoc6veOjV0sHLr1vfBY2Ienaty60zqxK4XbzzziLsvPBTiVr0u8jlXO0UQPGdhT+nz5ghgEhxaFk59JK3neK+lg5uPYIlQ6HMKELo0DXr+ajeZML6zZNFW9ePZcpEb4ctcdYIgzvuibV8+VmkQ/D7ARTYj4tmK302V+pQBM6grcpQvUEe/5oYmQHcGSv91uL3aXE5a56oaueoiaAKzCAgU06D82W6qKCo6KRoGy4awiVvga6YX39dLP2BTypNH/LmU+X713e8zG54YMg92A2FhqwaNBzbWqLAad8UDzuPtp8as7SCMxqTljdHmbw+8kdU5T+eyNJeX6Xwl8+6Gx X-Bogosity: Ham, tests=bogofilter, spamicity=0.000005, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Fri, Jun 21, 2024 at 02:44:05PM -0700, Guenter Roeck wrote: > On 6/21/24 13:50, Kees Cook wrote: > > Hi, > > > > This pair of patches replaces the last patch in this[1] series. > > > > Perform bprm argument overflow checking but only do argmin checks for MMU > > systems. To avoid tripping over this again, argmin is explicitly defined > > only for CONFIG_MMU. Thank you to Guenter Roeck for finding this issue > > (again)! > > > > That does make me wonder: Is anyone but me testing, much less running, > the nommu code in the kernel ? > > mps2-an385 trips over the same problem, and xtensa:nommu_kc705_defconfig > doesn't even build in linux-next right now (spoiler alert: I suspect that > the problem is caused by "kunit: test: Add vm_mmap() allocation resource > manager", but I did not have time to bisect it). This has a fixed pending: https://lore.kernel.org/lkml/202406271005.4E767DAE@keescook/ > I am kind of tired keeping those tests alive, and I would not exactly > shed tears if nommu support would just be dropped entirely. I haven't ever used the nommu builds, so I don't have a useful opinion here. :) -Kees -- Kees Cook