From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id BE950C3DA4A for ; Mon, 5 Aug 2024 23:41:17 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 08F136B007B; Mon, 5 Aug 2024 19:41:17 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 03ECE6B0082; Mon, 5 Aug 2024 19:41:17 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E6E9C6B0083; Mon, 5 Aug 2024 19:41:16 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id C903E6B007B for ; Mon, 5 Aug 2024 19:41:16 -0400 (EDT) Received: from smtpin05.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 4D5CE4044E for ; Mon, 5 Aug 2024 23:41:16 +0000 (UTC) X-FDA: 82419815352.05.DCD3823 Received: from zeniv.linux.org.uk (zeniv.linux.org.uk [62.89.141.173]) by imf26.hostedemail.com (Postfix) with ESMTP id AAAB0140004 for ; Mon, 5 Aug 2024 23:41:14 +0000 (UTC) Authentication-Results: imf26.hostedemail.com; dkim=pass header.d=linux.org.uk header.s=zeniv-20220401 header.b=azsK131+; spf=none (imf26.hostedemail.com: domain of viro@ftp.linux.org.uk has no SPF policy when checking 62.89.141.173) smtp.mailfrom=viro@ftp.linux.org.uk; dmarc=pass (policy=none) header.from=zeniv.linux.org.uk ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1722901192; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=o6ElRjCjdhbSKkC6GaOJj1DTB8cP+GYths66ADQnGcM=; b=muNUqViLHkMjMSNjwtlQiZK1tN/SDvKz9e9LQ1e/34wQ93Nbo+YH/7TYhNoAkw34/g/F7M R/p3CAn82C3TU5z0o7MjtIa/UcQBV6VwtQszvf95mBZq1tfiDvhLnQaDYi00IqoMXHNzx6 NGUf9HzC2/8oNu7AlXIz3cN4zQzt2bg= ARC-Authentication-Results: i=1; imf26.hostedemail.com; dkim=pass header.d=linux.org.uk header.s=zeniv-20220401 header.b=azsK131+; spf=none (imf26.hostedemail.com: domain of viro@ftp.linux.org.uk has no SPF policy when checking 62.89.141.173) smtp.mailfrom=viro@ftp.linux.org.uk; dmarc=pass (policy=none) header.from=zeniv.linux.org.uk ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1722901192; a=rsa-sha256; cv=none; b=qN40Y3/P8lLPbopW7B3YNY5KEBgOflzJdGxHCK9Ee1klVGgVKVWU956X4BTypoynlk2w/w 4KEpk02tfLB69e30Ugq83w//UPDIIApiR+gNuOahD2hA2hY3HPvZEM+Q1lTMlhRTIJRh2Y JXrsglrsiUbjBqUxVQLgi7ND0kUZtWY= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=linux.org.uk; s=zeniv-20220401; h=Sender:In-Reply-To:Content-Type: MIME-Version:References:Message-ID:Subject:Cc:To:From:Date:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=o6ElRjCjdhbSKkC6GaOJj1DTB8cP+GYths66ADQnGcM=; b=azsK131+5a9nUcew20guZCZGf0 C4LOi+zDdEFPbzoX/C8puWRt5rJzF5ynSaqigSdeo27M9DrsZ92EAbbjYC6P1kq/ay1K15xLO98ZU xUx1G1drnetY7vtBxdTORWIPKcECCQ94MNzmljlGu2UZOlQFefJjmUPBylSoM+mw2QOvhgRNGazxN BdgswrETh+IfjnzEEsENSNMb1I7WZdkBs9ILgyQ6stdwWFsTqZHEB2svjEeRGEygSxPaVR4cYDEc+ w10U/4hkQijx+Ot4SntCszhydhe3sOBjqeJbQVFMrLQsJzQHhcC5fbQBZmxZ/VKmEfn3HN69yd8jH cIeE39uQ==; Received: from viro by zeniv.linux.org.uk with local (Exim 4.98 #2 (Red Hat Linux)) id 1sb7KA-00000001oCy-4Bi4; Mon, 05 Aug 2024 23:41:11 +0000 Date: Tue, 6 Aug 2024 00:41:10 +0100 From: Al Viro To: Christian Brauner Cc: Mateusz Guzik , jack@suse.cz, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, josef@toxicpanda.com, wojciech.gladysz@infogain.com, ebiederm@xmission.com, kees@kernel.org, linux-mm@kvack.org Subject: Re: [PATCH] exec: drop a racy path_noexec check Message-ID: <20240805234110.GJ5334@ZenIV> References: <20240805-fehlbesetzung-nilpferd-1ed58783ad4d@brauner> <20240805131721.765484-1-mjguzik@gmail.com> <20240805-denkspiel-unruhen-c0ec00f5d370@brauner> <20240805233804.GI5334@ZenIV> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240805233804.GI5334@ZenIV> X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: AAAB0140004 X-Stat-Signature: 5k6bsbiyj73on6o9oxq46kg8purp8fjr X-Rspam-User: X-HE-Tag: 1722901274-403019 X-HE-Meta: U2FsdGVkX1/MPQpWgBJYTNxZxWLfRWQ/Wa9+OTj7bPYWzBv3NuYqG/awUPjXSr4+6/SDJXrtIK7aga+0TKsGy1dqO+QlwLCyZnKGhKhgS7dUwooGQY31Tm0ULHZAMmx8603DRhgoGaZN44xd7QgK3RMWRNWTNu6UwojbFPOVK9JTpA0KNvqsN+m2o1wKsDW5BK0+/RuJYjgDaz9duP8Qs+GKCwgCQJuZ9T1G9mYHrkdz9C9RVDEGJWJA6Jqua3ulxwLWzzUpA3jJQ2KiUfcTJMCC49kV6NlZFYSYURQ+e2rcVDIzcP7ETbpq3ZlXp+JVx70uCFkx98oj6N9C/FLQSiF6OOVPrr/eNfqNJSKUNu3JAzD0L84nkmWgkdm/Q/I8WTUBEUL2eXq9aGG31fvmJp5pGjsmUvhZqudlnv5wOG4mJH3vQ8OfFwt73DAqehFiJsnLw/5mbm/PipcLRdvxBi0xP5szTle4ESTes8vQjqDhmNQaPMIjZRELK+qLzX1kn3sBIc8pGz1EjHMyxkMRcPFn7vWW9dL/KJrTDexpC67HNGHcTtTzrvdvHhreQA322Ytqe+LV93tuwzPoNm45cWCEC+12ZoYO6eSfi+8+GPom5o35kovLCqvE4Kf4CjL+ejHnRBvrIs+TekmsSOjUCpJKVeDGU7zqSatknLWk661NyXHSQK2JKYHd1vftOxbyyDMQ9aNGAlorc6nuFaCFcOLd6hIDj/BYMlc4U0PP68kNwcI4KQ1CvDQURTg0zvDISNHXk+OulHZpIKJPyqVjML+BcrLxNgbBBx+NjKNJqAIh7FXc5S8BQYCFwg8D3DoTIRnlSZ+PcDAIdmx6nUeQmvvbtt/ymvIneHqPS7r5XRecBTOQ3GyJGNdwFBXbBcgwedJUsBbnnM2ylcMzwgANdr85h+Xz/W/vnvp1Lw3bciUrermYF4ikKGLdYnJoga+bvjj5twtVmncSLwefvLQ 7+kVD2TI +n2EJTsfck1M3/+n4czZ5GwtanPQ0OqdNj5Aqb7gF4FwrFMDj/yqARSyYQgh8TKVgjxcZ3Pzm0PI1Yd5GVlL9aYSLLEjvyZP1MCzGN8IkvicraQj9iKPasaNZGL0o7ShKT4uSlVB+7gwAVWD8UbCoeOpZ269AqJ3df2aW5o1exBUcNqCQiNFE5Uo5ZSCAh6556423yFq4dcP6wattqiCdsH/D4DAFzaIL1cSE1pmVt/gBtiYsPsE2v9HUDwJXwASArZpfn9NEWgYK1e+X0mAEvwjZsnFECKarRPzylkBnbCDDdiCwRN8Da5p3pX0QljG3H0wSYoeOxSrhSaKMG8B5O1lvv5gcROxRynHpEfe0MBFUeYsdM2M5dNTkzXoa4TSHLr2ZUxTdiq6iI3HGbl3QLwvkeaN7smI0A8sw1Eyecbr6zIf1GGU4cQTioRNJT/sfXw7fTnY9wMVbrHzJVrK6TayIR5wh/jNti8uPYX+5ZQVnfj0= X-Bogosity: Ham, tests=bogofilter, spamicity=0.199282, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, Aug 06, 2024 at 12:38:04AM +0100, Al Viro wrote: > On Mon, Aug 05, 2024 at 05:35:35PM +0200, Christian Brauner wrote: > > > To my reading that path_noexec is still there only for debug, not > > > because of any security need. > > > > I don't think it's there for debug. I think that WARN_ON_ONCE() is based > > on the assumption that the mount properties can't change. IOW, someone > > must've thought that somehow stable mount properties are guaranteed > > after may_open() irrespective of how the file was opened. And in that > > sense they thought they might actually catch a bug. > > That would be a neat trick, seeing that there'd never been anything to > prevent mount -o remount,exec while something is executed on the noexec, obviously...