From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 508F7E7717F
	for <linux-mm@archiver.kernel.org>; Sat, 14 Dec 2024 00:56:34 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id BAB3E6B007B; Fri, 13 Dec 2024 19:56:33 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id B33246B0082; Fri, 13 Dec 2024 19:56:33 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 9D4496B0088; Fri, 13 Dec 2024 19:56:33 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13])
	by kanga.kvack.org (Postfix) with ESMTP id 7BACB6B007B
	for <linux-mm@kvack.org>; Fri, 13 Dec 2024 19:56:33 -0500 (EST)
Received: from smtpin30.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay05.hostedemail.com (Postfix) with ESMTP id 3C4E141CB6
	for <linux-mm@kvack.org>; Sat, 14 Dec 2024 00:56:33 +0000 (UTC)
X-FDA: 82891748226.30.C48823D
Received: from nyc.source.kernel.org (nyc.source.kernel.org [147.75.193.91])
	by imf17.hostedemail.com (Postfix) with ESMTP id AA1A140002
	for <linux-mm@kvack.org>; Sat, 14 Dec 2024 00:56:11 +0000 (UTC)
Authentication-Results: imf17.hostedemail.com;
	dkim=pass header.d=kernel.org header.s=k20201202 header.b=MQnB2rQS;
	dmarc=pass (policy=quarantine) header.from=kernel.org;
	spf=pass (imf17.hostedemail.com: domain of kees@kernel.org designates 147.75.193.91 as permitted sender) smtp.mailfrom=kees@kernel.org
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1734137779; a=rsa-sha256;
	cv=none;
	b=olZbaGA9J7vEjLbMhcbBEe2mtHH1z6GET4POLw2ZhYUNNdECFfxUDtwYl0YPbu5jE6OsQ2
	hs2htWxPwZE+fN/Peb5Nq2rXZe13/bV4EV57SC1x2uSCEnR6o8fItipBWGC5cpK1eABOMl
	cxN9mio8wLbYT73z6qjwqyLzvurq3Ww=
ARC-Authentication-Results: i=1;
	imf17.hostedemail.com;
	dkim=pass header.d=kernel.org header.s=k20201202 header.b=MQnB2rQS;
	dmarc=pass (policy=quarantine) header.from=kernel.org;
	spf=pass (imf17.hostedemail.com: domain of kees@kernel.org designates 147.75.193.91 as permitted sender) smtp.mailfrom=kees@kernel.org
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1734137779;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=uhG6Fozc/5+m9DZBKJX3SHU2nN7Y5C/Jq0XKkq6lgyY=;
	b=Qdy+SKFI6iK9vMqdTjFHA5+RXUvhS+mjhAPbn7cKIVgl0bsi0PEm5g6nmFOabj79phYhhJ
	VMjBGDhbzpnk7qVKctCM5kNI4L7nhVjUnaFh30ivd5oaY+GS8K+q+9QqLqOJM1+B+z/7fM
	MQu5Sff0HtrZvKt7r+o83B/PUvyj030=
Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58])
	by nyc.source.kernel.org (Postfix) with ESMTP id BDE1FA42D83;
	Sat, 14 Dec 2024 00:54:39 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 84150C4CED0;
	Sat, 14 Dec 2024 00:56:30 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1734137790;
	bh=92luzIVjfjAyEdhfZE/R/uAdo5CyLJyLxN1vjHYrNF8=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
	b=MQnB2rQSnBwr2OmGhth7bCvy/Qxff+5yElRN9uO42y1XtNa98wQaHkBoomZ/AOxjI
	 tB4loxYtYE/sBHbesLtSi4TIZb/ZnlBhvONJPmdQ2YJHrL2qISGpMNRgFPgfHRcc0o
	 95QP/j6STxtGA56lYmL0sFGRGVASWLjrUty5HS9yuZndJyK1d07HiQ3ZwfXei4uhpr
	 12Dv84cNBxod3c/lar+CzwS9hJOvnRHBGjNU6b3QqB2mJGKs9XyPk3eAg94JA30NQk
	 tNwxWGQehXMc525QZMNIP/lZS7x2bOyFKQAnU83L5j8b3gfS5k4qRyYsLy+NWJEmRY
	 w+9iCwnjngxHQ==
Date: Fri, 13 Dec 2024 16:56:27 -0800
From: Kees Cook <kees@kernel.org>
To: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
Cc: akpm@linux-foundation.org, jannh@google.com, sroettger@google.com,
	adhemerval.zanella@linaro.org, ojeda@kernel.org,
	adobriyan@gmail.com, jeffxu@chromium.org,
	linux-kernel@vger.kernel.org, linux-mm@kvack.org,
	jorgelo@chromium.org, linux-hardening@vger.kernel.org
Subject: Re: [PATCH v2 0/1] binfmt_elf: seal address zero
Message-ID: <202412131650.9537DD1B@keescook>
References: <20240806214931.2198172-1-jeffxu@google.com>
 <172365478431.4159848.371478248517217096.b4-ty@kernel.org>
 <cfd3e288-c913-482d-a6ce-789fa6b0f2b3@lucifer.local>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <cfd3e288-c913-482d-a6ce-789fa6b0f2b3@lucifer.local>
X-Rspam-User: 
X-Rspamd-Server: rspam03
X-Rspamd-Queue-Id: AA1A140002
X-Stat-Signature: umsp7m6zecregkaoqddip6ycpqcypfio
X-HE-Tag: 1734137771-971014
X-HE-Meta: U2FsdGVkX185cccxewqWA5aNh2DVNRdYoXoyjc14Z0uuAWootYoEUc6xIVf3rQRNHgCGdIalzGbnqcsICUk/1OEk6AA2bxF0AUaw1Z+UM1zDxXSb9cAbbFUAUYR5u34STMVvo6n4bEG/FyOS6C6qadbsgBASrbCH+CRLmGMYFV0DWe45IExkaIb9TYtgiMYpZuuhVfxL02rgiSMRNvSWsLuMc6MutPph5K3PCSnsIy8KrkTvJVK9dX9pQJW02PIzk2sY0rQvQfxIVxfNMcT6dEU1MLG3bHf835v2iLV0cJcpJpQOJbjluwVxEAUd5JfJK6s2X/oiJfij+EhStjoR41Q60EQ1nZeOrZPwLAhFgyelj+wvuUf3I/ay3QbhaQEsTHGGMOJDgQ9hmSd49xxnWEmB2CZkTl4UtMEFWNY4PZCNJHPzgbJfTZWJU6THu3EYgefYGu2Je24OkbbLKl7jtyAyTnIMiFwxwWzHGo/EkhaHuuXohOp4PQDUG1JkB6D2MMQFZd0SzCaUToToFt+hGTLbg6R77QEw1kIX7bkDSq+dcGkitV3JoHGzDzGqasdCQ+Q5Y6qNs6EyFdhAn6ExtWw1uWK4DPG+/jTke/J4kMUEcHdNRUjXSTwW1Y21kZ3XpF1WUXL8y2jSoonp+JPAgLS3drGcJ9EnbzL96Vd/8pLI90F2MFH7MaxUlToIznDhE2N7jeCELdXbgdbpRkbkglx0tyUrh5cL4rHPawohc4QkBQVVILw5XSllm8W9P+3qyrKPZHdB0oO+ePO2f3ssN75ECnAZZfVuQxE+NJHUHKzA/Jsak+6k9AqEao7kjgFTJOBv00Am0b+n07/+HaaSIMS/Ec2XnNbAd8ue8dytCZAfaXJ3H8ep7L8XA+TLTCWZxGwLucMnjhVE2y+CI8y3SadHV9l77LnFusWV8riAAkYG3OOXe0bvOtf6nFJtMdCFGDmXlfnHKnjlVuukSGz
 TpoAgnsC
 w1FAWnv9LHebazyRlnyFY11yASESvl3SyFonE1x8+NrGfYRELjHHj0ztP6tsAddH5B9nBxtl29Hj8BKh2JvMFynGIvb+7plQ1wjUwLtljmQAbhBYk7KO/kaiPxQXQouB0xUIv69Hgj8Ayd4uOZWbn/RDaU79i/kEsKprtC0AEP0Lm/gQnUYbXSNWb/6ChuBM/NqZmPj2jw+lGBKkY1QUPrLCqHqf0VMc/eAmivpVnzqxBy6PPXvujlPtSWfI7iKTi99y1kQL06IlWZ3xSPrvUqaiQSUIYXVHao7SHPSjjkeXd4NLb2Y59I9Rp1k95hdlh2RGblw9lgglUZmw4AlnFCWXAYDclvPDo26iXMRAQ4kpsbvU9G8Gr5wsq8g==
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000885, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

Sorry for the delay in my reply -- I've been trying to catch up on stuff
after 2 weeks off.

On Tue, Dec 03, 2024 at 02:13:45PM +0000, Lorenzo Stoakes wrote:
> On Wed, Aug 14, 2024 at 09:59:47AM -0700, Kees Cook wrote:
> > On Tue, 06 Aug 2024 21:49:26 +0000, jeffxu@chromium.org wrote:
> > > From: Jeff Xu <jeffxu@chromium.org>
> > >
> > > In load_elf_binary as part of the execve(),  when the current
> > > task’s personality has MMAP_PAGE_ZERO set, the kernel allocates
> > > one page at address 0. According to the comment:
> > >
> > > /* Why this, you ask???  Well SVr4 maps page 0 as read-only,
> > >     and some applications "depend" upon this behavior.
> > >     Since we do not have the power to recompile these, we
> > >      emulate the SVr4 behavior. Sigh. */
> > >
> > > [...]
> >
> > I added the cover letter details to the commit log and changed pr_warn()
> > to pr_warn_ratelimited(), but otherwise, looked good.
> >
> > Applied to for-next/execve, thanks!
> >
> > [1/1] binfmt_elf: mseal address zero
> >       https://git.kernel.org/kees/c/44f65d900698
> >
> > Take care,
> >
> > --
> > Kees Cook
> >
> >
> 
> Hi Kees,
> 
> Reproducing diffstat here:
> 
>  fs/binfmt_elf.c    |  5 +++++
>  include/linux/mm.h | 10 ++++++++++
>  mm/mseal.c         |  2 +-
>  3 files changed, 16 insertions(+), 1 deletion(-)
> 
> It seems that in commit 44f65d9006982 ("binfmt_elf: mseal address zero")
> you took a patch that makes changes to mm code without any review/ack from
> any mm maintainer.
> 
> While I realise this was a small change, in future can you make sure to
> ensure you have that?

Oh, yes! I can do that. As you say, it was a very small change and
almost entirely "standard" boilerplate. But sure, I will be poke people
more directly if anything touches mm in the future.

-Kees

-- 
Kees Cook