From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 67C86C77B7F for ; Fri, 27 Jun 2025 16:35:49 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 0B0866B00BF; Fri, 27 Jun 2025 12:35:49 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 0617A6B00C0; Fri, 27 Jun 2025 12:35:49 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id EB9496B00C6; Fri, 27 Jun 2025 12:35:48 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id D4DAD6B00BF for ; Fri, 27 Jun 2025 12:35:48 -0400 (EDT) Received: from smtpin05.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 5C4E580112 for ; Fri, 27 Jun 2025 16:35:48 +0000 (UTC) X-FDA: 83601731976.05.90B91BF Received: from tor.source.kernel.org (tor.source.kernel.org [172.105.4.254]) by imf02.hostedemail.com (Postfix) with ESMTP id BCC628000F for ; Fri, 27 Jun 2025 16:35:46 +0000 (UTC) Authentication-Results: imf02.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=oiEZ1zWz; spf=pass (imf02.hostedemail.com: domain of kees@kernel.org designates 172.105.4.254 as permitted sender) smtp.mailfrom=kees@kernel.org; dmarc=pass (policy=quarantine) header.from=kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1751042146; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=eea0HfNuW6wlbxgPf6rE+CU9nTq6ZEn6OBRxfqUsOyI=; b=XjXAA+12JPAIsxwUw/hsXSSex3eAdUNDDpPzC6VqZcpEZ28tGA5MRko3RIJBQFCjDihaW/ z5TFwreTE6DRpaLco4SY0OhtsZnJyehS2btlZ9P1oR+Tis55F6ZM1QZmZ6vTVaOgNw4Mh4 eE0gETLGOK2N3YJc9/K1XE57J1Bi3KI= ARC-Authentication-Results: i=1; imf02.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=oiEZ1zWz; spf=pass (imf02.hostedemail.com: domain of kees@kernel.org designates 172.105.4.254 as permitted sender) smtp.mailfrom=kees@kernel.org; dmarc=pass (policy=quarantine) header.from=kernel.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1751042146; a=rsa-sha256; cv=none; b=wsAl5qAoSNAmJKRokrKNIaUAmpDDVfHTb+vCuYgSMWn8UXr6eXeOAwPnpWgGqNBmEZWbG2 4Pe33Wj2+gMKWqo/NHjbX8C11caFlJxj8MYDpRXSNgzxU8Th05MUFJRWptQKNuQnztJFM2 F1ANIaklLb678jP1kaaw9A330P9tVVk= Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by tor.source.kernel.org (Postfix) with ESMTP id E703161433; Fri, 27 Jun 2025 16:35:45 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9AA68C4CEE3; Fri, 27 Jun 2025 16:35:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1751042145; bh=l7tSd5gSPxM/86AZB06VAUDNcgycMyZieHlzXXcZFY0=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=oiEZ1zWzEdFto7YPnOEge4Gy34mew+fU1lBX8PxOA3MF8lEUlrt8yi2r25ZJ8WHap pRcgK2ig38p/sIr5eY1aWs9pClVqJq0ySIVIDUAHj80gypA4iuarn/CwRGZVMBENo/ f4MzedQrV9fyO5fV3vMNusdxe6b8kXjlMTCt9UmVli4eLqveHgK0TkKb9Op6eY4KMd dFOS6xbJAEjvWI/47+BxKbAxUrAJnUzCvnJLJUdmepeH5KKXIJEa50AiCpuvybdwqU 8aVVjqmuya1mfXVKRd1jVILe7+ZyW/hpBOfta65C5nrOHiaIq9DbPCn/vSfyTPlqNq nTcSqFglyqcYw== Date: Fri, 27 Jun 2025 09:35:45 -0700 From: Kees Cook To: YinFengwei Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, zhourundong.zrd@linux.alibaba.com Subject: Re: [Question] About the elf program header size Message-ID: <202506270854.A729825@keescook> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspamd-Server: rspam11 X-Rspam-User: X-Rspamd-Queue-Id: BCC628000F X-Stat-Signature: 6ijdhx8t58ucyep6oq6u9dzego1sh5up X-HE-Tag: 1751042146-244795 X-HE-Meta: U2FsdGVkX1/DCM9KxdqYCd/sRPdXP2SHinEseirTt2AVrBhckMkYORic0MDFUB/MLW6vmsnR5H4B2m3Co6qGfZlO4sHONmEhh6XxuhNEmdMis4hEA2UpZ8Ls38igqJgDOPlRN3OlSFIA9uc9V8YPvx6Bs1E5aebw2R6eh0EJq1NnT2bBHQzwM7S8PtGELoWRd9rEJXjnB9jMUMwoXhVNbZ73XdSAAnpS1r/Ht/5scpXHVqyVHn0Ck7gJhLrGZTbjO4QgGkWQYKLJkDfTAd2mf0lZy26d2ApRDSm16CLnUGT991e2Rm9a4HuP84zBjB8PnI04nqSkq753TGE0MrRl6uw47QuobPqTr83LQG34RQajQJrgLk18hOp9sFy36mbC/4WucQ2UI6BwOeTGI6s6ny5o2X9aRTtVJfIjxq6yX14Y3OYzbEWTdN6EMmcGr01PQh5Ciz6r9xK2tzNFwbJMxoB2HY881mP/0ZlWpTinZCPCraP/mR8gRj6ojr95kjxXkC0JQPp2qhJYmdObC6jjCALV7IbAuj5kDlmfa2NFXKlVP7HykjBrQ6oT/QrTsoKh38SWAEao6CyizztW3bZ1vJWLwoxeQ0Kq++pHuf8ze6BpKOkTD7uKrvoRaiZI73Sxg6xswEQ0qbI69yn4h0Ds6GhYb6brYHmlhXOHlzB8GssBrg+9SlqzY6kZeB0kwSzFVjsFtJECtGOAEtl3H3X/vlakDlSVcQvKJMmd0HHzo9V9034i6h05mM9H0EoP5n+zFRI+dkxSxkLKUAilSzHovXB5mOgb+LDT/f7S/hG4A5l9TJdd9gCfRgZUEF2yij0UlU1bIm37zbVF3ouUIt/5TUEp6iRE0ExKDD5INLO41AcLLIBoH6smQHnEx+2ulDjSazIv2jKvrIPUIxnhV7IdYKcLyZ70LZue6nIzFu5cVKrmc53EQAfa2NeSe/c6QcmbuwB6+vy4zdABhONpLdK LZfGo21r sRdggrS5fBceksX9znYn+DEks+Fx3QwQhpxU7r3z/AzKDyt8Qk/9i3Lv1jSp0oCbpboOnpMNG8Mg9+k/4LleOkVNJIFTkFkIwcLJWEkGQH99nJ7BVWpxr/YXpbvNWT5U8cj1ampTYEioVuIVXgmL3ZYR9dyI8xhcVKn+njGEm0NQQ7z+ySrEnKVbreoR/Y2iC7mltKVBZbVXOKERSY0VyKVvXiNiotUJjRDkkU77ulzpJTnvo2O6aTaez/biO7Av48hrln0uY5CqP22LRsbe9An3Z+w== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Fri, Jun 27, 2025 at 09:04:11AM +0800, YinFengwei wrote: > We had a script generated assembly code. built it with gcc and the > output elf file had 78 program headers. Why so many? > On an arm64 platform, if we have 64KB base page size, the elf can > be started correctly. But if we have 4KB base page size, the elf > can NOT be started with: > cannot execute binary file: Exec format error > > Look at the function load_elf_phdrs(): > if (size == 0 || size > 65536 || size > ELF_MIN_ALIGN) > goto out; > > ELF_MIN_ALIGN is defined as PAGE_SIZE on arm64. Which can explain > above inconsistent behaviors (from user perspetive). > > I didn't find the limitation definition in ELF spec(Maybe I missed > some obvious info there). If I remove "size > ELF_MIN_ALIGN", the > same elf can be started correctly even with 4KB page size. > > So my question is why we limit the who program headers total size > to PAGE_SIZE? git history couldn't tell anything because the > limitation was introduced when whole linux kernel tree was migrated > to git. Is there a possible constrain on other architecture? Thanks. Looking through https://git.kernel.org/pub/scm/linux/kernel/git/history/history.git (which doesn't have linked history, so you have to examine explicit "pre git" tags), I see: 4779b38bcb96 ("[PATCH] Linux-0.99.13 (September 19, 1993)") Which says "ELF binary support it a notable change." Here, the PAGE_SIZE check does not exist. When ELF interp support was added in 9e11983a5a3e ("Import 0.99.15f"), we see the check appear, and I can find no rationale. And with 6a8d38945cf4 ("binfmt_elf: Hoist ELF program header loading to a function"), the PAGE_SIZE check is _added_ for non-interp loads. It seems the 64K count limit is sufficient? (If the goal was to avoid large memory allocations happening from userspace, we're way past PAGE_SIZE these days between IPC, BPF, etc.) Does this work for you? diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c index a43363d593e5..92de44b8765f 100644 --- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c @@ -519,7 +519,7 @@ static struct elf_phdr *load_elf_phdrs(const struct elfhdr *elf_ex, /* Sanity check the number of program headers... */ /* ...and their total size. */ size = sizeof(struct elf_phdr) * elf_ex->e_phnum; - if (size == 0 || size > 65536 || size > ELF_MIN_ALIGN) + if (size == 0 || size > 65536) goto out; elf_phdata = kmalloc(size, GFP_KERNEL); -- Kees Cook