From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5BB02E732CA for ; Thu, 28 Sep 2023 12:55:32 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id C58F58D00AE; Thu, 28 Sep 2023 08:55:31 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id C08CC8D0038; Thu, 28 Sep 2023 08:55:31 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id AD0CF8D00AE; Thu, 28 Sep 2023 08:55:31 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 9AE368D0038 for ; Thu, 28 Sep 2023 08:55:31 -0400 (EDT) Received: from smtpin09.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 7AEAA160774 for ; Thu, 28 Sep 2023 12:55:31 +0000 (UTC) X-FDA: 81286002462.09.AEE78FC Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by imf23.hostedemail.com (Postfix) with ESMTP id 19B10140028 for ; Thu, 28 Sep 2023 12:55:28 +0000 (UTC) Authentication-Results: imf23.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=VkW+23p3; dmarc=pass (policy=none) header.from=redhat.com; spf=pass (imf23.hostedemail.com: domain of sebott@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=sebott@redhat.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1695905729; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=qI4XghGXIMa5N9aYtul1yzQ/Grglthn81P30tLktnuU=; b=N+ebZfv1dsuVPnvLHASQAAayb31O1zYgnZb6YSuJfBB3+DDK/pEoYyCb5fmjgwksTzZPiI RaX54Z2mA6jmKjQR/A+E96apd3xQwRaWaJHUuP6CBw8NpJiO8COMd9C9OvAFE+IOBOYIgq 2W+86zWkpTa6yI95Tev/15a64pJ/0W8= ARC-Authentication-Results: i=1; imf23.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=VkW+23p3; dmarc=pass (policy=none) header.from=redhat.com; spf=pass (imf23.hostedemail.com: domain of sebott@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=sebott@redhat.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1695905729; a=rsa-sha256; cv=none; b=B+M9uLwCRkXlGb0gHWD2Yr01LnppLG6Oj50UNviS4G2F5gfn6dehVdabywpQCkdMDD0ujJ v2TkyV1bYq5IVlRGQ6wZNbWNX9LSzCE1delDzcobwbnQ1vjjiDObyBF7M7W8qBDp4gQnyt RAp8OxNRs9XcQbPlGr3OgQdoxyYiV3E= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1695905728; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=qI4XghGXIMa5N9aYtul1yzQ/Grglthn81P30tLktnuU=; b=VkW+23p3t+DLbC9yQBrpTX5iCnXkDrZ1VFT3pMNFsoz3G0r60qZwPjLjjemyTgVtCmST3T ElTW05x2aryT4BMswNOvKOybCyUtRxRJrNIuenZjSsqT32+8PnwCmHHzPE+mAFm2pV+4O1 obb3VHYHE2cs/4arEbsWkPvlNbZl4sE= Received: from mail-qk1-f200.google.com (mail-qk1-f200.google.com [209.85.222.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-633-8FiOMEnfNFKV2SlF8h4Jyg-1; Thu, 28 Sep 2023 08:55:27 -0400 X-MC-Unique: 8FiOMEnfNFKV2SlF8h4Jyg-1 Received: by mail-qk1-f200.google.com with SMTP id af79cd13be357-77409676d7dso2171593985a.1 for ; Thu, 28 Sep 2023 05:55:27 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1695905726; x=1696510526; h=mime-version:references:message-id:in-reply-to:subject:cc:to:from :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=qI4XghGXIMa5N9aYtul1yzQ/Grglthn81P30tLktnuU=; b=tKxZKgi8Ujx8HYJHTjXDW/2E0vQNmL74qIonzzmDPmaq38H0LoHtYjFRTvKEhSMJS8 F2ZS1aN/97O1O3tEBhbmvXyBahWtZka+Iq+fcFAieMGh6eHkr+M4mpLHGt5yRUVssvAR YiegVWpd9CKUDKmdFFrRepVR9KucpvKtx4GSo9S+a6703RHoamiAugnTGn5cDZSSTL+t fx9Sm+uzAk7vhXc+OuEc7tNEF1QFaB36n/GyUbOEvxUJkj1aVBZWe0Rgr9ty+OCu0hcL wisVv47aklSQA2PLxyRDxW0tJNBzYz4XFUKxyK++h7aJVm5UQymSSNm/wgEnANfpCQ4+ JtlA== X-Gm-Message-State: AOJu0Yzn2td5e+nPWpvpmaghJmBYlp8WEXlAAr2gOGc+mZBZko2IDMTM TuyhobUDboJ6/7BrX6EfVib3eUBzCr7PhnAJLsNAXec8fLV7/qWLrARFrEa6/Da44wsWEymYcUh 9OluMLe4Y3Ko= X-Received: by 2002:a05:620a:430e:b0:76c:c601:367f with SMTP id u14-20020a05620a430e00b0076cc601367fmr923540qko.36.1695905726459; Thu, 28 Sep 2023 05:55:26 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFMXwEot4+7yhPCsisxUY3uf2TL6o8grOmBxp49L8okK6ad+7nPn/hioefoDjWOBvMUnPfWlQ== X-Received: by 2002:a05:620a:430e:b0:76c:c601:367f with SMTP id u14-20020a05620a430e00b0076cc601367fmr923525qko.36.1695905726184; Thu, 28 Sep 2023 05:55:26 -0700 (PDT) Received: from rh (p200300c93f19a200f43f623a676b2d27.dip0.t-ipconnect.de. [2003:c9:3f19:a200:f43f:623a:676b:2d27]) by smtp.gmail.com with ESMTPSA id c1-20020ac84e01000000b00403ad6ec2e8sm3676249qtw.26.2023.09.28.05.55.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 28 Sep 2023 05:55:25 -0700 (PDT) Date: Thu, 28 Sep 2023 14:55:22 +0200 (CEST) From: Sebastian Ott To: Kees Cook cc: Eric Biederman , =?ISO-8859-15?Q?Thomas_Wei=DFschuh?= , Al Viro , Christian Brauner , Pedro Falcato , linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH v3 0/4] binfmt_elf: Support segments with 0 filesz and misaligned starts In-Reply-To: <20230927033634.make.602-kees@kernel.org> Message-ID: <6208fd50-43cd-85fc-e9a6-f10281a15902@redhat.com> References: <20230927033634.make.602-kees@kernel.org> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=US-ASCII; format=flowed X-Rspam-User: X-Stat-Signature: pacmnifffxi3hmcutmxa3mneez4nhb5q X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 19B10140028 X-HE-Tag: 1695905728-55488 X-HE-Meta: U2FsdGVkX19hPa+KpaSqvVFrLyOSajg1ZIyjATfjxF15f0KY0pSVRBiAsCXHZWgIoYpOeMAD0CF+oTTUF9Y6NG68SbdYDV488llA+kmY2N6wozn+I3vhb39O5+DptMKJVHxsmJyfWP6vXW/2QeQA6dcKguGdG52xRr+bZ4/ceKYY9dW1xpw///+WPj3joWORqHFCnJhcqfkun8oGST4bE8Oxvfsr+JdbPidSz/Ip6QgfIU8mMB4MuBl7z/6jbuK2n2+eEjUBq1YJyCho7Ruye2Mksc6jmdPM2aum+ErqYnwoWoZFTtC/4iwGcncKlWQEtPjBrlp5bfG8/rFxTxdzvhl2YOkH7vqicPNFAI+nz4wPcgm5u+SGWVuqcUbIh1LaOjLheUzOpnin7GvWzYPoJUiXtDVwFFzhpDpghg8MuhLHVM1Bdkfuayv9lvv691Kq7KO9T9B+enbaUuOQ3R4K8UxU718CSBugat4PL0pOPlfiHFub70c0gLWaWMZd8CHjDUdoUaTxpdGXKcCkFUQTNLcCqWE8z/2TO9/zJlojbX2Qfj4t3OuiE9128TQbeKRn/869VJvJA3X5VR7+vLp5eGxjILrCDMlGGlZdkxiK6nTSAvCkcJFcHEh0PPEd2N1B/emeG+6Z1IniUaiTUjoTMi254cQLn1nc0PWtoDNBwNmWizYcFj2kU9FnY4bQVXubyAFIjnutHWO39mQpel4B9T+KgSVkRPoRfLq0HG2LautiRfA4yTCrIraB+mLTx1jXY6Xmsf2uJSzyODo8zRbixULYUVQRVdeEDavaPRzluB5PUw9w4Xv5iyx18ILaeWuf1pL0aPTbkPwl+hhV6yJEWT16Q0Qp6IGl4IYFdDHpv2kS8Zu908Nyhhtq1Ry4IUS8+4rsc60cyeLLnW4oKZaxWvT223KaMMPtLte04GyRKR+CC/X3ZM4uQwSADdkwrdz+iAzEuch5Fckwp8vCuI2 m3x42pwT WBkxW5Dgn8ZDkydfp5ktmFuAdltNL1+QHH+/k0L+GP8Tz7XywRUloaL1z7DZjEwQVEp32u7/zro+ttD53XF0sh2EUyjSC7joR/b10ne7SKDoaIBpn9cgJb+uLQ4QZgUQo1lKQcjncgwdR4gj4hztgT0vRtRQILQlIlllehnk6j47Tq4+WyV1sPTuGTnk3za0/AcoZb3WNTWLLfAVwUZUuUyYHZs3bfpbaL06HFfrKDW/v6VI08l+LpG5qIcyAXpCjBzI3mYNuF4hM2ib5rk4wrnLlYUmzbNItA1MWSriceGaXNvnlYA0PjTSk8jSUqh463FefazfNTCe8cqPWn/sU98NHVl/6V5FbCnAnHHcTqNPHNJ7CXxEHfULYguqdozL9duQyk//YkdJfytaWt5z2jjwtpa5OQPo0f3jKKhfyFl1vZElSIk3brVRXaPAPmyIDcoqgKRHSSilg1RclPROosKeCuA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.042583, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Tue, 26 Sep 2023, Kees Cook wrote: > This is the continuation of the work Eric started for handling > "p_memsz > p_filesz" in arbitrary segments (rather than just the last, > BSS, segment). I've added the suggested changes: > > - drop unused "elf_bss" variable > - report padzero() errors when PROT_WRITE is present > - refactor load_elf_interp() to use elf_load() > > This passes my quick smoke tests, but I'm still trying to construct some > more complete tests... I've repeated all my tests with this one - no issues found. Thanks, Sebastian