From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7EFBEE7F154 for ; Fri, 29 Sep 2023 11:34:01 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B23BA8D0033; Fri, 29 Sep 2023 07:34:00 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id AD42C8D0023; Fri, 29 Sep 2023 07:34:00 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 99BBD8D0033; Fri, 29 Sep 2023 07:34:00 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 8B1C58D0023 for ; Fri, 29 Sep 2023 07:34:00 -0400 (EDT) Received: from smtpin20.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 605B71A130D for ; Fri, 29 Sep 2023 11:34:00 +0000 (UTC) X-FDA: 81289425840.20.C66BEE2 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by imf08.hostedemail.com (Postfix) with ESMTP id 73633160008 for ; Fri, 29 Sep 2023 11:33:57 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=ilmCQ8BG; spf=pass (imf08.hostedemail.com: domain of sebott@redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=sebott@redhat.com; dmarc=pass (policy=none) header.from=redhat.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1695987237; a=rsa-sha256; cv=none; b=RcnfaNM4IGYp6ETLSNCGx+1lH4iHOSisJV1mwo1XcrS+ta0njEvB22QeJetsr0G2oW1PGF 5wzBH9ieDMv74zc1U9ikVgCeMy7zVRq5srzIwWYz7d1+OmJgftEFi3ceA+n1s5vB0B1InY /BghoRyuuU3Zqp6uLA/5B7LU834IjN0= ARC-Authentication-Results: i=1; imf08.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=ilmCQ8BG; spf=pass (imf08.hostedemail.com: domain of sebott@redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=sebott@redhat.com; dmarc=pass (policy=none) header.from=redhat.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1695987237; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=41757PcJTfcJdCCJnzrk+mJV9SfHrDKMX8xcqYqo8lQ=; b=mfumLYkEJPky7h2en8ld1zuQ4is3GaGiDVHAFA54L5odnI2bmaCm65V7IsY7iuL7yyAeZO 6JtYN7x3OWMGM23zNXKI95VGX10Rx7PRoxSN9hfTiC6PYT8B9Aui98x7cUZ+6uww+f143F h99GanrKKdthVanen92Jlg2r1llAd5o= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1695987236; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=41757PcJTfcJdCCJnzrk+mJV9SfHrDKMX8xcqYqo8lQ=; b=ilmCQ8BGoc+bvKHLOx4Lw8SPGt2CzqhAoroHn6EGwaxLiFTzFPq8pknq3lNthHyt2DXP7/ vM7N0amyhPjHthbZd3U8h6G871jaDHArPfgRONgIaAaH5+hVDjXBYPMGqxqvkcQxwPF2bB Bgeo6wW4l9oeCSgh4aqE56p2th1r5y8= Received: from mail-oa1-f69.google.com (mail-oa1-f69.google.com [209.85.160.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-88-FyfnpDP_MnGeYlQgOX4IIQ-1; Fri, 29 Sep 2023 07:33:55 -0400 X-MC-Unique: FyfnpDP_MnGeYlQgOX4IIQ-1 Received: by mail-oa1-f69.google.com with SMTP id 586e51a60fabf-1dc580ed1e4so29942912fac.1 for ; Fri, 29 Sep 2023 04:33:55 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1695987234; x=1696592034; h=mime-version:references:message-id:in-reply-to:subject:cc:to:from :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=41757PcJTfcJdCCJnzrk+mJV9SfHrDKMX8xcqYqo8lQ=; b=HQmzHaqF7eYYkp/W1T49aqoVVWRtaS1F3yTlv+NRAbWizVozxmfpFMrUofrejno4VR YnBFdbKOcA4pN/xCNBjFwnP5vC1RGodAv1mPMHbWUKzDyT1OGLWOb9Z7u1jG7Q8XqfCz VgT7SJOF5YWFYW3uaC23tiUzy6wibkwshvF3vmw3t3ZUddCqQOkGBhM9cJO+pJbny9k7 1V3mcW2ddpJAqsHN2rIEatnvmp1QZQwZNYp2qlgsYR9kw4Lgzb5LmUvoh9Axh2spIEz3 wUQ7qpeOaTF/dQp1rO5m3lITOqqbXrp+Eko8i0GpYl6556isaGLXk3kd2uBgjD1feojx GYvg== X-Gm-Message-State: AOJu0Ywl5IUqzij7SOSGFJ1sV0F5eyprY+RL0Eg6mdEWyWQ3ZwZyrbPK vKe/AY+N4HRcRUrOqYz2IB8slg3pZZQOmu13RXUcM/r3euomDC5wdMThchr1qrmw11Db31BfkMe 9AH2e+rqDF5g= X-Received: by 2002:a05:6870:390c:b0:1d5:8fb8:98ef with SMTP id b12-20020a056870390c00b001d58fb898efmr4239898oap.31.1695987234751; Fri, 29 Sep 2023 04:33:54 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGy01C0dVSSXf6tbU8suZwYSLTAwJpM9IkDfrRHB2EAqrXb4oZMZ4C9QwPCRWN7o+nu7em3qg== X-Received: by 2002:a05:6870:390c:b0:1d5:8fb8:98ef with SMTP id b12-20020a056870390c00b001d58fb898efmr4239876oap.31.1695987234411; Fri, 29 Sep 2023 04:33:54 -0700 (PDT) Received: from rh (p200300c93f19a200f43f623a676b2d27.dip0.t-ipconnect.de. [2003:c9:3f19:a200:f43f:623a:676b:2d27]) by smtp.gmail.com with ESMTPSA id s8-20020a0cdc08000000b0065afa998364sm1149936qvk.95.2023.09.29.04.33.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 29 Sep 2023 04:33:54 -0700 (PDT) Date: Fri, 29 Sep 2023 13:33:50 +0200 (CEST) From: Sebastian Ott To: Kees Cook cc: Eric Biederman , =?ISO-8859-15?Q?Thomas_Wei=DFschuh?= , Pedro Falcato , Al Viro , Christian Brauner , Andrew Morton , linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH v4 0/6] binfmt_elf: Support segments with 0 filesz and misaligned starts In-Reply-To: <20230929031716.it.155-kees@kernel.org> Message-ID: <7ddc633e-c724-ad8d-e7ca-62d6b012b9e9@redhat.com> References: <20230929031716.it.155-kees@kernel.org> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=US-ASCII; format=flowed X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: 73633160008 X-Stat-Signature: jaazan5waud4q3rmfoargcqbk6ex48dw X-Rspam-User: X-HE-Tag: 1695987237-950024 X-HE-Meta: U2FsdGVkX1/Djdsrn4VvPfHbCjhEjbCuLdM6BxdAPzTi8/LWMH8zdetaZh0rqSObrZrHhDhIJSeonDANH6mZuKN+uMrHV1p9UsVM+XGJXVyja3/k9ioB2jYFD6aJF1rtmnROCK2P3RUOAX5rpi7EZFOt/dkhhSuLH8Zetixqhu96H66NoxvWjcphb8WatxAwEv3xo19hG8NrA9kMsSDcmoRTamcWv9UPW95wcM4lGaBIZw33gabWOYOv7qU1MGO7Q1DR3xO2+Ofb9kZvhyzV5t+QReNZADuGqmifrApu4bGDDdt3ljx52kgrGVIRFDu7QwDfa1AqTkv09EBRVLUPdVkRDDUAD3TEOul0n6vrd512C+3wrZShu5a/E6NfvT1fIl5kgZ1d/13mC0GN+99EOPONWth6DMiLuy0wn7qkQROibJkUacPuk8CMbOyyTE3c9rQr7HNGwOHm+VifsaRkWaWB64FdgOO24DXjgw++pLKPJyG4rWYihdeVt/y1B3GIbCxRA3M4cbPd+S2X0DGkpcBVF7VzEa1tKah1Z2sMLF3xXKv3itE93An9ab/vUeFwbVcNUNH8EzphBYMfqGemqo06sWZoeAKLdvIO1Sk2Jbo+ELS4b3nrUT3yHbIJ1WVxZpWxKH/7pf3+N2Vi6MT2TxqUNKiqvFrodzSFLNpmPfz9BcUYeiAOwhEF4wuSDBINFm52BSE0DUZm1io4AHMuAc9Mi92F9C41hN1vl9mo/VsMLwVnOU35iV3dqvYiinZOWwxhEYV7kDG+2aSUfXs5Jk68GW2vJ5cFCz1Rgt27OHs+De29Vxkzx19zNfmkzay06Z02PjPz5cdxfFUuafEB2BhEv5Y1t2B0o7Nlvddh5l55bOMZmBBxJdNkt8F4Ms3QJr5Pke2wQHsSFW/Wjpyi2FAsCON3J0ZsPQPGfjD2xDmYUmW8Dnpz8FFLnzurjFWGwOR9qeUSpjZYKK6t9Cd kqGJ/3ge oOsT4w0/k+MgVCzFZAqXG+P/Q2uVY4JKPyNUllduvmUxfPacOmzq6YGEj1DiDBxg4toQn9I8jt0DVjtKBPpI2C2fTRxyJszmZ+3ZjvEiurLf2zY1Cyn4mgDoQ397MNGLeO0PnwPmvn96CS+qlUkvVN4PjnKRHEWGPp6Etla2oeAf01iQkr4XHteMnwCHvDiHg6lcQQ8XHP1fPNN8Ip+ZHxoH5XU65OBUqE0MtaHqi7bs6AVLBDSvGMT7ejLZZ7S8uo+3hfXjRa+T20k/OU1KC5VE+ubZ46a3vNgzjt93Rqls0Hcbdj1Fbww8UF0FSj49NwrUlDjUfAOf/4O9PCHP+avdesRD09kbsb2Xqn+xWDUc5dioPlv8hqODcozOGoZ8eyp1JHQxHW44lX8XvBO5MAEE05PPPSGq1e7zAEudcceaE0+1U/FbOrua5seeYQDvt77mjgfx5RjIFzZC5s3tgpr/fG7NV3uYl3hlAQZdUH9dvwJ4x0GWun0jMVMnml3vtXxy4WjfvHn2czTmJV92MtCPpx2mOSks71CwM5+P0W+pqGy0TXYFQ6BmxuxRhJvsaIHcGGd4T0AX6muDK/Rp1+ad4IJuY1rQ9lUYX X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Hello Kees, On Thu, 28 Sep 2023, Kees Cook wrote: > This is the continuation of the work Eric started for handling > "p_memsz > p_filesz" in arbitrary segments (rather than just the last, > BSS, segment). I've added the suggested changes: > > - drop unused "elf_bss" variable > - refactor load_elf_interp() to use elf_load() > - refactor load_elf_library() to use elf_load() > - report padzero() errors when PROT_WRITE is present > - drop vm_brk() While I was debugging the initial issue I stumbled over the following - care to take it as part of this series? ----->8 [PATCH] mm: vm_brk_flags don't bail out while holding lock Calling vm_brk_flags() with flags set other than VM_EXEC will exit the function without releasing the mmap_write_lock. Just do the sanity check before the lock is acquired. This doesn't fix an actual issue since no caller sets a flag other than VM_EXEC. Cc: Andrew Morton Cc: linux-mm@kvack.org Signed-off-by: Sebastian Ott --- mm/mmap.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/mm/mmap.c b/mm/mmap.c index b56a7f0c9f85..7ed286662839 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -3143,13 +3143,13 @@ int vm_brk_flags(unsigned long addr, unsigned long request, unsigned long flags) if (!len) return 0; - if (mmap_write_lock_killable(mm)) - return -EINTR; - /* Until we need other flags, refuse anything except VM_EXEC. */ if ((flags & (~VM_EXEC)) != 0) return -EINVAL; + if (mmap_write_lock_killable(mm)) + return -EINTR; + ret = check_brk_limits(addr, len); if (ret) goto limits_failed; -- 2.41.0