From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id B4237E728C0 for ; Fri, 29 Sep 2023 15:45:49 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3EB9E8D00E3; Fri, 29 Sep 2023 11:45:49 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 39C028D0023; Fri, 29 Sep 2023 11:45:49 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 2632A8D00E3; Fri, 29 Sep 2023 11:45:49 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 16B018D0023 for ; Fri, 29 Sep 2023 11:45:49 -0400 (EDT) Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id D2CA7140189 for ; Fri, 29 Sep 2023 15:45:48 +0000 (UTC) X-FDA: 81290060376.18.17925E3 Received: from out03.mta.xmission.com (out03.mta.xmission.com [166.70.13.233]) by imf08.hostedemail.com (Postfix) with ESMTP id 4ADFB160011 for ; Fri, 29 Sep 2023 15:45:46 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=none; dmarc=pass (policy=none) header.from=xmission.com; spf=pass (imf08.hostedemail.com: domain of ebiederm@xmission.com designates 166.70.13.233 as permitted sender) smtp.mailfrom=ebiederm@xmission.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1696002346; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=KCkk9/Tkre9reAWRUwuyygjxGzBxccOA9t1lM2eUd3c=; b=pE5o1GrzR8BkpXcyRIyLOXloBycwCkUKxZSnuP5Ht4VSFIUVUaZ71T1Xrz2quPKEMNT0Gg +K46zEyNE+XUvkPqnSeCZTJFl33meDeMcSseqjfcCtXGJmEThCBV25D3+C10V9uSstKzqu ZYVH+PnT+gcTJDILiXxhcRTGI+ao7gk= ARC-Authentication-Results: i=1; imf08.hostedemail.com; dkim=none; dmarc=pass (policy=none) header.from=xmission.com; spf=pass (imf08.hostedemail.com: domain of ebiederm@xmission.com designates 166.70.13.233 as permitted sender) smtp.mailfrom=ebiederm@xmission.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1696002346; a=rsa-sha256; cv=none; b=l31x//YavoImAAfYFfIVutrzK5oKPplafvCkl4ijD0kHw0T6fm8wXIcP3t0shrArpSRUHE /DDHy9vjDFdkwEH0xc5KmC0y1zANyqHIvV/th9Tibg9h2LX7P2znC3mYtBCdEnbz/D45V+ cNzJTzUfDVPYVURM0ZW5qZgNOxaWaY0= Received: from in02.mta.xmission.com ([166.70.13.52]:44246) by out03.mta.xmission.com with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1qmFgW-00G0cZ-8R; Fri, 29 Sep 2023 09:45:44 -0600 Received: from ip68-227-168-167.om.om.cox.net ([68.227.168.167]:41658 helo=email.froward.int.ebiederm.org.xmission.com) by in02.mta.xmission.com with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1qmFgU-00H7NY-Vb; Fri, 29 Sep 2023 09:45:43 -0600 From: "Eric W. Biederman" To: Sebastian Ott Cc: Kees Cook , Thomas =?utf-8?Q?Wei=C3=9Fschuh?= , Pedro Falcato , Al Viro , Christian Brauner , Andrew Morton , linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-hardening@vger.kernel.org References: <20230929031716.it.155-kees@kernel.org> <7ddc633e-c724-ad8d-e7ca-62d6b012b9e9@redhat.com> Date: Fri, 29 Sep 2023 10:45:35 -0500 In-Reply-To: <7ddc633e-c724-ad8d-e7ca-62d6b012b9e9@redhat.com> (Sebastian Ott's message of "Fri, 29 Sep 2023 13:33:50 +0200 (CEST)") Message-ID: <874jjd6l0g.fsf@email.froward.int.ebiederm.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-XM-SPF: eid=1qmFgU-00H7NY-Vb;;;mid=<874jjd6l0g.fsf@email.froward.int.ebiederm.org>;;;hst=in02.mta.xmission.com;;;ip=68.227.168.167;;;frm=ebiederm@xmission.com;;;spf=pass X-XM-AID: U2FsdGVkX19qOgVaSfVR9pj3QS9bIi6xEj+LTb3sHKw= X-SA-Exim-Connect-IP: 68.227.168.167 X-SA-Exim-Mail-From: ebiederm@xmission.com Subject: Re: [PATCH v4 0/6] binfmt_elf: Support segments with 0 filesz and misaligned starts X-SA-Exim-Version: 4.2.1 (built Sat, 08 Feb 2020 21:53:50 +0000) X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com) X-Rspamd-Queue-Id: 4ADFB160011 X-Rspam-User: X-Rspamd-Server: rspam04 X-Stat-Signature: xwmf3yyfz7eqojnnh9yumf58igaxgoqg X-HE-Tag: 1696002346-665764 X-HE-Meta: U2FsdGVkX19YyTO9ovBkZwdKlozaGddXLzYM45rYkipcg56z7dQROqUfdrOSI2vjiwveMzCRDS29otoJw0TXdgPTMxRJNZ6JIsjbLcJiEt5ruuvtH9m+BLLl0A1RqwQL6lz2+wTYA5EjaJZhMEpIKXlsjYtJZcHb5d6txMoINmY8qdsBNkIwXZ6xgKMC6ADtRojFHY7SFAR8+UJFPeyHRxCGiEnN6pbEeW26ql0LGOEyMYD65RQQUwTwv6r8jHIeUOwfQYDbhlM/aDvtQ9Dzgu245IaEmPT3tMbscRmcvNUAOSa8Xzqelik/kx5zImiZzekO/449j69os5IlDoDGlCF1k/pkhkDJ2abYTcVe41STtNPrGBEfNHxiPQPSkDPlxMrD6plYAVqWVJAQVPcAnHy/SUpTWBtYPr4Tpz4VH7S9qYVHM6uFuBRrKcdGkvAH6N8FbtT5z9omCayisIgRiUOkgnK8qxhIfY6ZZa99H/9SC2A1qMvhZKYDXdEzzb+mUxi2lJQMUnoOxgOwX8B8y0D9YrvzMlL9dSLupRBFukAX23xeYEljjxwZX9L0osnde42rHiJkLua9ZNu1mQ9tjwMU981amwSnniQTT1Q22CgS8E3ZmqSVJamwvlApvhNHJj7d5ChRXu+ZpTAuskaTH6XPPNUBekxwEB+ZF7VexRpPJv96wfvR2Mjt4Uk8sictMVGuwk5wSXNLIcsRikbiC4l8cKJMkd6wZMrY25eBckLtpS1/s6qfjFXIoQfITrQDlyWPJU5118p2fpvxI/UdLqlo+C+QSqN9Z2m+j5o8GgXUN2IUWAbn+ZKglOe5CzYA1uj0rGqirzeHq9XKmhYo0FD5n95FzMoNkqrhqWX4S5u5JMoJyP1f7GUm9OPGZ+OvaKRtaRrad7tCjGpr5Hd4P57T5Uw3nhaYPIPn6QnVrL0sqCAAhYWjOYlHqTvFz1Zu/ZyZMoBLqbdtA2hXwPj l7EYDmxe G9xk4c+YK+Q1AVRriiEtD47N3XOXZsslOhasTOquVM9TsLqKou817JOio8lB6yfCL5EVm81/ikz+NJzDMV2em/pxascufrzpvpFeP1uNm4FQDyHHxkly0NkBroUpSnlVCmKiSI75CX42WPxF/uZD9YY5un00xWP0CLSZD1q86k8xRFqUxTdQaO8p8nYW8OBHbun6mC+ci/wM3chxoXy4TWJvYQZ/HQgK0Wc4Urlm9i9QeplCVp2c7C948L1ZTnoDgx1ZJ91LDUk+nYS+ZBENjVUMISrZ4iVZqaknx X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Sebastian Ott writes: > Hello Kees, > > On Thu, 28 Sep 2023, Kees Cook wrote: >> This is the continuation of the work Eric started for handling >> "p_memsz > p_filesz" in arbitrary segments (rather than just the last, >> BSS, segment). I've added the suggested changes: >> >> - drop unused "elf_bss" variable >> - refactor load_elf_interp() to use elf_load() >> - refactor load_elf_library() to use elf_load() >> - report padzero() errors when PROT_WRITE is present >> - drop vm_brk() > > While I was debugging the initial issue I stumbled over the following > - care to take it as part of this series? > > ----->8 > [PATCH] mm: vm_brk_flags don't bail out while holding lock > > Calling vm_brk_flags() with flags set other than VM_EXEC > will exit the function without releasing the mmap_write_lock. > > Just do the sanity check before the lock is acquired. This > doesn't fix an actual issue since no caller sets a flag other > than VM_EXEC. That seems like a sensible patch. Have you by any chance read this code enough to understand what is gained by calling vm_brk_flags rather than vm_mmap without a file? Unless there is a real advantage it probably makes sense to replace the call of vm_brk_flags with vm_mmap(NULL, ...) as binfmt_elf_fdpic has already done. That would allow removing vm_brk_flags and sys_brk would be the last caller of do_brk_flags. Eric > Cc: Andrew Morton > Cc: linux-mm@kvack.org > Signed-off-by: Sebastian Ott > --- > mm/mmap.c | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > > diff --git a/mm/mmap.c b/mm/mmap.c > index b56a7f0c9f85..7ed286662839 100644 > --- a/mm/mmap.c > +++ b/mm/mmap.c > @@ -3143,13 +3143,13 @@ int vm_brk_flags(unsigned long addr, unsigned long request, unsigned long flags) > if (!len) > return 0; > > - if (mmap_write_lock_killable(mm)) > - return -EINTR; > - > /* Until we need other flags, refuse anything except VM_EXEC. */ > if ((flags & (~VM_EXEC)) != 0) > return -EINVAL; > > + if (mmap_write_lock_killable(mm)) > + return -EINTR; > + > ret = check_brk_limits(addr, len); > if (ret) > goto limits_failed;