From patchwork Wed Sep 28 22:54:39 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jann Horn X-Patchwork-Id: 9355129 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 8427B60756 for ; Wed, 28 Sep 2016 22:55:48 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 75114296CB for ; Wed, 28 Sep 2016 22:55:48 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 664C32964E; Wed, 28 Sep 2016 22:55:48 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id BBCE92964E for ; Wed, 28 Sep 2016 22:55:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932701AbcI1Wy5 (ORCPT ); Wed, 28 Sep 2016 18:54:57 -0400 Received: from thejh.net ([37.221.195.125]:52523 "EHLO thejh.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753162AbcI1Wy4 (ORCPT ); Wed, 28 Sep 2016 18:54:56 -0400 Received: from pc.thejh.net (pc.vpn [192.168.44.2]) by thejh.net (Postfix) with ESMTPSA id 5643717FAD7; Thu, 29 Sep 2016 00:54:54 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=thejh.net; s=s2016; t=1475103294; bh=PPtJc6i3gurj7lg31NenHV2OQqI/RGM6Evna1Ncyr6E=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=a0PqKOhVKzMy55PMf7Q6acBpK3aFcn88aj1zOSOYKbGLj8lUQU0UCcZok10B6E3My ZoH+YX1upGYb2pPHU6/5iaSt4yhLXDxy6Gv3smm4ePcFWn8siPv3UdcADuRw6hoKTN qXH68B4CmiTh13FyajA36x4bpsMWIue0ZpeLRjjojiZZ12DQIphlwxxMyqPDdeIkvr ac9BX0rXVhw95r7CNc7u/tYJsWyI/P5Ektvn7F/sugjiUFX+npxWr6rAYwuPSL6A0r 5ILn2SPOpwMyXLNiTOMSmby47mIFqVzcYRYeoRwi7vWCDF5QhpzPsTRJ9aIBZFogkW kYNG+p8WT6yPQ== From: Jann Horn To: security@kernel.org, Alexander Viro , Paul Moore , Stephen Smalley , Eric Paris , James Morris , "Serge E. Hallyn" Cc: Nick Kralevich , Janis Danisevskis , linux-security-module@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org Subject: [PATCH v2 1/3] fs/exec: don't force writing memory access Date: Thu, 29 Sep 2016 00:54:39 +0200 Message-Id: <1475103281-7989-2-git-send-email-jann@thejh.net> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1475103281-7989-1-git-send-email-jann@thejh.net> References: <1475103281-7989-1-git-send-email-jann@thejh.net> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP This shouldn't change behavior in any way - at this point, there should be no non-writable mappings, only the initial stack mapping -, but this change makes it easier to reason about the correctness of the following commits that place restrictions on forced memory writes. Signed-off-by: Jann Horn Reviewed-by: Janis Danisevskis --- fs/exec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/exec.c b/fs/exec.c index 6fcfb3f..d607da8 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -204,7 +204,7 @@ static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, * doing the exec and bprm->mm is the new process's mm. */ ret = get_user_pages_remote(current, bprm->mm, pos, 1, write, - 1, &page, NULL); + 0, &page, NULL); if (ret <= 0) return NULL;