[v3,0/4] binfmt_elf: Support segments with 0 filesz and misaligned starts

Message ID	20230927033634.make.602-kees@kernel.org (mailing list archive)
Headers	show Return-Path: <owner-linux-mm@kvack.org> From: Kees Cook <keescook@chromium.org> To: Eric Biederman <ebiederm@xmission.com> Cc: Kees Cook <keescook@chromium.org>, Sebastian Ott <sebott@redhat.com>, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= <linux@weissschuh.net>, Al Viro <viro@zeniv.linux.org.uk>, Christian Brauner <brauner@kernel.org>, Pedro Falcato <pedro.falcato@gmail.com>, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-hardening@vger.kernel.org Subject: [PATCH v3 0/4] binfmt_elf: Support segments with 0 filesz and misaligned starts Date: Tue, 26 Sep 2023 20:42:17 -0700 Message-Id: <20230927033634.make.602-kees@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: owner-linux-mm@kvack.org Precedence: bulk
Series	binfmt_elf: Support segments with 0 filesz and misaligned starts \| expand [v3,0/4] binfmt_elf: Support segments with 0 filesz and misaligned starts [v3,1/4] binfmt_elf: Support segments with 0 filesz and misaligned starts [v3,2/4] binfmt_elf: elf_bss no longer used by load_elf_binary() [v3,3/4] binfmt_elf: Provide prot bits as context for padzero() errors [v3,4/4] binfmt_elf: Use elf_load() for interpreter

Message ID

20230927033634.make.602-kees@kernel.org (mailing list archive)

Headers

From: Kees Cook <keescook@chromium.org>
To: Eric Biederman <ebiederm@xmission.com>
Cc: Kees Cook <keescook@chromium.org>, Sebastian Ott <sebott@redhat.com>,
	=?utf-8?q?Thomas_Wei=C3=9Fschuh?= <linux@weissschuh.net>,
 Al Viro <viro@zeniv.linux.org.uk>, Christian Brauner <brauner@kernel.org>,
 Pedro Falcato <pedro.falcato@gmail.com>, linux-kernel@vger.kernel.org,
 linux-fsdevel@vger.kernel.org, linux-mm@kvack.org,
 linux-hardening@vger.kernel.org
Subject: [PATCH v3 0/4] binfmt_elf: Support segments with 0 filesz and
 misaligned starts
Date: Tue, 26 Sep 2023 20:42:17 -0700
Message-Id: <20230927033634.make.602-kees@kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sender: owner-linux-mm@kvack.org
Precedence: bulk

Series

binfmt_elf: Support segments with 0 filesz and misaligned starts | expand

Message

Kees Cook Sept. 27, 2023, 3:42 a.m. UTC

Hi,

This is the continuation of the work Eric started for handling
"p_memsz > p_filesz" in arbitrary segments (rather than just the last,
BSS, segment). I've added the suggested changes:

 - drop unused "elf_bss" variable
 - report padzero() errors when PROT_WRITE is present
 - refactor load_elf_interp() to use elf_load()

This passes my quick smoke tests, but I'm still trying to construct some
more complete tests...

-Kees

Eric W. Biederman (1):
  binfmt_elf: Support segments with 0 filesz and misaligned starts

Kees Cook (3):
  binfmt_elf: elf_bss no longer used by load_elf_binary()
  binfmt_elf: Provide prot bits as context for padzero() errors
  binfmt_elf: Use elf_load() for interpreter

 fs/binfmt_elf.c | 192 ++++++++++++++++++------------------------------
 1 file changed, 71 insertions(+), 121 deletions(-)

Comments

Eric W. Biederman Sept. 27, 2023, 8:25 p.m. UTC | #1

Kees Cook <keescook@chromium.org> writes:

> Hi,
>
> This is the continuation of the work Eric started for handling
> "p_memsz > p_filesz" in arbitrary segments (rather than just the last,
> BSS, segment). I've added the suggested changes:
>
>  - drop unused "elf_bss" variable
>  - report padzero() errors when PROT_WRITE is present
>  - refactor load_elf_interp() to use elf_load()
>
> This passes my quick smoke tests, but I'm still trying to construct some
> more complete tests...

Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>

You might also consider using elf_load in load_elf_library.

The code in load_elf_library only supports files with a single program
header, and I think is only needed for libc5.

The advantage is that load_elf_library would be using well tested code,
vm_brk would have no callers, and padzero would only be called by
elf_load, and load_elf_library would do little more than just call
load_elf_library.

Eric

>
> -Kees
>
> Eric W. Biederman (1):
>   binfmt_elf: Support segments with 0 filesz and misaligned starts
>
> Kees Cook (3):
>   binfmt_elf: elf_bss no longer used by load_elf_binary()
>   binfmt_elf: Provide prot bits as context for padzero() errors
>   binfmt_elf: Use elf_load() for interpreter
>
>  fs/binfmt_elf.c | 192 ++++++++++++++++++------------------------------
>  1 file changed, 71 insertions(+), 121 deletions(-)

Sebastian Ott Sept. 28, 2023, 12:55 p.m. UTC | #2

On Tue, 26 Sep 2023, Kees Cook wrote:
> This is the continuation of the work Eric started for handling
> "p_memsz > p_filesz" in arbitrary segments (rather than just the last,
> BSS, segment). I've added the suggested changes:
>
> - drop unused "elf_bss" variable
> - report padzero() errors when PROT_WRITE is present
> - refactor load_elf_interp() to use elf_load()
>
> This passes my quick smoke tests, but I'm still trying to construct some
> more complete tests...

I've repeated all my tests with this one - no issues found.

Thanks,
Sebastian