From patchwork Thu Aug 1 17:08:32 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13750763 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 04663C3DA4A for ; Thu, 1 Aug 2024 17:08:51 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 543FF6B007B; Thu, 1 Aug 2024 13:08:51 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 4CC486B0082; Thu, 1 Aug 2024 13:08:51 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 36CB86B0083; Thu, 1 Aug 2024 13:08:51 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 1852E6B007B for ; Thu, 1 Aug 2024 13:08:51 -0400 (EDT) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 7634540F11 for ; Thu, 1 Aug 2024 17:08:50 +0000 (UTC) X-FDA: 82404311220.24.731502A Received: from mail-pf1-f178.google.com (mail-pf1-f178.google.com [209.85.210.178]) by imf10.hostedemail.com (Postfix) with ESMTP id 8DAEFC0027 for ; Thu, 1 Aug 2024 17:08:47 +0000 (UTC) Authentication-Results: imf10.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b="IOQ/nXlj"; spf=pass (imf10.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.210.178 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1722532052; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:in-reply-to: references:dkim-signature; bh=2AgtxsASzuesMwzhZyhyOQc/xVilmb27Zrh8mxKKU/k=; b=gI2Qyaw1SK+Z+YOvlaW2pPBWRlz69MHLj0Vzd5P3IwvFU/2KD5x6PXIWmMuGczdtcIJQ4X yHgdK/oESG3oFcSGCxPlHWje1OEzP0HPnoMPmo6o2Cn8PQ/LT/ijC06+yFjJe0qIh4yXc+ ijBV+sm5qqoTi9mKdMtE491egMZhdR4= ARC-Authentication-Results: i=1; imf10.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b="IOQ/nXlj"; spf=pass (imf10.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.210.178 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1722532052; a=rsa-sha256; cv=none; b=SK5jLN/XVD7i4tPNYcCEyashHC+QhUnL0KU8dZviTApxmQpJdvCmciu1LD7UfppQR0d6R2 Ao3YI712D4Ms1SBaza+T6EjhGn+fnAB75LUiPzp/5F1VYAPlBC4DrMBHByxRDybWdN7mrM dJr5Mwtgxt1yRjBBzYqtLM9c7aARjWU= Received: by mail-pf1-f178.google.com with SMTP id d2e1a72fcca58-70eaf5874ddso5551247b3a.3 for ; Thu, 01 Aug 2024 10:08:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1722532126; x=1723136926; darn=kvack.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=2AgtxsASzuesMwzhZyhyOQc/xVilmb27Zrh8mxKKU/k=; b=IOQ/nXljoGDGWWWpm6b1d9qNUiBC2+NQ7TjGRBuMX8drFfkBza/67HGPCeOAFUD08G XIhN4fvHfSJoMpUlWA0dW8drCa/mz5yNGKrZWZClmXLEC80ohUSmoqbtGni7yw8Sky/7 eVwTwzcwPcGjshPYKV706YV4yObs+4/j+QaqE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722532126; x=1723136926; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=2AgtxsASzuesMwzhZyhyOQc/xVilmb27Zrh8mxKKU/k=; b=D/agNLd789PXJoS56G/tGQAmcY7ZrOnzv2dsElV7naHk+c17pYip0DnffT3YuaSZRl rX7Kf3A+TM/Oq5n1GZimtIcZlAZwy64J8MxHsi8cBzPwy4+4vrI8ZeVXbCXy2gfUpCnv 0w2e2XJGvVwzBnE6Bf+WH5ns9gxC/EIzwp+3RCNT+zpAgfp+rq8vFxtRKt7EbG39jA5E Em5YNNEdrp45DjdImGV8zJgGWqyKhcFA8OL3N6UMmO+Ic/NiGDesvJJmr1/3ZntPcENb cfv/xHrArusFET3J+I3SeDV7JMdXZHMPO2rOSdIaidEXHsbrGS/EoCOWuT2q0KaFcar0 rIyQ== X-Forwarded-Encrypted: i=1; AJvYcCUbO6umjptUXwI50GSGccj8vXeIpzW+Rq7Y+QjzDDQVGNBUuRNyNip64SQuwatu1GcOfiXtfJj2On5FQ227aBLASoY= X-Gm-Message-State: AOJu0Ywecf6HdZ3OWXu11fAVeXkN0VACBYuc4j/b5Zm0cZhjQ0I9E2jX keLxyHqCGb4979zmekhhT/oDVSuDaAxsBRwWWXMo4Kg0qo5wt3Yj9xGsTaM09A== X-Google-Smtp-Source: AGHT+IHMo7aSYZtzoq8B3sm5uUid+/iPV/ZLqe860tbXT7GJBuzYVH8fFwPDZAUFhwmG7PWcHVTMDA== X-Received: by 2002:a05:6a20:3d85:b0:1c0:ef24:4125 with SMTP id adf61e73a8af0-1c699560912mr1207360637.26.1722532125792; Thu, 01 Aug 2024 10:08:45 -0700 (PDT) Received: from localhost (25.11.145.34.bc.googleusercontent.com. [34.145.11.25]) by smtp.gmail.com with UTF8SMTPSA id d2e1a72fcca58-7106ec49486sm69042b3a.55.2024.08.01.10.08.44 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 01 Aug 2024 10:08:45 -0700 (PDT) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, sroettger@google.com, adhemerval.zanella@linaro.org, ojeda@kernel.org, adobriyan@gmail.com Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, Jeff Xu Subject: [RFC PATCH v1 0/1] binfmt_elf: seal address zero Date: Thu, 1 Aug 2024 17:08:32 +0000 Message-ID: <20240801170838.356177-1-jeffxu@google.com> X-Mailer: git-send-email 2.46.0.rc2.264.g509ed76dc8-goog MIME-Version: 1.0 X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 8DAEFC0027 X-Stat-Signature: 3m5ign3h8nmgxrp1z7s69ghzzcs16icz X-Rspam-User: X-HE-Tag: 1722532127-362758 X-HE-Meta: U2FsdGVkX18vcNZ9S7nL9i3JWCbVnOHNcYi+hZWCxdTas6Bf3WOb5jvJvXOFTPmpfjsnjcwE1Kg5YMWRnvVyL/PoDcEukB4A8Bf5UHwiQyrv1iD/p6AEPP8gF0Q2pCTi/hLoAgDvjrsHssB6xme/+48awChV7i/3w2Ww4gZr6JIqGVm+AGQ+FIk2aDr5iUjIUwugPeiK0gS0SPi+5WwPgezYHG1DBLj3HIh3IpO4l/+4YAEPAcFSmn9m4PAf8b+Sh+Mg8Xb7qRjANZed9YRrZ2yPBRW0pmvFqNR8PYpVepa9ceDfNdEFEN3hw95EJj+LbhxR6SW3HLC3nJftSeCSFp1ctsH6jcG/0WjQ75qvx8ViFUD+hEW4cxbKCrFcNGtvwOmCZNa0rF+s/67ibTjAqH4rkKt3+JREyluB2fImuDnvvMc015bN1aS3GqEjcbjAsfCL9oL4UWrzI7Q9djOkRazihLD6adrvgJoZ2q8TV8tGIcPrd+RMbDTuvigN4H+nM2IZ/W0Pp2LMckKcamjRX/APtfK8z69iDAxbBtnBRdEn4ZtgBr/yyoJkW7OUjUCKNzETScsH/hKRO5D4iBN8RHPWiapZ2+toFiUXYFzHQyQpO16SHpzrKCnA9A2UGWLhdpJh5wGQr/36p/XUSxdbhksdhMOX35Xock3rcOR2LUKJjnOnqDeABkQOsHFwKJ0bNcKilkHL0CetErhzWz0ttXG7H4UxH4M8ypRhuzbYbofkbwuxcMa6W9ZOWmB6v9R+JPG9AZwuHus2L8hVyweLmpFBij8/DvweIA4asBbMw19+y8Bjfu9qy5Q44N1jOqYvLwh4TC9VJnE9/qobfTmpjcyCpKFVaDZvVSxphZ8aygB8W8bRCq6hRBqoQFP+jkpNaMmlYkj39fpgPH2+P8TuQCVGmy8FdvrRrGYwNGXwdxu5LdI7CCDtRynJext9oxUnDjyZvSYxR4egugC0SS6 MyV++GEo xAIkIUU/pKeNM3dFC/JLiPfnv7G0EyZITjaRjU10Ya2RToVJWvelKioE1S17dZrYTD0mAyxh7rTtP/WbREuWAt36nEaxqAoItKLNDYDlJZYYrZ9xOG7zoLHciTCujwAreLwdNBr25zdFfwZoNAHjg4NmtVGsIjlRX717QZimuhmPNLTmnQAzLzrw1x8yprsbNXJX6ZfWNwQ5vBRfBcvLrFKCpgGzt+SEO/vAyIrb6ybuyGOKlByiLGr9C/gBndnbFVPisTchMAY+lXZ7lU9QPqpNbJNqDgxh4qaaqzQA8FE3IQJuUuOwTLuqU0Vs7gtA2S1sqszAoJBfHy5z7SVDJuPCGf+4wdQWb9utz1NVMA8UQBpdUg8YEfXF8KDjlVo87dGx20zfLO+naV+M= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000261, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu In load_elf_binary as part of the execve(), when the current task’s personality has MMAP_PAGE_ZERO set, the kernel allocates one page at address 0. According to the comment: /* Why this, you ask??? Well SVr4 maps page 0 as read-only, and some applications "depend" upon this behavior. Since we do not have the power to recompile these, we emulate the SVr4 behavior. Sigh. */ At one point, Linus suggested removing this [1]. Sealing this is probably safe, the comment doesn’t say the app ever wanting to change the mapping to rwx. Sealing also ensures that never happens. [1] https://lore.kernel.org/lkml/CAHk-=whVa=nm_GW=NVfPHqcxDbWt4JjjK1YWb0cLjO4ZSGyiDA@mail.gmail.com/ Jeff Xu (1): binfmt_elf: mseal address zero fs/binfmt_elf.c | 4 ++++ include/linux/mm.h | 4 ++++ mm/mseal.c | 2 +- 3 files changed, 9 insertions(+), 1 deletion(-)