From patchwork Fri Jan 31 06:17:29 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Morton X-Patchwork-Id: 11359363 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 1C20B92A for ; Fri, 31 Jan 2020 06:17:33 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id DC78124685 for ; Fri, 31 Jan 2020 06:17:32 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=kernel.org header.i=@kernel.org header.b="bILwC/Sf" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org DC78124685 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 71BC56B05A3; Fri, 31 Jan 2020 01:17:31 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 6A7416B05A5; Fri, 31 Jan 2020 01:17:31 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 591F16B05A6; Fri, 31 Jan 2020 01:17:31 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0178.hostedemail.com [216.40.44.178]) by kanga.kvack.org (Postfix) with ESMTP id 3E4D16B05A3 for ; Fri, 31 Jan 2020 01:17:31 -0500 (EST) Received: from smtpin01.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay01.hostedemail.com (Postfix) with ESMTP id E055F180AD802 for ; Fri, 31 Jan 2020 06:17:30 +0000 (UTC) X-FDA: 76436922660.01.mint65_419278ff6ca11 X-Spam-Summary: 50,0,0,ce920df906de684a,d41d8cd98f00b204,akpm@linux-foundation.org,:adobriyan@gmail.com:akpm@linux-foundation.org:dan.carpenter@oracle.com:ebiederm@xmission.com::mm-commits@vger.kernel.org:torvalds@linux-foundation.org:will@kernel.org,RULES_HIT:41:355:379:800:960:967:973:988:989:1260:1263:1345:1359:1381:1431:1437:1534:1542:1711:1730:1747:1777:1792:1801:2393:2525:2560:2564:2682:2685:2693:2859:2902:2933:2937:2939:2942:2945:2947:2951:2954:3022:3138:3139:3140:3141:3142:3353:3653:3866:3867:3868:3870:3871:3872:3874:3934:3936:3938:3941:3944:3947:3950:3953:3956:3959:4321:4605:5007:6119:6261:6653:7514:7576:7903:7904:8599:8985:9025:9121:9545:10004:10913:11026:11658:11854:11914:12043:12048:12296:12297:12517:12519:12555:12679:12740:12783:12895:12986:13161:13229:14181:14721:14849:21067:21080:21324:21433:21451:21627:21788:21939:21990:30054:30062:30064,0,RBL:error,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:fp,MSBL:0,DNSBL:neutral,Custom_ru les:0:0: X-HE-Tag: mint65_419278ff6ca11 X-Filterd-Recvd-Size: 3574 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by imf04.hostedemail.com (Postfix) with ESMTP for ; Fri, 31 Jan 2020 06:17:30 +0000 (UTC) Received: from localhost.localdomain (c-73-231-172-41.hsd1.ca.comcast.net [73.231.172.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 99CF722522; Fri, 31 Jan 2020 06:17:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1580451449; bh=2tjy7iJqvokgxRXbtxvH3b5qB2IJ70GZUFY+BRBZFAw=; h=Date:From:To:Subject:In-Reply-To:From; b=bILwC/SfZeSyeYhpBzcHhFv5/71Q2dWAgTY88CYLY2jDFxpvfutcpG/KvwUnxgdlJ hjIvdr/sQQMWyMsiEFGh2Z9hfBUKPq4ATXRPVRvSm/GZKCeWLdz+jNs7BsyqJMqgGw eywOdPW2eXi186v3CDp5MPQl8hToxDk8EHsfSPVU= Date: Thu, 30 Jan 2020 22:17:29 -0800 From: Andrew Morton To: adobriyan@gmail.com, akpm@linux-foundation.org, dan.carpenter@oracle.com, ebiederm@xmission.com, linux-mm@kvack.org, mm-commits@vger.kernel.org, torvalds@linux-foundation.org, will@kernel.org Subject: [patch 116/118] execve: warn if process starts with executable stack Message-ID: <20200131061729.W90ZrwXqp%akpm@linux-foundation.org> In-Reply-To: <20200130221021.5f0211c56346d5485af07923@linux-foundation.org> User-Agent: s-nail v14.8.16 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Alexey Dobriyan Subject: execve: warn if process starts with executable stack There were few episodes of silent downgrade to an executable stack over years: 1) linking innocent looking assembly file will silently add executable stack if proper linker options is not given as well: $ cat f.S .intel_syntax noprefix .text .globl f f: ret $ cat main.c void f(void); int main(void) { f(); return 0; } $ gcc main.c f.S $ readelf -l ./a.out GNU_STACK 0x0000000000000000 0x0000000000000000 0x0000000000000000 0x0000000000000000 0x0000000000000000 RWE 0x10 ^^^ 2) converting C99 nested function into a closure https://nullprogram.com/blog/2019/11/15/ void intsort2(int *base, size_t nmemb, _Bool invert) { int cmp(const void *a, const void *b) { int r = *(int *)a - *(int *)b; return invert ? -r : r; } qsort(base, nmemb, sizeof(*base), cmp); } will silently require stack trampolines while non-closure version will not. Without doubt this behaviour is documented somewhere, add a warning so that developers and users can at least notice. After so many years of x86_64 having proper executable stack support it should not cause too many problems. Link: http://lkml.kernel.org/r/20191208171918.GC19716@avx2 Signed-off-by: Alexey Dobriyan Cc: Dan Carpenter Cc: Will Deacon Cc: "Eric W. Biederman" Signed-off-by: Andrew Morton --- fs/exec.c | 5 +++++ 1 file changed, 5 insertions(+) --- a/fs/exec.c~execve-warn-if-process-starts-with-executable-stack +++ a/fs/exec.c @@ -761,6 +761,11 @@ int setup_arg_pages(struct linux_binprm goto out_unlock; BUG_ON(prev != vma); + if (unlikely(vm_flags & VM_EXEC)) { + pr_warn_once("process '%pD4' started with executable stack\n", + bprm->file); + } + /* Move stack pages down in memory. */ if (stack_shift) { ret = shift_arg_pages(vma, stack_shift);