From patchwork Mon Oct 30 17:22:39 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Kees Cook <keescook@chromium.org>
X-Patchwork-Id: 13440782
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 1275AC4167B
	for <linux-mm@archiver.kernel.org>; Mon, 30 Oct 2023 17:22:44 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 9BE216B0259; Mon, 30 Oct 2023 13:22:43 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 96DCC6B025A; Mon, 30 Oct 2023 13:22:43 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 85CC46B025B; Mon, 30 Oct 2023 13:22:43 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com
 [216.40.44.12])
	by kanga.kvack.org (Postfix) with ESMTP id 76A2A6B0259
	for <linux-mm@kvack.org>; Mon, 30 Oct 2023 13:22:43 -0400 (EDT)
Received: from smtpin30.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay04.hostedemail.com (Postfix) with ESMTP id 59B8C1A03AC
	for <linux-mm@kvack.org>; Mon, 30 Oct 2023 17:22:43 +0000 (UTC)
X-FDA: 81402797406.30.832A553
Received: from mail-pg1-f177.google.com (mail-pg1-f177.google.com
 [209.85.215.177])
	by imf07.hostedemail.com (Postfix) with ESMTP id 7866D40007
	for <linux-mm@kvack.org>; Mon, 30 Oct 2023 17:22:41 +0000 (UTC)
Authentication-Results: imf07.hostedemail.com;
	dkim=pass header.d=chromium.org header.s=google header.b=SM08btNZ;
	dmarc=pass (policy=none) header.from=chromium.org;
	spf=pass (imf07.hostedemail.com: domain of keescook@chromium.org designates
 209.85.215.177 as permitted sender) smtp.mailfrom=keescook@chromium.org
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=hostedemail.com;
	s=arc-20220608; t=1698686561;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:in-reply-to:
	 references:dkim-signature; bh=9Qr0s7U6dNvm4eYZh7Mu5zVALixvf2eu+TeTE5e0wtE=;
	b=eoYzGMUwbsq64KQw9FJyfk/9zUZAOZLt/AR4O/lHXioahIGFweUaOAz1NQpKyxRgJKBcUB
	zfYGfK69X7QNozz+frhj/FlUqlig7Kt/PSpykAGStUGtdu/VVV+/0U3wSAVO/wtsTVoxy6
	FhhnmPBxY8LZx9BvnUgwNMSD/fq9pGo=
ARC-Authentication-Results: i=1;
	imf07.hostedemail.com;
	dkim=pass header.d=chromium.org header.s=google header.b=SM08btNZ;
	dmarc=pass (policy=none) header.from=chromium.org;
	spf=pass (imf07.hostedemail.com: domain of keescook@chromium.org designates
 209.85.215.177 as permitted sender) smtp.mailfrom=keescook@chromium.org
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1698686561; a=rsa-sha256;
	cv=none;
	b=7qlPZ9cxP/W8XtC5PRYJgRbQy13/hzM5tel5+HKXdjuu/yukG/a2AytViNqnJvER23XIlg
	0mi7K7NjNY3zWPTaHk3PXv/DKGNZAt8FAyNpV5cg2/hwAmwp+lVpUspXv4kV3Jh8mYICHu
	y1hNSt7mUmfaHHH7dqoQBS4uyFYlJEo=
Received: by mail-pg1-f177.google.com with SMTP id
 41be03b00d2f7-584a761b301so3707612a12.3
        for <linux-mm@kvack.org>; Mon, 30 Oct 2023 10:22:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=chromium.org; s=google; t=1698686560; x=1699291360; darn=kvack.org;
        h=content-disposition:mime-version:message-id:subject:cc:to:from:date
         :from:to:cc:subject:date:message-id:reply-to;
        bh=9Qr0s7U6dNvm4eYZh7Mu5zVALixvf2eu+TeTE5e0wtE=;
        b=SM08btNZh+hc1ER21iZpCc/LD4TNxPVhQfcwI11BRGLRMWXespBK76Zm5jReV/PhOK
         hsrCEPSYHWfYctpsdHpyVVhQUxJXzFN34rH3XeJ0RM5ppBhcPvnI24efFcACb/Zye8H+
         tT70qvM+KSH/ltksqiqx0x9TC44mhd80f+j+c=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1698686560; x=1699291360;
        h=content-disposition:mime-version:message-id:subject:cc:to:from:date
         :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=9Qr0s7U6dNvm4eYZh7Mu5zVALixvf2eu+TeTE5e0wtE=;
        b=rcSNqCI5DNXYffzM9ztpZmP2UBTEAjOLUM0WkcrsOY7ESbhQWW8FQWiGibB9qGtX4V
         yVik/wId2o2s9j7bNc1a0Nwk3KItDIbpYTx4/mwe8hhRfN0aF9gD2ZzekdFVyGbexLuT
         PgDUs118YgorwlrDV37TJDqNWR0FQOn5hGMTKJYCSr51Z92sqO5scAFBWfl23Q+f/Pip
         uT6b8xyDdWbu58zWYmPYf4wflLGPd+N4jK+qnFVHUfvk0fo5/IXsJz0UeW21ZtUfy+ON
         WOCOrLmH+axtoFvoFSo+8E1XcIfm8P5Inw44UVl6BL6BLjJX+chC6gZTX7lHGYfmdUA3
         NZFA==
X-Gm-Message-State: AOJu0Yw5niXOfcSsW3k1WftZpj//8CEoljjkMBn0Jrk9HyTH6IRyITi2
	tFGjaZjyMI35dh60tPPMWn8cOg==
X-Google-Smtp-Source: 
 AGHT+IEQdg7ndIN3pFd8/LN/aBFNKYCrURckGqhkwr54kkCced1dxp+aoW938zbkS1o7G7SUFjW8bA==
X-Received: by 2002:a17:90a:1948:b0:280:2613:c378 with SMTP id
 8-20020a17090a194800b002802613c378mr5384902pjh.40.1698686560313;
        Mon, 30 Oct 2023 10:22:40 -0700 (PDT)
Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net.
 [198.0.35.241])
        by smtp.gmail.com with ESMTPSA id
 z9-20020a17090a608900b0027d0de51454sm7274970pji.19.2023.10.30.10.22.39
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 30 Oct 2023 10:22:39 -0700 (PDT)
Date: Mon, 30 Oct 2023 10:22:39 -0700
From: Kees Cook <keescook@chromium.org>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: linux-kernel@vger.kernel.org, Alejandro Colomar <alx@kernel.org>,
 Alexander Viro <viro@zeniv.linux.org.uk>, Andrei Vagin <avagin@gmail.com>,
 Andrew Morton <akpm@linux-foundation.org>, Arnd Bergmann <arnd@arndb.de>,
 Christian Brauner <brauner@kernel.org>,
 Christian Brauner <christian.brauner@ubuntu.com>,
 Dave Jones <davej@redhat.com>, David Howells <dhowells@redhat.com>,
 Eric Biederman <ebiederm@xmission.com>, Greg Ungerer <gerg@kernel.org>,
 Henning Schild <henning.schild@siemens.com>, Jann Horn <jannh@google.com>,
 Kees Cook <keescook@chromium.org>, Laurent Vivier <laurent@vivier.eu>,
 linux-fsdevel@vger.kernel.org, linux-mm@kvack.org,
 Matthew Wilcox <willy@infradead.org>,
 "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>,
 Pedro Falcato <pedro.falcato@gmail.com>, Rolf Eike Beer <eb@emlix.com>,
 Sargun Dhillon <sargun@sargun.me>, Sebastian Ott <sebott@redhat.com>,
 Serge Hallyn <serge@hallyn.com>, Thomas Gleixner <tglx@linutronix.de>,
 Thomas =?iso-8859-1?q?Wei=DFschuh?= <linux@weissschuh.net>
Subject: [GIT PULL] execve updates for v6.7-rc1
Message-ID: <202310301009.2464A71@keescook>
MIME-Version: 1.0
Content-Disposition: inline
X-Rspamd-Queue-Id: 7866D40007
X-Rspam-User: 
X-Rspamd-Server: rspam04
X-Stat-Signature: 5mdsytcdgdm5sg5j6ziyn65x68xr7m1x
X-HE-Tag: 1698686561-168762
X-HE-Meta: 
 U2FsdGVkX18t41JO3UjVr/598AM9Y4xLYm2hPHOHXjJmSwFbN2vEKHIeoRTqcpIogo1400pqfS+tctP2tScl4c0n3MSpAICrYLpU9XtUoMNCqZUGj/wYpu5y3ntGpJ9aV83crtYxP/acHKGf0U9BwZWj8sz69fnIKm4tZrS2vIRoEW0hUmLSDRLphuXESJnwZaGBlZKESHY/qUv27ef+AX0DUA/uuPusdRr1I66XuqeKB+siF/MhARSrZNVjQDLeMzCtKvda7OcdfSVymWIpis3QlbBUC95683Qk2aBL3095okN9l++2pWsUKGnxTpf0lcEpD3Ng+pTZQNgzaVNa6jBNOqn/SOfOZcGdqbyzkbY0MQ+B8Op3dqYiudrJv1Vf7sFb10gqRKjEfHlO/hbLnv2ec4ZaD3q688W+l2mTlovAYiFF2NZCM00R/jgVWgrZuZnty6VwmhyKKy0sj5qUSMonOxIRm1ZIAbWtoAl3hM5tgNGmWwOc9rpOHNsx+9MCE/TmOQFLjtU1J9XY0lpLH5LeiRMLTlnqAiI4w0WlYwrzkx7Fuz+103PoBP5tXuDB5da3+r0HptEd1/96uW2khIjKR7vZygz2ukr83Fj/PXNitEHtBLB55v7PrhMIJ31yqXz+gv8fg8jy12VurwkOa3SxBm2Oo3/90M0LDG6+MHkmv/qsokW85GJudtJFX0ap5Y02jGX13aObO4WWyUn1dWoR8PX8hzBuqH7tLlJAQdG+J5gwEP/aMFHILbW1DwZSoBCjV8UoGL8nqp4VzKe83rWM92S5Hz4HwW04OIkJskguB5kBEJwYMrt+2oIW1jmL1YDldckcVtITiPzIy31Y0MlIPaF17VKBhptFGKFxU0qwc4GnGh/0kzFRHw6iRT0KUDOnjEWHc5m61WxJEPKPh1ufKQSnmqzsWqB0AYjEV9Rmy8/rj3B6JzbRUHLOgLndYeiRzB54irmWBWRs/y6
 5wq7VigK
 9Rwnd7G6xtBv92NDTJeYDLa64OEGhRb4urK9R8j2z0IGUuhU/BYehbRY6DlqWPzyfo0ppJXLCFjra/DK9/gg4st+tpUIPfXl/zRXacBLO7p1Kg9W2fd33nR9ovxa/WAe7gRjtlWkr6B9JebXqwGj2Rubp0PP7NhKkwxf9TAUTdE0jj5MMmg1FndTwjBxACs6/LcTY7MTHPHpBU8Cy3r85vBt2LsrkzFQHXE4bpJl092lKPGtYzfegD8bR8dIcSu9qt1Td2Xz68mf5Jbt1DQ821h8ZGPgDPP0MzjI4ynmlxHOpDejcQqJZcMA7Qwc+WLDdmopU76FVJyEzVHXJx4dLm1gVJGTO/0WrgdECCIcxXN7v0jGgOHWdszYhpaACuif1dEefxk4HyWNJK3Q/p7t3C59bhxVHusY89CtFhGK3KcmIf/gJrL3iRquIVeFmY+llQzifgCrXCRJtWPlI1S1ssdvyWQO5TM0IXS5bK+KFpp8IFno=
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

Hi Linus,

Please pull these execve updates for v6.7-rc1. This includes 3
changes I want to explicitly call attention to:

1) Eric Biederman and I refactored ELF segment loading to handle the case
where a segment has a smaller filesz than memsz. Traditionally linkers
only did this for .bss and it was always the last segment. As a result,
the kernel only handled this case when it was the last segment. We've
had two recent cases where linkers were trying to use these kinds of
segments for other reasons, and the were in the middle of the segment
list. There was no good reason for the kernel not to support this,
and the refactor actually ends up making things more readable too.

2) Christian Brauner has made it possible to use binfmt_misc with mount
namespaces. This means some traditionally root-only interfaces (for
adding/removing formats) are now more exposed (but believed to be safe).

3) Alejandro Colomar noticed that the ELF UAPI has been polluting the
struct namespace with an unused and overly generic tag named "dynamic"
for no discernible reason for many many years. After double-checking
various distro source repositories, it has been removed.

All three changes have been living in linux-next without any reported
problems.

Thanks!

-Kees

The following changes since commit ce9ecca0238b140b88f43859b211c9fdfd8e5b70:

  Linux 6.6-rc2 (2023-09-17 14:40:24 -0700)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/execve-v6.7-rc1

for you to fetch changes up to 21ca59b365c091d583f36ac753eaa8baf947be6f:

  binfmt_misc: enable sandboxed mounts (2023-10-11 08:46:01 -0700)

----------------------------------------------------------------
execve updates for v6.7-rc1

- Support non-BSS ELF segments with 0 filesz (Eric W. Biederman, Kees Cook)

- Enable namespaced binfmt_misc (Christian Brauner)

- Remove struct tag 'dynamic' from ELF UAPI (Alejandro Colomar)

- Clean up binfmt_elf_fdpic debug output (Greg Ungerer)

----------------------------------------------------------------
Alejandro Colomar (1):
      elf, uapi: Remove struct tag 'dynamic'

Christian Brauner (2):
      binfmt_misc: cleanup on filesystem umount
      binfmt_misc: enable sandboxed mounts

Eric W. Biederman (1):
      binfmt_elf: Support segments with 0 filesz and misaligned starts

Greg Ungerer (1):
      binfmt_elf_fdpic: clean up debug warnings

Kees Cook (5):
      binfmt_elf: elf_bss no longer used by load_elf_binary()
      binfmt_elf: Use elf_load() for interpreter
      binfmt_elf: Use elf_load() for library
      binfmt_elf: Only report padzero() errors when PROT_WRITE
      mm: Remove unused vm_brk()

 fs/binfmt_elf.c                | 215 ++++++++---------------
 fs/binfmt_elf_fdpic.c          |  20 ++-
 fs/binfmt_misc.c               | 386 ++++++++++++++++++++++++++++++++++-------
 include/linux/binfmts.h        |  10 ++
 include/linux/mm.h             |   3 +-
 include/linux/user_namespace.h |   8 +
 include/uapi/linux/elf.h       |   2 +-
 kernel/user.c                  |  13 ++
 kernel/user_namespace.c        |   3 +
 mm/mmap.c                      |   6 -
 mm/nommu.c                     |   5 -
 11 files changed, 443 insertions(+), 228 deletions(-)