Hi,
This is the continuation of the work Eric started for handling
"p_memsz > p_filesz" in arbitrary segments (rather than just the last,
BSS, segment). I've added the suggested changes:
- drop unused "elf_bss" variable
- report padzero() errors when PROT_WRITE is present
- refactor load_elf_interp() to use elf_load()
This passes my quick smoke tests, but I'm still trying to construct some
more complete tests...
-Kees
Eric W. Biederman (1):
binfmt_elf: Support segments with 0 filesz and misaligned starts
Kees Cook (3):
binfmt_elf: elf_bss no longer used by load_elf_binary()
binfmt_elf: Provide prot bits as context for padzero() errors
binfmt_elf: Use elf_load() for interpreter
fs/binfmt_elf.c | 192 ++++++++++++++++++------------------------------
1 file changed, 71 insertions(+), 121 deletions(-)
--
2.34.1
With the BSS handled generically via the new filesz/memsz mismatch
handling logic in elf_load(), elf_bss no longer needs to be tracked.
Drop the variable.
Cc: Eric Biederman <[email protected]>
Cc: Alexander Viro <[email protected]>
Cc: Christian Brauner <[email protected]>
Cc: [email protected]
Cc: [email protected]
Suggested-by: Eric Biederman <[email protected]>
Signed-off-by: Kees Cook <[email protected]>
---
fs/binfmt_elf.c | 6 +-----
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
index 2a615f476e44..0214d5a949fc 100644
--- a/fs/binfmt_elf.c
+++ b/fs/binfmt_elf.c
@@ -854,7 +854,7 @@ static int load_elf_binary(struct linux_binprm *bprm)
unsigned long error;
struct elf_phdr *elf_ppnt, *elf_phdata, *interp_elf_phdata = NULL;
struct elf_phdr *elf_property_phdata = NULL;
- unsigned long elf_bss, elf_brk;
+ unsigned long elf_brk;
int retval, i;
unsigned long elf_entry;
unsigned long e_entry;
@@ -1045,7 +1045,6 @@ static int load_elf_binary(struct linux_binprm *bprm)
if (retval < 0)
goto out_free_dentry;
- elf_bss = 0;
elf_brk = 0;
start_code = ~0UL;
@@ -1208,8 +1207,6 @@ static int load_elf_binary(struct linux_binprm *bprm)
k = elf_ppnt->p_vaddr + elf_ppnt->p_filesz;
- if (k > elf_bss)
- elf_bss = k;
if ((elf_ppnt->p_flags & PF_X) && end_code < k)
end_code = k;
if (end_data < k)
@@ -1221,7 +1218,6 @@ static int load_elf_binary(struct linux_binprm *bprm)
e_entry = elf_ex->e_entry + load_bias;
phdr_addr += load_bias;
- elf_bss += load_bias;
elf_brk += load_bias;
start_code += load_bias;
end_code += load_bias;
--
2.34.1
Kees Cook <[email protected]> writes:
> Hi,
>
> This is the continuation of the work Eric started for handling
> "p_memsz > p_filesz" in arbitrary segments (rather than just the last,
> BSS, segment). I've added the suggested changes:
>
> - drop unused "elf_bss" variable
> - report padzero() errors when PROT_WRITE is present
> - refactor load_elf_interp() to use elf_load()
>
> This passes my quick smoke tests, but I'm still trying to construct some
> more complete tests...
Acked-by: "Eric W. Biederman" <[email protected]>
You might also consider using elf_load in load_elf_library.
The code in load_elf_library only supports files with a single program
header, and I think is only needed for libc5.
The advantage is that load_elf_library would be using well tested code,
vm_brk would have no callers, and padzero would only be called by
elf_load, and load_elf_library would do little more than just call
load_elf_library.
Eric
>
> -Kees
>
> Eric W. Biederman (1):
> binfmt_elf: Support segments with 0 filesz and misaligned starts
>
> Kees Cook (3):
> binfmt_elf: elf_bss no longer used by load_elf_binary()
> binfmt_elf: Provide prot bits as context for padzero() errors
> binfmt_elf: Use elf_load() for interpreter
>
> fs/binfmt_elf.c | 192 ++++++++++++++++++------------------------------
> 1 file changed, 71 insertions(+), 121 deletions(-)
On Tue, 26 Sep 2023, Kees Cook wrote:
> This is the continuation of the work Eric started for handling
> "p_memsz > p_filesz" in arbitrary segments (rather than just the last,
> BSS, segment). I've added the suggested changes:
>
> - drop unused "elf_bss" variable
> - report padzero() errors when PROT_WRITE is present
> - refactor load_elf_interp() to use elf_load()
>
> This passes my quick smoke tests, but I'm still trying to construct some
> more complete tests...
I've repeated all my tests with this one - no issues found.
Thanks,
Sebastian