Received: by 10.223.185.116 with SMTP id b49csp262928wrg; Thu, 8 Mar 2018 17:06:09 -0800 (PST) X-Google-Smtp-Source: AG47ELu7x3PBwUwtE17NMl70zmUfllhr4YoNd1XoF5LVQIwfP57y/NloIL8oGSOGS0LN1zMQXpOq X-Received: by 2002:a17:902:2e83:: with SMTP id r3-v6mr25963873plb.84.1520557569762; Thu, 08 Mar 2018 17:06:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520557569; cv=none; d=google.com; s=arc-20160816; b=eEZOfd0dSpvay88SeW7t6Z7OJXNgUTtM2wlmdvgzsqge/NJIGZ8+WuvOTUtffAN4Pf XkCttabgBks+C8i3QMF7vmIAjLyTuhFoO65Tjz1Qtv2QOKDzEBZfXLaeJehsqqSRkcwT PNOPgPGDpnRuM18hWPQ4YP65fu9RVKKIefZ6IZVtJi5qH41sbLXWTP9GkC4pR2uhQ685 Ev2wL1Cw13Cr4yz7cKu4sOA1LsCj0xwmvRpoUfwMjqQA2en8USs2ahw740RTsQo93vp0 p6f/IHakAK0tgx2P1BiMbWP7xl040h0xH841Hfaz/K1TA0ikdvAqLDOLJW2QjfgMfQ6m eJEA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=4NMI9DNzSPOs3LDJRX2qbqUeS39tm3HU6fBDCwK5/cw=; b=HbsT4db9PreZ/bmm4TXTDXxFdA/o+h1othZUcZTJd9m8ErWbAjEaz+awXjY+g9d7rV DUuPeBniSt5cbOZ4jWGH0xOb6vGAoYlvf0ssSBCeFIoxDwqWd9nbkX6xRMGqlWSN/7zf Qg5xnWCHYjBg4XjIjeU1ZbLevHDlMJPXQ8QkmtILvBHCTzozA2xtEoSPZqmlGfDA92XO 3KVOPb01oeSOvA6srIHHKIB4Leu8knWgpYd5EELGDv7IAqS61xkQi//AP3PMRYg2m76Q iMJ6fWqG2qipZKlX1Z7SJITX8xN6ZJksnLQPC0XKi6KY0BOkXHmGCAjRnRlTK2uQuZbm RQwA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=QnWgMaVU; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j5si3544207pfi.225.2018.03.08.17.05.54; Thu, 08 Mar 2018 17:06:09 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=QnWgMaVU; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751862AbeCIBFC (ORCPT + 99 others); Thu, 8 Mar 2018 20:05:02 -0500 Received: from mail-io0-f193.google.com ([209.85.223.193]:35143 "EHLO mail-io0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751373AbeCIBFA (ORCPT ); Thu, 8 Mar 2018 20:05:00 -0500 Received: by mail-io0-f193.google.com with SMTP id 30so1798461iog.2 for ; Thu, 08 Mar 2018 17:05:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amacapital-net.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=4NMI9DNzSPOs3LDJRX2qbqUeS39tm3HU6fBDCwK5/cw=; b=QnWgMaVUsxk1Q2gpNuiGhzGVUd4IP+d5WvpSeZJvB8QhDASI6hXkAIn6pJbvtKgdV5 LFP2PjY2GuTPD/mXRjKmOmdRLwWfReUID2HNd4Fjulw5CkWoQ0shEfRrxHVKItxESihQ VwkpdkMPjlCmkcwybaefK1aOWbowKBe5SHUTzqaaLPUw0K86F6oFiIXM4O9ztP2p1k4s YqxtKKKnIUHVdE12qGWWC8xMPOBVjCsVS6ytmHoi+mYJKoJ9PYB3NDKiYUUQD8Uw1HEI v98eLnYdglDbKWFBNb1JeMGOzW9WpSv2wwkCU/PNx1fKnaTUMwbnbRZZYv8hkeWIaydN 91BA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=4NMI9DNzSPOs3LDJRX2qbqUeS39tm3HU6fBDCwK5/cw=; b=O6xJIPnpfTmOrIEeg+6KP3UczaCPB5kGUaLRhGAgZa44Pao+8gwH8aHeVZh8idpS+m m6qwgZJKIcbfywE3bHuYckPIY0gEkyTlD4ev5Y481kvmQ7Ju4Tyxhvw0TX63nO0ybWIj 0z2kY+qVnNqCWrEMEFY0CDGL5vr8TdfOIc/neY5QcvW6oind6W9XQAa3lJj4CTpbPJSD OmQvEIINeDz/LaP4HTMUykrDi6E5V8eqggIZdBoVIHPLqu9eYc7gvkyWyTawKORjTdFP u5+yYzJ8DSL7x/zh/TMz0rCP3rz3C1zATc2wKzbd+7QC+DGOVjSsvbSyBj9yFE43LqF/ dZXQ== X-Gm-Message-State: AElRT7GG64uCZdiTJ0mMV0/SI7eFLt6S2AqMt6ITURYsGF7qoxrBzXoj ymKFf7WC9V4xIUKVCCIVQx5PSfTB9EYcaJ5on/ICmQ== X-Received: by 10.107.40.73 with SMTP id o70mr32773666ioo.6.1520557499764; Thu, 08 Mar 2018 17:04:59 -0800 (PST) MIME-Version: 1.0 Received: by 10.2.137.101 with HTTP; Thu, 8 Mar 2018 17:04:39 -0800 (PST) In-Reply-To: <357c330f-0165-b7a4-7ecc-4cd797e61e15@fb.com> References: <20180306013457.1955486-1-ast@kernel.org> <357c330f-0165-b7a4-7ecc-4cd797e61e15@fb.com> From: Andy Lutomirski Date: Fri, 9 Mar 2018 01:04:39 +0000 Message-ID: Subject: Re: [PATCH net-next] modules: allow modprobe load regular elf binaries To: Alexei Starovoitov Cc: Kees Cook , Alexei Starovoitov , Djalal Harouni , Al Viro , "David S. Miller" , Daniel Borkmann , Linus Torvalds , Greg KH , "Luis R. Rodriguez" , Network Development , LKML , kernel-team@fb.com, Linux API Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Mar 9, 2018 at 12:57 AM, Alexei Starovoitov wrote: > On 3/8/18 4:24 PM, Kees Cook wrote: >> >> As Andy asked earlier, why not DYN too to catch PIE executables? Seems >> like forcing the userspace helper to be non-PIE would defeat some of >> the userspace defenses in use in most distros. > > > because we don't add features without concrete users. I disagree here. If you're going to add a magic trick that triggers an execve(), then I think you should either support *both* standard, widely-used types of ELF programs or you should give a compelling use case that works for ET_EXEC but not for ET_DYN. Keep in mind that many distros have a very strong preference for ET_DYN. Or you could argue that ET_DYN requires tooling changes, but I think it's awkward to ask the tooling to change in advance of the kernel being willing to actually invoke the thing. I'm not actually convinced that any tooling changes would be needed, though.