Received: by 10.223.185.111 with SMTP id b44csp681579wrg; Fri, 9 Mar 2018 11:39:27 -0800 (PST) X-Google-Smtp-Source: AG47ELuX0H3AJhUOWkFqlfNx4lJR/K+uLfyjyCA75aZtjmb5ilR9Z+8Ret5rL7Bk43sos6IPIr1M X-Received: by 10.98.14.200 with SMTP id 69mr30871063pfo.168.1520624367819; Fri, 09 Mar 2018 11:39:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520624367; cv=none; d=google.com; s=arc-20160816; b=W+TLEDjdRw8dgh8BagSVArO4EYlw37qIFalKombSM5dxQ4NZxn4kgKtItdVzI8g6+M WgwyHKYUMOL+y7T/0rXQ77AgGPkcqyWYziOdPfJjISpAAO1ZpsTyNoL07lX+jTsXe8ph HViFrOU2zlIrXYh3iZq3hqciBkTGyrH7/OEjFW/KB45oRF/8m1XXGW1fSkMe5DG1t06T B96bgkzDZjbs6hcTI/cuh3hGr9prS4RKEsWzVfnodBnZXbstoWBgE9BfArU5Bj7Gczwr 4UfUKvIRshawctEDaEx0y0v0brSs6avn1DtXHI1FHvElTVc62eq658DpPAcoSsm6Rv7N PtfQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dmarc-filter :arc-authentication-results; bh=3eLVK8UH2sHffm80f7N5iSTTWQstQAs/Z2b9laPB/Y0=; b=cj2yX40Qs7+VpItmSqbwR+myZtKXfIOyM709pOvL9QJWmVv8ke10vzVBkNu45qWs82 YlbRoCgvAII5cVzTmPPu1GBN1/P4KhRfh7KO6jfo1C8SHyZJ/pFpmfWmKkDnm/jMI762 pUxsfXBENzmon9vPQ7XrpBZRkgOTDQPaqDfzS5xBkzcSDC38vpjht5eVQqpauiAqP6Sv p6LZKFJyEwn1uROTNokAcI+k88No8FRftIdPJfrJs2nT0Eo6jIHUwPTdkk54BFZHxpwZ g8NLaJufp4NaKR/UfMtKGtKbS+rl53oVYsy4Tl/aljKzi/k2yW9QeRGTt+rkkXOX5Yd5 eHyA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 196si1362161pfv.144.2018.03.09.11.39.13; Fri, 09 Mar 2018 11:39:27 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932589AbeCITiV (ORCPT + 99 others); Fri, 9 Mar 2018 14:38:21 -0500 Received: from mail.kernel.org ([198.145.29.99]:44202 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932288AbeCITiT (ORCPT ); Fri, 9 Mar 2018 14:38:19 -0500 Received: from mail-io0-f182.google.com (mail-io0-f182.google.com [209.85.223.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id AEA5E21796 for ; Fri, 9 Mar 2018 19:38:18 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org AEA5E21796 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=luto@kernel.org Received: by mail-io0-f182.google.com with SMTP id d71so4734487iog.4 for ; Fri, 09 Mar 2018 11:38:18 -0800 (PST) X-Gm-Message-State: AElRT7Gh/6y722k4+WYBe2RX4V6u4KBKdGSPZl4DKQZRLIXbuqdbjxVv Kx1VMI17Sjs5Lg2LZZ8iw76MrEuVtjGtBFhcCGbWvA== X-Received: by 10.107.20.131 with SMTP id 125mr37825795iou.239.1520624297999; Fri, 09 Mar 2018 11:38:17 -0800 (PST) MIME-Version: 1.0 Received: by 10.2.137.101 with HTTP; Fri, 9 Mar 2018 11:37:57 -0800 (PST) In-Reply-To: <20180309.135550.385837861865623769.davem@davemloft.net> References: <20180309181527.GA15803@kroah.com> <74e26cc0-9e72-f03b-5396-f3480921f234@fb.com> <20180309.135550.385837861865623769.davem@davemloft.net> From: Andy Lutomirski Date: Fri, 9 Mar 2018 19:37:57 +0000 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH net-next] modules: allow modprobe load regular elf binaries To: David Miller Cc: Alexei Starovoitov , Greg KH , Andrew Lutomirski , Linus Torvalds , Kees Cook , Alexei Starovoitov , Djalal Harouni , Al Viro , Daniel Borkmann , "Luis R. Rodriguez" , Network Development , LKML , kernel-team , Linux API Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Mar 9, 2018 at 6:55 PM, David Miller wrote: > From: Alexei Starovoitov > Date: Fri, 9 Mar 2018 10:50:49 -0800 > >> On 3/9/18 10:23 AM, Andy Lutomirski wrote: >>> It might not be totally crazy to back it by tmpfs. >> >> interesting. how do you propose to do it? >> Something like: >> - create /umh_module_tempxxx dir >> - mount tmpfs there >> - copy elf into it and exec it? > > I think the idea is that it's an internal tmpfs mount that only > the kernel has access too. That's what I was imagining. There's precedent. For example, there's a very short piece of code that does it in drivers/gpu/drm/i915/i915_gemfs.c. > > And I don't think that even hurts your debuggability concerns. The > user can just attach using the foo.ko file in the actual filesystem. > Not if the .ko is actually a shim that actually just contains a blob and a few lines of code to kick off the umh. But one could still debug it using kernel debug symbols (like vDSO debugging works right now, at least if your distro is in a good mood) or by reading the contents from /proc/PID/exe.