Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp3138495ybb;
        Mon, 6 Apr 2020 02:56:16 -0700 (PDT)
X-Google-Smtp-Source: APiQypLrL0829JTi97o3kzyBAyA89FJmS2HAWwu/u0AspUlOLjks92a5fI7gkOSoFEMIXufy7kL/
X-Received: by 2002:aca:bd0b:: with SMTP id n11mr11555282oif.90.1586166976022;
        Mon, 06 Apr 2020 02:56:16 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1586166976; cv=none;
        d=google.com; s=arc-20160816;
        b=nJWyYYrFFN7bogKkO8v1WIBm4p5w9seqGGFjqjzJ67YxPp6LpuGU3pH57eIErEn/lH
         e3BS79MP/AuUYszgF3E4+Jg8Q9ft1cMfshlAvG6jtfM8/q9FzBUSbiRxoQWUXTNBat6z
         BjPda9IeOPryFwKwr7jsmXgR+IRHyz1WuHM+ETTkwRTsQjYJ23EyLqiFbXrYHpHwecP4
         m6c2DhCb9cNNy3y3UW5P49emOuusbzJM1M5wZK5bPsfD3xYCtvzXK+iPGu6IxLPYmdDr
         Zl0TOE660GwEQIexgGrx7iflxv4oSxjTx/AKBAoTEwKfqNjF0Qs0xGqkJPARLBihuJ0v
         il+w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:user-agent:references
         :message-id:in-reply-to:subject:cc:to:from:date;
        bh=cFGCEw30skBw58taXrcghRkYtlXppBJ2+/0PXkMfTqA=;
        b=wDPWYggy+1VLieYmN2Bm2sgi1x2pgbj07yjk3TKjtRwwW7hmZG84zaDZ0D476yQ9CZ
         /9znycaITDJFvhvg4D+JTj0MkOFu8sG22854mdgHPYsmYgwprZit2dL10o5teXwIxVoD
         AhKN69I8urrdiLFMBGulDjeOFveynI8SWefDkbYol0n5k9Hjirb8tQlRTtzJvFWswY4o
         uwmoJfBFjAdnbtzT5rHxplS7FtOf7UK67SROIFVTcx4JzDgC3/RDme4tePS9CCqXeCDH
         sHZHjHyCAfVNnfcyiGEx2Sz+/x4H6HWB5nKlQeZaFQwPegBrBJisVQyeQWDCaVDnhG9B
         jkvw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id s5si7014773ood.66.2020.04.06.02.56.04;
        Mon, 06 Apr 2020 02:56:16 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726825AbgDFJzl (ORCPT <rfc822;sunnyliangjy@gmail.com>
        + 99 others); Mon, 6 Apr 2020 05:55:41 -0400
Received: from mx2.suse.de ([195.135.220.15]:33864 "EHLO mx2.suse.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726787AbgDFJzl (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 6 Apr 2020 05:55:41 -0400
X-Virus-Scanned: by amavisd-new at test-mx.suse.de
Received: from relay2.suse.de (unknown [195.135.220.254])
        by mx2.suse.de (Postfix) with ESMTP id 70C75AE17;
        Mon,  6 Apr 2020 09:55:39 +0000 (UTC)
Date:   Mon, 6 Apr 2020 11:55:39 +0200 (CEST)
From:   Miroslav Benes <mbenes@suse.cz>
To:     Josh Poimboeuf <jpoimboe@redhat.com>
cc:     Peter Zijlstra <peterz@infradead.org>, jeyu@kernel.org,
        linux-kernel@vger.kernel.org, Thomas Gleixner <tglx@linutronix.de>,
        keescook@chromium.org
Subject: Re: [PATCH] module: Harden STRICT_MODULE_RWX
In-Reply-To: <20200403165631.hrxxm3pnzqa4vxln@treble>
Message-ID: <alpine.LSU.2.21.2004061146590.26870@pobox.suse.cz>
References: <20200403163716.GV20730@hirez.programming.kicks-ass.net> <20200403165631.hrxxm3pnzqa4vxln@treble>
User-Agent: Alpine 2.21 (LSU 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, 3 Apr 2020, Josh Poimboeuf wrote:

> On Fri, Apr 03, 2020 at 06:37:16PM +0200, Peter Zijlstra wrote:
> > +{
> > +	int i;
> > +
> > +	for (i = 0; i < hdr->e_shnum; i++) {
> > +		if (sechdrs[i].sh_flags & (SHF_EXECINSTR|SHF_WRITE))
> > +			return -ENOEXEC;
> 
> I think you only want the error when both are set?
> 
> 		if (sechdrs[i].sh_flags & (SHF_EXECINSTR|SHF_WRITE) == (SHF_EXECINSTR|SHF_WRITE))

A section with SHF_EXECINSTR and SHF_WRITE but without SHF_ALLOC would be 
strange though, no? It wouldn't be copied to the final module later 
anyway.

Looking at layout_sections()... a section with 
SHF_EXECINSTR|SHF_WRITE|SHF_ALLOC would not be counted at all. However, 
move_module() later copies everything with SHF_ALLOC flag to the final 
module. If there is WXA section, there would be a bug because the 
allocation there would not get the correct size. In that case it is 
important to error out early as you're proposing.

Am I missing something?

Miroslav