Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp4593591ybz; Tue, 28 Apr 2020 14:23:43 -0700 (PDT) X-Google-Smtp-Source: APiQypKDyj3ThKP1CDKFlETK7uRYLbUwbaYfNFSOEfphWTe8A3at57ElxWOuKxED2dIsVj27QWau X-Received: by 2002:a17:906:7e19:: with SMTP id e25mr27554081ejr.358.1588109022975; Tue, 28 Apr 2020 14:23:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1588109022; cv=none; d=google.com; s=arc-20160816; b=JoYrGuTaRJDmOLkTrNFfqjzyRlERHjBhBb6UWMOCIHhZoeK1lyvwKfocJVRyr4g+I/ 7agQnGnWNdsHJUOGuvGmvIgVtlvhIecwFYCEwEUaWhPoVoJzgOhqXXdXwyzwwA+4/Afq jdtM+RO1eXf1NPJtreDIRYOkC41u2o0mhjuSlAg+DIGw3O257RCnZPDqOHAUomEdqF4S NiGFYSGFki2Flg8DPG66wyJomTZ5V8esBSTpBvZL3RVJpCBMc+jFaJ3pNXLwOMVOM+Ek 4LSw9kIj666uCRQIKU1mDbKUUSaidF26lDTCHhJnX/zWlISYgsrgYvgIjLBOcsGn4tcr NnXw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:message-id:in-reply-to:date :references:subject:cc:to:from; bh=Tz1pur+wxnctm3p4KgVCDl9/zzuKE/pCpe8pYTB6+48=; b=VRbfynxzj3c6KH7Ow4qhUai1Knh5yM/HLRUOok1SCIwxjU3RURLsvy+M7eXVIf0o6O LWMwCsZA1clou+EbsfO3gegtjxv2nDtIHdforbO8kdgduCnuVHaaDnBEH301U1x98oCi h98In1GO+VED9RWbQJc0NizzYj+DMcowVtbkbckw/D9fMC+WmZNrz7U62n4R4IJMsZHq EBRxwstxVhfKvNqWu7o0GGuQ7hgJocbGX9B+jB+tiXCmSIu2AHYTXeAr9P7FD+BdvViH zhIW0VLpznrGGSL9BixAq+i4yniTR+UXe7Nz50A4Tx0ZeStCZl6omyxGXB5V/3zoXUsU +RQg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id d6si2267725edy.66.2020.04.28.14.23.19; Tue, 28 Apr 2020 14:23:42 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726523AbgD1VVo (ORCPT + 99 others); Tue, 28 Apr 2020 17:21:44 -0400 Received: from albireo.enyo.de ([37.24.231.21]:52356 "EHLO albireo.enyo.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726274AbgD1VVo (ORCPT ); Tue, 28 Apr 2020 17:21:44 -0400 Received: from [172.17.203.2] (helo=deneb.enyo.de) by albireo.enyo.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) id 1jTXfa-0000qq-1U; Tue, 28 Apr 2020 21:21:34 +0000 Received: from fw by deneb.enyo.de with local (Exim 4.92) (envelope-from ) id 1jTXeO-000142-Bl; Tue, 28 Apr 2020 23:20:20 +0200 From: Florian Weimer To: Jann Horn Cc: =?iso-8859-1?Q?Micka=EBl_Sala=FCn?= , kernel list , Aleksa Sarai , Alexei Starovoitov , Al Viro , Andy Lutomirski , Christian Heimes , Daniel Borkmann , Deven Bowers , Eric Chiang , James Morris , Jan Kara , Jonathan Corbet , Kees Cook , Matthew Garrett , Matthew Wilcox , Michael Kerrisk , =?iso-8859-1?Q?Micka=EBl_Sala?= =?iso-8859-1?Q?=FCn?= , Mimi Zohar , Philippe =?iso-8859-1?Q?Tr=E9buchet?= , Scott Shell , Sean Christopherson , Shuah Khan , Steve Dower , Steve Grubb , Thibaut Sautereau , Vincent Strubel , Kernel Hardening , Linux API , linux-security-module , linux-fsdevel Subject: Re: [PATCH v3 0/5] Add support for RESOLVE_MAYEXEC References: <20200428175129.634352-1-mic@digikod.net> Date: Tue, 28 Apr 2020 23:20:20 +0200 In-Reply-To: (Jann Horn's message of "Tue, 28 Apr 2020 21:21:48 +0200") Message-ID: <87blnb48a3.fsf@mid.deneb.enyo.de> MIME-Version: 1.0 Content-Type: text/plain Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org * Jann Horn: > Just as a comment: You'd probably also have to use RESOLVE_MAYEXEC in > the dynamic linker. Absolutely. In typical configurations, the kernel does not enforce that executable mappings must be backed by files which are executable. It's most obvious with using an explicit loader invocation to run executables on noexec mounts. RESOLVE_MAYEXEC is much more useful than trying to reimplement the kernel permission checks (or what some believe they should be) in userspace.