Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp1160200pxa;
        Thu, 13 Aug 2020 02:01:13 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzhyNARvaDOSqPgmGQb4nQbx5Wt7r2uW/1si1U7XpiDS0SVCwcOBrUk4z23FbgFlXvU7Evg
X-Received: by 2002:a17:906:71d3:: with SMTP id i19mr3727238ejk.459.1597309273619;
        Thu, 13 Aug 2020 02:01:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1597309273; cv=none;
        d=google.com; s=arc-20160816;
        b=npoR4ob3l9PpYwTig66oc8FV8Kw2hhforr1tKO0FmVJ/vsIT0HVUvzIRQt+VNKhwYs
         1bGvFFIMVVuUqkTi9asxt2u5AQa4c3diDxfS0rFdxMB+AiTw6MelThdK3lfWtgi6QiZN
         j+3M1yT12bEaEfrhyCiVas+Srme9hr9gBxaOoxzdPBMKj+nprh2q+HxPkGe4vj/1W2kp
         T83Dz1ptVuK+Lh+Zoy5WR/6/czl0hgC+XpQPyryVWKi1XVyYCJ+/82QNbaPrQqlk0OFI
         WetUmysahz8d0Z9LlWJkffLJoLuKXjIX16gG2onab1B/NhjXsfckznz3KJ1xa/EdR5R0
         4igg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:dkim-signature;
        bh=QAsNuOimnv0NdLOfa9bGCVzjqK1BlyxHbtBQy7LEPYQ=;
        b=Xl3UTHiRLlwaN9tZjKOllhIv/dl5JXMFVy781uxbvPbcq0NrQdHLugtnrrfHFvfJQW
         sOX1p2/NogsMfAUDeuhbHmzDJoZLqXW8K4zhg3TCUGkoBcEqZ67rC+cyrrqV/U+9hm7a
         Sj8F2U0xMsJYAvPSpK9TXdUKbD9vIZhSqVNzPlfx+4ScWArNYogPVZiY6SmHi+oxhhrm
         nRSOqtnvGo1dgHfMYakHXEq5fo8DVRDB2q8TB2HTUaMkROTsWu3PH1KsaqvHeWTGMZEM
         T2EGftuUuBvfCeudCx14nuz4A4dUen4RCDrwAaL1rLt752QrfeLY+Y42NX1aNT9MQRU7
         Ti9w==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=06aQ79qZ;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id r2si2885910edy.17.2020.08.13.02.00.50;
        Thu, 13 Aug 2020 02:01:13 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=06aQ79qZ;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726583AbgHMJAO (ORCPT <rfc822;rajatbajpailinux@gmail.com>
        + 99 others); Thu, 13 Aug 2020 05:00:14 -0400
Received: from mail.kernel.org ([198.145.29.99]:36610 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726249AbgHMJAN (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 13 Aug 2020 05:00:13 -0400
Received: from willie-the-truck (236.31.169.217.in-addr.arpa [217.169.31.236])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id 3E8DE20771;
        Thu, 13 Aug 2020 09:00:10 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1597309212;
        bh=nxJfY0GDp7W2K3CU3jLZpVw53XoSNI4mAsvj9BpugmI=;
        h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
        b=06aQ79qZAgWaNvqgB0OTgqnkPG6MnwOgAcbZ3bzg4T0gaJY+GsoEcBFtrXPsO6gho
         PzT2SHsSVrS3t3Se8GYVNxhiA9y0k8mM3jsX/txeWROkFCQZuO2LTmVxfMRZVWHyFk
         9Bb7tSPDxOVc+duio7n5WE3Lv6Jph+Bo8mlXBu2Y=
Date:   Thu, 13 Aug 2020 10:00:06 +0100
From:   Will Deacon <will@kernel.org>
To:     Szabolcs Nagy <szabolcs.nagy@arm.com>
Cc:     Ard Biesheuvel <ardb@kernel.org>, Jessica Yu <jeyu@kernel.org>,
        Peter Zijlstra <peterz@infradead.org>,
        Mauro Carvalho Chehab <mchehab+huawei@kernel.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Kees Cook <keescook@chromium.org>,
        Josh Poimboeuf <jpoimboe@redhat.com>,
        Miroslav Benes <mbenes@suse.cz>,
        Mark Rutland <mark.rutland@arm.com>, nd <nd@arm.com>
Subject: Re: [PATCH v2] module: Harden STRICT_MODULE_RWX
Message-ID: <20200813090006.GA9829@willie-the-truck>
References: <20200811145524.GE2674@hirez.programming.kicks-ass.net>
 <20200811172738.2d632a09@coco.lan>
 <20200811160134.GA13652@linux-8ccs>
 <CAMj1kXF8fm=9CdQykqDbgYCJSP88ezMs3EOosCW+SDi+Lve0zg@mail.gmail.com>
 <20200812104005.GN2674@hirez.programming.kicks-ass.net>
 <20200812125645.GA8675@willie-the-truck>
 <20200812141557.GQ14398@arm.com>
 <20200812160017.GA30302@linux-8ccs>
 <CAMj1kXFfSLvujJYk4Em6T+UvAUDW3VX0BibsD43z30Q_TSsehg@mail.gmail.com>
 <20200812164205.GS14398@arm.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20200812164205.GS14398@arm.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Aug 12, 2020 at 05:42:05PM +0100, Szabolcs Nagy wrote:
> The 08/12/2020 18:37, Ard Biesheuvel wrote:
> > On Wed, 12 Aug 2020 at 18:00, Jessica Yu <jeyu@kernel.org> wrote:
> > > +++ Szabolcs Nagy [12/08/20 15:15 +0100]:
> > > >for me it bisects to
> > > >
> > > >https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=8c803a2dd7d3d742a3d0071914f557ef465afe71
> > > >
> > > >i will have to investigate further what's going on.
> > >
> > > Thanks for the hint. I'm almost certain it's due to this excerpt from
> > > the changelog: "we now init sh_type and sh_flags for all known ABI sections
> > > in _bfd_elf_new_section_hook."
> > >
> > > Indeed, .plt and .text.* are listed as special sections in bfd/elf.c.
> > > The former requires an exact match and the latter only has to match
> > > the prefix ".text." Since the code considers ".plt" and
> > > ".text.ftrace_trampoline" special sections, their sh_type and sh_flags
> > > are now set by default. Now I guess the question is whether this can
> > > be overriden by a linker script..
> > >
> > 
> > If this is even possible to begin with, doing this in a way that is
> > portable across the various linkers that we claim to support is going
> > to be tricky.
> > 
> > I suppose this is the downside of using partially linked objects as
> > our module format - using ordinary shared libraries (along with the
> > appropriate dynamic relocations which are mostly portable across
> > architectures) would get rid of most of the PLT and trampoline issues,
> > and of a lot of complex static relocation processing code.
> > 
> > I know there is little we can do at this point, apart from ignoring
> > the permissions - perhaps we should just defer the w^x check until
> > after calling module_frob_arch_sections()?
> 
> i opened
> 
> https://sourceware.org/bugzilla/show_bug.cgi?id=26378
> 
> and waiting for binutils maintainers if this is intentional.

Thanks, Szabolcs. It's looking this is intentional behaviour (a bug fix),
so we'll have to suck it up in the module loader.

Will