Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp3693714pxj; Tue, 15 Jun 2021 06:43:57 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwHOz66Z1y4yXA3zfkqmw+FCf+MiFu4bWA6v48FdP6meK34faMn5uBX4HSI0Zio7r4YbMWN X-Received: by 2002:a17:906:d1d5:: with SMTP id bs21mr21229545ejb.378.1623764637075; Tue, 15 Jun 2021 06:43:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1623764637; cv=none; d=google.com; s=arc-20160816; b=EQUCxtSq7e9oEgQRpep6GpeBTFd37wssGK1gNoRYUbuamf8Wp8Y9PC8Sk95KCezR7W nknaDtzF7jkhTkB7ScE9IDIjsALhrG89VHFWdkCK29QzpzRFc1SiId+JBEcsqtuJmsxJ dRg21fskqtOomWY8o/AQJzNK3/X74i5gwxJ9drOjf2mKGi9D2KvuhdYIvDR0LYem+jK/ UPBX/rEiSKESJjl8wFZyi1jqE1yFGwW9dJOeWHgb5pGy6cM7BumClbT7vMI3PTp1m8Ru 35iQRnIHub35wJtTdpVuoEajEPsYga46oAKveGnls+hTlBvSN79H2HH14XKUnTDUgIGC OyuA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=wo66MI+YzJIbnKEWVAG5Fyby21WWSBI+3p6cs7SAWu0=; b=Cf4A7i7QV/V4nPRmlrQWL2w59YQnM9l/T8QqCBN9kqC3VKHSakYI56g+0Moqx8n3Q9 rU/4AKNwIhNWeJKnYwEEgp+XTn5sl+QRU0v9PW7qSmbvlcVi7kvSVtHBNXt9UbKvwubS PGOO9GS8Y20VQKwCjG19u5WXX8xjpAdOualBALe4u2uw2MTSh7ATnvDGfQJGNyEdbPAf phUEUiV+4+3neJ9U2smlpg9ZwkLm8vm+bJZ5022VS7H/nnMyvRaO/WrAfnjRgKxiOAx7 Mch/ve+oTzhPDPfvFimmdxbs3Y2/kwTSgX28MB/klMtDhBRsVLN0HLNWZkYLr3ol9QIQ rdvw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=RYzFtT3K; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id dg12si15143755edb.166.2021.06.15.06.43.34; Tue, 15 Jun 2021 06:43:57 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=RYzFtT3K; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231933AbhFONne (ORCPT + 99 others); Tue, 15 Jun 2021 09:43:34 -0400 Received: from mail.kernel.org ([198.145.29.99]:46510 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231664AbhFONnK (ORCPT ); Tue, 15 Jun 2021 09:43:10 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id CE7FF61433; Tue, 15 Jun 2021 13:41:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1623764466; bh=AmuY6XD93X0kTalsW/ktIsUgGaB7gMa/K3RM1ePXtkc=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=RYzFtT3KnyoPmfW+TmI2uQX9IiuXWK9CcJPOirhiZW9JVyPUSaXlaalpKYKzqYn3/ Tder3II8QhY1R/j7mXF4Ro0AWES0Ln1RrAZwezoweQSq+HESxVvomJSNh7Pv/sn0Vu 9DUG46+AUVXI9EFLqva38G6U3m8N6+K25nEeXMYjeshRSqR7agi4iND/sGpiAx87dV MI4EAH5cjgkbqqNLXRI+D5/XJcL+mIRuA44aHFX//kejY7qtIZg2OIY7vY8q4H3Uog leHERmJ+AEFfxST4ubCCFcfuelZDgvddIxImjSpzYZoMkfXZjZ4h7QyaTMbwChM2AH NQcUB4O1Ig0lg== Date: Tue, 15 Jun 2021 15:41:00 +0200 From: Jessica Yu To: Segher Boessenkool Cc: Nicholas Piggin , Michal =?iso-8859-1?Q?Such=E1nek?= , linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v4 1/2] module: add elf_check_module_arch for module specific elf arch checks Message-ID: References: <20210611093959.821525-1-npiggin@gmail.com> <20210611093959.821525-2-npiggin@gmail.com> <1623722110.amu32mwaqs.astroid@bobo.none> <20210615125057.GF5077@gate.crashing.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <20210615125057.GF5077@gate.crashing.org> X-OS: Linux p200300cbcf109700df096d564fe976c3.dip0.t-ipconnect.de 5.12.9-1-default x86_64 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org +++ Segher Boessenkool [15/06/21 07:50 -0500]: >On Tue, Jun 15, 2021 at 02:17:40PM +0200, Jessica Yu wrote: >> +int __weak elf_check_module_arch(Elf_Ehdr *hdr) >> +{ >> + return 1; >> +} > >But is this a good idea? It isn't useful to be able to attempt to load >a module not compiled for your architecture, and it increases the attack >surface tremendously. These checks are one of the few things that can >*not* be weak symbols, imo. Hm, could you please elaborate a bit more? This patchset is adding extra Elf header checks specifically for powerpc, and the module loader usually provides arch-specific hooks via weak symbols. We are just providing an new hook here, which should act as a no-op if it isn't used. So if an architecture wants to provide extra header checks, it can do so by overriding the new weak symbol. Otherwise, the weak function acts as a noop. We also already have the existing elf_check_arch() check for each arch and that is *not* a weak symbol.