Received: by 2002:a05:6a10:d5a5:0:0:0:0 with SMTP id gn37csp3964330pxb; Mon, 4 Oct 2021 13:51:50 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxrDMEEwtpLslIEyeaNZnLuD99HTaXT6yzqW4Jxt6SATPm1kAbJKGRNyTlBEpWB4Xm+sNA4 X-Received: by 2002:aa7:cd64:: with SMTP id ca4mr20657935edb.106.1633380710302; Mon, 04 Oct 2021 13:51:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1633380710; cv=none; d=google.com; s=arc-20160816; b=TPMgVgyD9a2jYHcyEUtR7ydzmTky78ALmGbUGvSapCgriyZAbpeMuyCJcH5j75Bqns h44AFznUs0CX6tZfANIjZseaG19LxCQiY6AQ7Cc1pmf2a9hzzuAefzg2NRxyXiyJRNx/ 5F19i/Qhzi8z1LhUjV9BhZ3dwqjvSratOcCWTxWUbut/D+C6htkINDVxAVyAiFhKhpVD J0CZYAH4pvIfePrPgThhKt4CBEdgCeaqx+ACjENULNPCbGttm3tDvPtDQg0x8DW0dU5f IJwY30z1RqvpsoYSkarfNGiUgFlN5l7sGuk/VlHjWkqG8wj55y32KSaoT4nn+jbLPujG PD9g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=YnSPRzXd0lOPIwHEjIhaAX19I2MSNUUDWFsSd7MklEQ=; b=ulsprhqFI3a/J8a0MxwQ9/enPt/IHPoopiOULwzBGmX8h1U+Umnb96OANRJZS6MCiu ZI64qukbFgfyk7gApLI8TXQPNwhcdjIoaovpHZ9J55IvIV1uImkxVtGIHtQxUvVB92uU b6cG1N2aO8iVutiManU9g74oFAugoQddwcfzmkd+Y9OcCJki3qkD/qhKBAYJ+/nF7+1P UKZnNRmyfyNODMpi4IREjj9311em0rjCUXAjFDC8jCG071KsEWJn4e9FXh4K9GahvQz/ cKvrD8Me4JZNeP9kI7PY2MDsjeXpQjIyECT7kKG2+FjLdmHwmLAkOwSqs5AcLACd673r MLoQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=EUajMBw9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id c7si21259578ejc.571.2021.10.04.13.51.26; Mon, 04 Oct 2021 13:51:50 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=EUajMBw9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238074AbhJDNlF (ORCPT + 99 others); Mon, 4 Oct 2021 09:41:05 -0400 Received: from mail.kernel.org ([198.145.29.99]:48738 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238601AbhJDNit (ORCPT ); Mon, 4 Oct 2021 09:38:49 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id D82EB61A0A; Mon, 4 Oct 2021 13:17:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1633353479; bh=uoMf1+hsN95PKka+eoDM0rxqI08IIvpmXf9abmwz9Ek=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=EUajMBw9PQz9rMWx1e3IuU5ZnDqlsRqjPb8O6tf35ITAzh9F1EWvNfjL4uo1GZqrL va1Uy6LQnX/8Tb99oPa74TVCnq7kvEB35S4VR1DsfspqTpXv2NPsGhpxRuO52Qe3yL hPaFO+u44G1NIxsKGSauOLULbw1+YHPW1RYmaKyA= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Andrew Morton , Michal Hocko , Chen Jingwen , Linus Torvalds Subject: [PATCH 5.14 145/172] elf: dont use MAP_FIXED_NOREPLACE for elf interpreter mappings Date: Mon, 4 Oct 2021 14:53:15 +0200 Message-Id: <20211004125049.646298071@linuxfoundation.org> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20211004125044.945314266@linuxfoundation.org> References: <20211004125044.945314266@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Chen Jingwen commit 9b2f72cc0aa4bb444541bb87581c35b7508b37d3 upstream. In commit b212921b13bd ("elf: don't use MAP_FIXED_NOREPLACE for elf executable mappings") we still leave MAP_FIXED_NOREPLACE in place for load_elf_interp. Unfortunately, this will cause kernel to fail to start with: 1 (init): Uhuuh, elf segment at 00003ffff7ffd000 requested but the memory is mapped already Failed to execute /init (error -17) The reason is that the elf interpreter (ld.so) has overlapping segments. readelf -l ld-2.31.so Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flags Align LOAD 0x0000000000000000 0x0000000000000000 0x0000000000000000 0x000000000002c94c 0x000000000002c94c R E 0x10000 LOAD 0x000000000002dae0 0x000000000003dae0 0x000000000003dae0 0x00000000000021e8 0x0000000000002320 RW 0x10000 LOAD 0x000000000002fe00 0x000000000003fe00 0x000000000003fe00 0x00000000000011ac 0x0000000000001328 RW 0x10000 The reason for this problem is the same as described in commit ad55eac74f20 ("elf: enforce MAP_FIXED on overlaying elf segments"). Not only executable binaries, elf interpreters (e.g. ld.so) can have overlapping elf segments, so we better drop MAP_FIXED_NOREPLACE and go back to MAP_FIXED in load_elf_interp. Fixes: 4ed28639519c ("fs, elf: drop MAP_FIXED usage from elf_map") Cc: # v4.19 Cc: Andrew Morton Cc: Michal Hocko Signed-off-by: Chen Jingwen Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman --- fs/binfmt_elf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c @@ -630,7 +630,7 @@ static unsigned long load_elf_interp(str vaddr = eppnt->p_vaddr; if (interp_elf_ex->e_type == ET_EXEC || load_addr_set) - elf_type |= MAP_FIXED_NOREPLACE; + elf_type |= MAP_FIXED; else if (no_base && interp_elf_ex->e_type == ET_DYN) load_addr = -vaddr;