lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 11 Nov 2022 10:43:17 -0800
From:   Kees Cook <keescook@...omium.org>
To:     Pedro Falcato <pedro.falcato@...il.com>
Cc:     linux-kernel@...r.kernel.org, linux-mm@...ck.org, dalias@...c.org,
        ebiederm@...ssion.com, sam@...too.org, viro@...iv.linux.org.uk
Subject: Re: [PATCH v3] fs/binfmt_elf: Fix memsz > filesz handling

On Fri, Nov 11, 2022 at 05:14:47PM +0000, Pedro Falcato wrote:
> On Fri, Nov 11, 2022 at 6:15 AM Kees Cook <keescook@...omium.org> wrote:
> >
> > On Fri, Nov 11, 2022 at 03:59:08AM +0000, Pedro Falcato wrote:
> > > We could of course also just sort the program headers at load time,
> > > but I assume that's unwanted overhead for most well behaved ELF
> > > program headers :)
> >
> > Large refactoring of the ELF loader needs proper unit testing, and we're
> > still a bit away from that existing. In the meantime, we'll need to make
> > very very small changes to fix bugs. I've sent a minimal change which I
> > think should fix the problem (now at v2 since right after sending it I
> > realized I was trading one accidentally correct state for another in the
> > v1):
> > https://lore.kernel.org/linux-hardening/20221111061315.gonna.703-kees@kernel.org/
> Got it. I understand you may be a bit nervous deploying this patch ATM.
> 
> What are we missing for ELF loader kunit testing? How can one help?
> 
> Note that my -v1 is still relatively safe and was already tested, you
> could just apply that.

Even the v1 is a LOT of refactoring. I'd like to avoid any factoring
like this as much as possible given how fragile the code has proven to
be.

As for unit testing, we need two prerequisites:

- mocking:
  https://lore.kernel.org/lkml/20220910212804.670622-1-davidgow@google.com/
- userspace VMA support:
  https://lore.kernel.org/lkml/202211061948.46D3F78@keescook/

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ