lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <202412131650.9537DD1B@keescook>
Date: Fri, 13 Dec 2024 16:56:27 -0800
From: Kees Cook <kees@...nel.org>
To: Lorenzo Stoakes <lorenzo.stoakes@...cle.com>
Cc: akpm@...ux-foundation.org, jannh@...gle.com, sroettger@...gle.com,
	adhemerval.zanella@...aro.org, ojeda@...nel.org,
	adobriyan@...il.com, jeffxu@...omium.org,
	linux-kernel@...r.kernel.org, linux-mm@...ck.org,
	jorgelo@...omium.org, linux-hardening@...r.kernel.org
Subject: Re: [PATCH v2 0/1] binfmt_elf: seal address zero

Sorry for the delay in my reply -- I've been trying to catch up on stuff
after 2 weeks off.

On Tue, Dec 03, 2024 at 02:13:45PM +0000, Lorenzo Stoakes wrote:
> On Wed, Aug 14, 2024 at 09:59:47AM -0700, Kees Cook wrote:
> > On Tue, 06 Aug 2024 21:49:26 +0000, jeffxu@...omium.org wrote:
> > > From: Jeff Xu <jeffxu@...omium.org>
> > >
> > > In load_elf_binary as part of the execve(),  when the current
> > > task’s personality has MMAP_PAGE_ZERO set, the kernel allocates
> > > one page at address 0. According to the comment:
> > >
> > > /* Why this, you ask???  Well SVr4 maps page 0 as read-only,
> > >     and some applications "depend" upon this behavior.
> > >     Since we do not have the power to recompile these, we
> > >      emulate the SVr4 behavior. Sigh. */
> > >
> > > [...]
> >
> > I added the cover letter details to the commit log and changed pr_warn()
> > to pr_warn_ratelimited(), but otherwise, looked good.
> >
> > Applied to for-next/execve, thanks!
> >
> > [1/1] binfmt_elf: mseal address zero
> >       https://git.kernel.org/kees/c/44f65d900698
> >
> > Take care,
> >
> > --
> > Kees Cook
> >
> >
> 
> Hi Kees,
> 
> Reproducing diffstat here:
> 
>  fs/binfmt_elf.c    |  5 +++++
>  include/linux/mm.h | 10 ++++++++++
>  mm/mseal.c         |  2 +-
>  3 files changed, 16 insertions(+), 1 deletion(-)
> 
> It seems that in commit 44f65d9006982 ("binfmt_elf: mseal address zero")
> you took a patch that makes changes to mm code without any review/ack from
> any mm maintainer.
> 
> While I realise this was a small change, in future can you make sure to
> ensure you have that?

Oh, yes! I can do that. As you say, it was a very small change and
almost entirely "standard" boilerplate. But sure, I will be poke people
more directly if anything touches mm in the future.

-Kees

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ