lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <aI7zDXb2VpuaHHYi@pirotess>
Date: Sun, 3 Aug 2025 07:28:37 +0200
From: Ismael Luceno <ismael@...ev.co.uk>
To: Kees Cook <kees@...nel.org>
Cc: YinFengwei <fengwei_yin@...ux.alibaba.com>,
	linux-kernel@...r.kernel.org, linux-mm@...ck.org,
	zhourundong.zrd@...ux.alibaba.com
Subject: Re: [PATCH] binfmt_elf: remove the 4k limitation of program header
 size

On 02/Aug/2025 10:29, Kees Cook wrote:
> On Sat, Aug 02, 2025 at 05:47:13AM +0200, Ismael Luceno wrote:
> > On Sat, Jul 19, 2025 at 17:17:09 +0800, YinFengwei wrote:
> > > On Thu, Jul 17, 2025 at 04:31:50PM +0800, Kees Cook wrote:
> > > > On Thu, 17 Jul 2025 19:01:08 +0800, fengwei_yin@...ux.alibaba.com wrote:
> > > > > We have assembly code generated by a script. GCC successfully compiles
> > > > > it. However, the kernel cannot load it on an ARM64 platform with a 4K
> > > > > page size. In contrast, the same ELF file loads correctly on the same
> > > > > platform with a 64K page size.
> > > > > 
> > > > > The root cause is the Linux kernel's ELF_MIN_ALIGN limitation on the
> > > > > program headers of ELF files. The ELF file contains 78 program headers
> > > > > (the script inserts many holes when generating the assembly code). On
> > > > > ARM64 with a 4K page size, the ELF_MIN_ALLIGN enforces a maximum of 74
> > > > > program headers, causing the ELF file to fail. However, with a 64K page
> > > > > size, the ELF_MIN_ALIGN is relaxed to over 1,184 program headers, allowing
> > > > > the file to run correctly.
> > > > > 
> > > > > [...]
> > > > 
> > > > Applied to for-next/execve, thanks!
> > > Cook, thanks a lot.
> > > 
> > > Regards
> > > Yin, Fengwei
> > > 
> > > > 
> > > > [1/1] binfmt_elf: remove the 4k limitation of program header size
> > > >       https://git.kernel.org/kees/c/8030790477e8
> > > > 
> > > > Take care,
> > 
> > Hi,
> > 
> > I noticed this removal and wonder whether it could be a problem on
> > smaller platforms.
> > 
> > IIRC that code has been there since ELF support was added in one
> > form or another; and the idea behind it was to simplify the code
> > by ensuring no cross-page reads could happen, as these could cause
> > undefined behaviours or read abort exceptions.
> 
> I didn't see a place where that would happen -- the reads aren't done on
> a single page. If you see something that I missed, please let me know!

The offset to the phdrs can point anywhere and the entries are
arbitrarily sized, thus it can be unaligned, so we can be potentially
reading at an entry right between two pages.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ