[GIT PULL] Remove in-tree usage of MAP_DENYWRITE

[GIT PULL] Remove in-tree usage of MAP_DENYWRITE

[David Hildenbrand]

Hi Linus,

as discussed ...

The following changes since commit 7d2a07b769330c34b4deabeed939325c77a7ec2f:

  Linux 5.14 (2021-08-29 15:04:50 -0700)

are available in the Git repository at:

  https://github.com/davidhildenbrand/linux.git tags/denywrite-for-5.15

for you to fetch changes up to 592ca09be8333bd226f50100328a905bfc377133:

  fs: update documentation of get_write_access() and friends (2021-09-03 18:42:02 +0200)

----------------------------------------------------------------
Remove in-tree usage of MAP_DENYWRITE

Remove all in-tree usage of MAP_DENYWRITE from the kernel and remove
VM_DENYWRITE.

There are some (minor) user-visible changes:
1. We no longer deny write access to shared libaries loaded via legacy
   uselib(); this behavior matches modern user space e.g., via dlopen().
2. We no longer deny write access to the elf interpreter after exec
   completed, treating it just like shared libraries (which it often is).
3. We always deny write access to the file linked via /proc/pid/exe:
   sys_prctl(PR_SET_MM_MAP/EXE_FILE) will fail if write access to the file
   cannot be denied, and write access to the file will remain denied
   until the link is effectivel gone (exec, termination,
   sys_prctl(PR_SET_MM_MAP/EXE_FILE)) -- just as if exec'ing the file.

Cross-compiled for a bunch of architectures (alpha, microblaze, i386,
s390x, ...) and verified via ltp that especially the relevant tests
(i.e., creat07 and execve04) continue working as expected.

Signed-off-by: David Hildenbrand <david@redhat.com>

----------------------------------------------------------------
David Hildenbrand (7):
      binfmt: don't use MAP_DENYWRITE when loading shared libraries via uselib()
      kernel/fork: factor out replacing the current MM exe_file
      kernel/fork: always deny write access to current MM exe_file
      binfmt: remove in-tree usage of MAP_DENYWRITE
      mm: remove VM_DENYWRITE
      mm: ignore MAP_DENYWRITE in ksys_mmap_pgoff()
      fs: update documentation of get_write_access() and friends

 arch/x86/ia32/ia32_aout.c      |  8 ++--
 fs/binfmt_aout.c               |  7 ++--
 fs/binfmt_elf.c                |  6 +--
 fs/binfmt_elf_fdpic.c          |  2 +-
 fs/exec.c                      |  4 +-
 fs/proc/task_mmu.c             |  1 -
 include/linux/fs.h             | 19 +++++----
 include/linux/mm.h             |  4 +-
 include/linux/mman.h           |  4 +-
 include/trace/events/mmflags.h |  1 -
 kernel/events/core.c           |  2 -
 kernel/fork.c                  | 95 +++++++++++++++++++++++++++++++++++++-----
 kernel/sys.c                   | 33 +--------------
 lib/test_printf.c              |  5 +--
 mm/mmap.c                      | 29 ++-----------
 mm/nommu.c                     |  2 -
 16 files changed, 119 insertions(+), 103 deletions(-)

Re: [GIT PULL] Remove in-tree usage of MAP_DENYWRITE

[pr-tracker-bot]

The pull request you sent on Sat,  4 Sep 2021 17:46:17 +0200:

> https://github.com/davidhildenbrand/linux.git tags/denywrite-for-5.15

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/49624efa65ac9889f4e7c7b2452b2e6ce42ba37d

Thank you!

-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html