From: Kees Cook <keescook@chromium.org> To: Borislav Petkov <bp@alien8.de> Cc: Kees Cook <keescook@chromium.org>, Hector Marco-Gisbert <hecmargi@upv.es>, Jason Gunthorpe <jgg@mellanox.com>, Jason Gunthorpe <jgg@ziepe.ca>, Catalin Marinas <catalin.marinas@arm.com>, Russell King <linux@armlinux.org.uk>, Will Deacon <will@kernel.org>, Jann Horn <jannh@google.com>, x86@kernel.org, linux-arm-kernel@lists.infradead.org, kernel-hardening@lists.openwall.com, linux-kernel@vger.kernel.org Subject: [PATCH v4 3/6] x86/elf: Disable automatic READ_IMPLIES_EXEC for 64-bit address spaces Date: Mon, 24 Feb 2020 21:13:04 -0800 [thread overview] Message-ID: <20200225051307.6401-4-keescook@chromium.org> (raw) In-Reply-To: <20200225051307.6401-1-keescook@chromium.org> With modern x86 64-bit environments, there should never be a need for automatic READ_IMPLIES_EXEC, as the architecture is intended to always be execute-bit aware (as in, the default memory protection should be NX unless a region explicitly requests to be executable). There were very old x86_64 systems that lacked the NX bit, but for those, the NX bit is, obviously, unenforceable, so these changes should have no impact on them. Suggested-by: Hector Marco-Gisbert <hecmargi@upv.es> Signed-off-by: Kees Cook <keescook@chromium.org> Reviewed-by: Jason Gunthorpe <jgg@mellanox.com> --- arch/x86/include/asm/elf.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/elf.h b/arch/x86/include/asm/elf.h index a7035065377c..c9b7be0bcad3 100644 --- a/arch/x86/include/asm/elf.h +++ b/arch/x86/include/asm/elf.h @@ -287,7 +287,7 @@ extern u32 elf_hwcap2; * CPU: | lacks NX* | has NX, ia32 | has NX, x86_64 | * ELF: | | | | * -------------------------------|------------------|----------------| - * missing GNU_STACK | exec-all | exec-all | exec-all | + * missing GNU_STACK | exec-all | exec-all | exec-none | * GNU_STACK == RWX | exec-stack | exec-stack | exec-stack | * GNU_STACK == RW | exec-none | exec-none | exec-none | * @@ -303,7 +303,7 @@ extern u32 elf_hwcap2; * */ #define elf_read_implies_exec(ex, executable_stack) \ - (executable_stack == EXSTACK_DEFAULT) + (mmap_is_ia32() && executable_stack == EXSTACK_DEFAULT) struct task_struct; -- 2.20.1
WARNING: multiple messages have this Message-ID (diff)
From: Kees Cook <keescook@chromium.org> To: Borislav Petkov <bp@alien8.de> Cc: Kees Cook <keescook@chromium.org>, Jann Horn <jannh@google.com>, Catalin Marinas <catalin.marinas@arm.com>, x86@kernel.org, Hector Marco-Gisbert <hecmargi@upv.es>, Russell King <linux@armlinux.org.uk>, linux-kernel@vger.kernel.org, Jason Gunthorpe <jgg@ziepe.ca>, Jason Gunthorpe <jgg@mellanox.com>, kernel-hardening@lists.openwall.com, Will Deacon <will@kernel.org>, linux-arm-kernel@lists.infradead.org Subject: [PATCH v4 3/6] x86/elf: Disable automatic READ_IMPLIES_EXEC for 64-bit address spaces Date: Mon, 24 Feb 2020 21:13:04 -0800 [thread overview] Message-ID: <20200225051307.6401-4-keescook@chromium.org> (raw) In-Reply-To: <20200225051307.6401-1-keescook@chromium.org> With modern x86 64-bit environments, there should never be a need for automatic READ_IMPLIES_EXEC, as the architecture is intended to always be execute-bit aware (as in, the default memory protection should be NX unless a region explicitly requests to be executable). There were very old x86_64 systems that lacked the NX bit, but for those, the NX bit is, obviously, unenforceable, so these changes should have no impact on them. Suggested-by: Hector Marco-Gisbert <hecmargi@upv.es> Signed-off-by: Kees Cook <keescook@chromium.org> Reviewed-by: Jason Gunthorpe <jgg@mellanox.com> --- arch/x86/include/asm/elf.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/elf.h b/arch/x86/include/asm/elf.h index a7035065377c..c9b7be0bcad3 100644 --- a/arch/x86/include/asm/elf.h +++ b/arch/x86/include/asm/elf.h @@ -287,7 +287,7 @@ extern u32 elf_hwcap2; * CPU: | lacks NX* | has NX, ia32 | has NX, x86_64 | * ELF: | | | | * -------------------------------|------------------|----------------| - * missing GNU_STACK | exec-all | exec-all | exec-all | + * missing GNU_STACK | exec-all | exec-all | exec-none | * GNU_STACK == RWX | exec-stack | exec-stack | exec-stack | * GNU_STACK == RW | exec-none | exec-none | exec-none | * @@ -303,7 +303,7 @@ extern u32 elf_hwcap2; * */ #define elf_read_implies_exec(ex, executable_stack) \ - (executable_stack == EXSTACK_DEFAULT) + (mmap_is_ia32() && executable_stack == EXSTACK_DEFAULT) struct task_struct; -- 2.20.1 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2020-02-25 5:13 UTC|newest] Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-02-25 5:13 [PATCH v4 0/6] binfmt_elf: Update READ_IMPLIES_EXEC logic for modern CPUs Kees Cook 2020-02-25 5:13 ` Kees Cook 2020-02-25 5:13 ` [PATCH v4 1/6] x86/elf: Add table to document READ_IMPLIES_EXEC Kees Cook 2020-02-25 5:13 ` Kees Cook 2020-03-11 19:44 ` Borislav Petkov 2020-03-11 19:44 ` Borislav Petkov 2020-03-13 0:06 ` Kees Cook 2020-03-13 0:06 ` Kees Cook 2020-02-25 5:13 ` [PATCH v4 2/6] x86/elf: Split READ_IMPLIES_EXEC from executable GNU_STACK Kees Cook 2020-02-25 5:13 ` Kees Cook 2020-02-25 5:13 ` Kees Cook [this message] 2020-02-25 5:13 ` [PATCH v4 3/6] x86/elf: Disable automatic READ_IMPLIES_EXEC for 64-bit address spaces Kees Cook 2020-02-25 5:13 ` [PATCH v4 4/6] arm32/64, elf: Add tables to document READ_IMPLIES_EXEC Kees Cook 2020-02-25 5:13 ` Kees Cook 2020-02-25 5:13 ` [PATCH v4 5/6] arm32/64, elf: Split READ_IMPLIES_EXEC from executable GNU_STACK Kees Cook 2020-02-25 5:13 ` Kees Cook 2020-02-25 5:13 ` [PATCH v4 6/6] arm64, elf: Disable automatic READ_IMPLIES_EXEC for 64-bit address spaces Kees Cook 2020-02-25 5:13 ` Kees Cook
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20200225051307.6401-4-keescook@chromium.org \ --to=keescook@chromium.org \ --cc=bp@alien8.de \ --cc=catalin.marinas@arm.com \ --cc=hecmargi@upv.es \ --cc=jannh@google.com \ --cc=jgg@mellanox.com \ --cc=jgg@ziepe.ca \ --cc=kernel-hardening@lists.openwall.com \ --cc=linux-arm-kernel@lists.infradead.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux@armlinux.org.uk \ --cc=will@kernel.org \ --cc=x86@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.