From: Kees Cook <keescook@chromium.org>
To: Borislav Petkov <bp@alien8.de>
Cc: Kees Cook <keescook@chromium.org>,
Jason Gunthorpe <jgg@mellanox.com>,
Hector Marco-Gisbert <hecmargi@upv.es>,
Jason Gunthorpe <jgg@ziepe.ca>,
Catalin Marinas <catalin.marinas@arm.com>,
Russell King <linux@armlinux.org.uk>,
Will Deacon <will@kernel.org>, Jann Horn <jannh@google.com>,
x86@kernel.org, linux-arm-kernel@lists.infradead.org,
kernel-hardening@lists.openwall.com,
linux-kernel@vger.kernel.org
Subject: [PATCH v5 1/6] x86/elf: Add table to document READ_IMPLIES_EXEC
Date: Thu, 26 Mar 2020 23:48:15 -0700 [thread overview]
Message-ID: <20200327064820.12602-2-keescook@chromium.org> (raw)
In-Reply-To: <20200327064820.12602-1-keescook@chromium.org>
Add a table to document the current behavior of READ_IMPLIES_EXEC in
preparation for changing the behavior.
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Jason Gunthorpe <jgg@mellanox.com>
---
arch/x86/include/asm/elf.h | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/arch/x86/include/asm/elf.h b/arch/x86/include/asm/elf.h
index 69c0f892e310..ee459d4c3b45 100644
--- a/arch/x86/include/asm/elf.h
+++ b/arch/x86/include/asm/elf.h
@@ -281,6 +281,25 @@ extern u32 elf_hwcap2;
/*
* An executable for which elf_read_implies_exec() returns TRUE will
* have the READ_IMPLIES_EXEC personality flag set automatically.
+ *
+ * The decision process for determining the results are:
+ *
+ * CPU: | lacks NX* | has NX, ia32 | has NX, x86_64 |
+ * ELF: | | | |
+ * ---------------------|------------|------------------|----------------|
+ * missing PT_GNU_STACK | exec-all | exec-all | exec-all |
+ * PT_GNU_STACK == RWX | exec-all | exec-all | exec-all |
+ * PT_GNU_STACK == RW | exec-none | exec-none | exec-none |
+ *
+ * exec-all : all PROT_READ user mappings are executable, except when
+ * backed by files on a noexec-filesystem.
+ * exec-none : only PROT_EXEC user mappings are executable.
+ *
+ * *this column has no architectural effect: NX markings are ignored by
+ * hardware, but may have behavioral effects when "wants X" collides with
+ * "cannot be X" constraints in memory permission flags, as in
+ * https://lkml.kernel.org/r/20190418055759.GA3155@mellanox.com
+ *
*/
#define elf_read_implies_exec(ex, executable_stack) \
(executable_stack != EXSTACK_DISABLE_X)
--
2.20.1
WARNING: multiple messages have this Message-ID (diff)
From: Kees Cook <keescook@chromium.org>
To: Borislav Petkov <bp@alien8.de>
Cc: Kees Cook <keescook@chromium.org>, Jann Horn <jannh@google.com>,
Catalin Marinas <catalin.marinas@arm.com>,
x86@kernel.org, Hector Marco-Gisbert <hecmargi@upv.es>,
Russell King <linux@armlinux.org.uk>,
linux-kernel@vger.kernel.org, Jason Gunthorpe <jgg@ziepe.ca>,
Jason Gunthorpe <jgg@mellanox.com>,
kernel-hardening@lists.openwall.com,
Will Deacon <will@kernel.org>,
linux-arm-kernel@lists.infradead.org
Subject: [PATCH v5 1/6] x86/elf: Add table to document READ_IMPLIES_EXEC
Date: Thu, 26 Mar 2020 23:48:15 -0700 [thread overview]
Message-ID: <20200327064820.12602-2-keescook@chromium.org> (raw)
In-Reply-To: <20200327064820.12602-1-keescook@chromium.org>
Add a table to document the current behavior of READ_IMPLIES_EXEC in
preparation for changing the behavior.
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Jason Gunthorpe <jgg@mellanox.com>
---
arch/x86/include/asm/elf.h | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/arch/x86/include/asm/elf.h b/arch/x86/include/asm/elf.h
index 69c0f892e310..ee459d4c3b45 100644
--- a/arch/x86/include/asm/elf.h
+++ b/arch/x86/include/asm/elf.h
@@ -281,6 +281,25 @@ extern u32 elf_hwcap2;
/*
* An executable for which elf_read_implies_exec() returns TRUE will
* have the READ_IMPLIES_EXEC personality flag set automatically.
+ *
+ * The decision process for determining the results are:
+ *
+ * CPU: | lacks NX* | has NX, ia32 | has NX, x86_64 |
+ * ELF: | | | |
+ * ---------------------|------------|------------------|----------------|
+ * missing PT_GNU_STACK | exec-all | exec-all | exec-all |
+ * PT_GNU_STACK == RWX | exec-all | exec-all | exec-all |
+ * PT_GNU_STACK == RW | exec-none | exec-none | exec-none |
+ *
+ * exec-all : all PROT_READ user mappings are executable, except when
+ * backed by files on a noexec-filesystem.
+ * exec-none : only PROT_EXEC user mappings are executable.
+ *
+ * *this column has no architectural effect: NX markings are ignored by
+ * hardware, but may have behavioral effects when "wants X" collides with
+ * "cannot be X" constraints in memory permission flags, as in
+ * https://lkml.kernel.org/r/20190418055759.GA3155@mellanox.com
+ *
*/
#define elf_read_implies_exec(ex, executable_stack) \
(executable_stack != EXSTACK_DISABLE_X)
--
2.20.1
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2020-03-27 6:48 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-27 6:48 [PATCH v5 0/6] binfmt_elf: Update READ_IMPLIES_EXEC logic for modern CPUs Kees Cook
2020-03-27 6:48 ` Kees Cook
2020-03-27 6:48 ` Kees Cook [this message]
2020-03-27 6:48 ` [PATCH v5 1/6] x86/elf: Add table to document READ_IMPLIES_EXEC Kees Cook
2020-04-20 20:03 ` [tip: core/core] " tip-bot2 for Kees Cook
2020-03-27 6:48 ` [PATCH v5 2/6] x86/elf: Split READ_IMPLIES_EXEC from executable PT_GNU_STACK Kees Cook
2020-03-27 6:48 ` Kees Cook
2020-04-20 20:03 ` [tip: core/core] " tip-bot2 for Kees Cook
2020-03-27 6:48 ` [PATCH v5 3/6] x86/elf: Disable automatic READ_IMPLIES_EXEC for 64-bit address spaces Kees Cook
2020-03-27 6:48 ` Kees Cook
2020-04-20 20:03 ` [tip: core/core] x86/elf: Disable automatic READ_IMPLIES_EXEC on 64-bit tip-bot2 for Kees Cook
2020-03-27 6:48 ` [PATCH v5 4/6] arm32/64, elf: Add tables to document READ_IMPLIES_EXEC Kees Cook
2020-03-27 6:48 ` Kees Cook
2020-04-20 20:03 ` [tip: core/core] arm32/64/elf: " tip-bot2 for Kees Cook
2020-03-27 6:48 ` [PATCH v5 5/6] arm32/64, elf: Split READ_IMPLIES_EXEC from executable PT_GNU_STACK Kees Cook
2020-03-27 6:48 ` Kees Cook
2020-04-20 20:03 ` [tip: core/core] arm32/64/elf: " tip-bot2 for Kees Cook
2020-03-27 6:48 ` [PATCH v5 6/6] arm64, elf: Disable automatic READ_IMPLIES_EXEC for 64-bit address spaces Kees Cook
2020-03-27 6:48 ` Kees Cook
2020-04-20 20:03 ` [tip: core/core] arm64/elf: " tip-bot2 for Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200327064820.12602-2-keescook@chromium.org \
--to=keescook@chromium.org \
--cc=bp@alien8.de \
--cc=catalin.marinas@arm.com \
--cc=hecmargi@upv.es \
--cc=jannh@google.com \
--cc=jgg@mellanox.com \
--cc=jgg@ziepe.ca \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@armlinux.org.uk \
--cc=will@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.