From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.2 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 122B1C07E9D for ; Mon, 19 Jul 2021 10:06:16 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id EFC1F61107 for ; Mon, 19 Jul 2021 10:06:15 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235172AbhGSJZf (ORCPT ); Mon, 19 Jul 2021 05:25:35 -0400 Received: from foss.arm.com ([217.140.110.172]:54412 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235709AbhGSJZe (ORCPT ); Mon, 19 Jul 2021 05:25:34 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id B15B76D; Mon, 19 Jul 2021 03:06:14 -0700 (PDT) Received: from arm.com (usa-sjc-imap-foss1.foss.arm.com [10.121.207.14]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 5FF4F3F73D; Mon, 19 Jul 2021 03:06:13 -0700 (PDT) Date: Mon, 19 Jul 2021 11:04:39 +0100 From: Dave Martin To: Mark Brown Cc: Catalin Marinas , Will Deacon , Szabolcs Nagy , Jeremy Linton , "H . J . Lu" , Yu-cheng Yu , linux-arch@vger.kernel.org, linux-arm-kernel@lists.infradead.org, libc-alpha@sourceware.org Subject: Re: [PATCH v4 1/4] elf: Allow architectures to parse properties on the main executable Message-ID: <20210719100427.GT4187@arm.com> References: <20210712115259.29547-1-broonie@kernel.org> <20210712115259.29547-2-broonie@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20210712115259.29547-2-broonie@kernel.org> User-Agent: Mutt/1.5.23 (2014-03-12) Precedence: bulk List-ID: X-Mailing-List: linux-arch@vger.kernel.org On Mon, Jul 12, 2021 at 12:52:56PM +0100, Mark Brown wrote: > Currently the ELF code only attempts to parse properties on the image > that will start execution, either the interpreter or for statically linked > executables the main executable. The expectation is that any property > handling for the main executable will be done by the interpreter. This is > a bit inconsistent since we do map the executable and is causing problems > for the arm64 BTI support when used in conjunction with systemd's use of > seccomp to implement MemoryDenyWriteExecute which stops the dynamic linker > adjusting the permissions of executable segments. > > Allow architectures to handle properties for both the dynamic linker and > main executable, adjusting arch_parse_elf_properties() to have an is_interp Nit: to have has_interp and is_interp flags > flag as with arch_elf_adjust_prot() and calling it for both the main > executable and any intepreter. It would be helpful to note that the user of this code (arm64) is adapted to ensure that there is no functional change; otherwise the arm64 changes look a little non-obvious. This is not a big deal though, and the code looks fine. > Signed-off-by: Mark Brown > Tested-by: Jeremy Linton So, with or without the commit message tweaks: Reviewed-by: Dave Martin > --- > arch/arm64/include/asm/elf.h | 3 ++- > fs/binfmt_elf.c | 31 +++++++++++++++++++++++-------- > include/linux/elf.h | 4 +++- > 3 files changed, 28 insertions(+), 10 deletions(-) > > diff --git a/arch/arm64/include/asm/elf.h b/arch/arm64/include/asm/elf.h > index 8d1c8dcb87fd..a488a1329b16 100644 > --- a/arch/arm64/include/asm/elf.h > +++ b/arch/arm64/include/asm/elf.h > @@ -261,6 +261,7 @@ struct arch_elf_state { > > static inline int arch_parse_elf_property(u32 type, const void *data, > size_t datasz, bool compat, > + bool has_interp, bool is_interp, > struct arch_elf_state *arch) > { > /* No known properties for AArch32 yet */ > @@ -273,7 +274,7 @@ static inline int arch_parse_elf_property(u32 type, const void *data, > if (datasz != sizeof(*p)) > return -ENOEXEC; > > - if (system_supports_bti() && > + if (system_supports_bti() && has_interp == is_interp && > (*p & GNU_PROPERTY_AARCH64_FEATURE_1_BTI)) > arch->flags |= ARM64_ELF_BTI; > } > diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c > index 439ed81e755a..81e151a57df2 100644 > --- a/fs/binfmt_elf.c > +++ b/fs/binfmt_elf.c > @@ -716,8 +716,9 @@ static unsigned long load_elf_interp(struct elfhdr *interp_elf_ex, > */ > > static int parse_elf_property(const char *data, size_t *off, size_t datasz, > - struct arch_elf_state *arch, > - bool have_prev_type, u32 *prev_type) > + struct arch_elf_state *arch, bool has_interp, > + bool is_interp, bool have_prev_type, > + u32 *prev_type) > { > size_t o, step; > const struct gnu_property *pr; > @@ -751,7 +752,8 @@ static int parse_elf_property(const char *data, size_t *off, size_t datasz, > *prev_type = pr->pr_type; > > ret = arch_parse_elf_property(pr->pr_type, data + o, > - pr->pr_datasz, ELF_COMPAT, arch); > + pr->pr_datasz, ELF_COMPAT, > + has_interp, is_interp, arch); > if (ret) > return ret; > > @@ -764,6 +766,7 @@ static int parse_elf_property(const char *data, size_t *off, size_t datasz, > #define NOTE_NAME_SZ (sizeof(GNU_PROPERTY_TYPE_0_NAME)) > > static int parse_elf_properties(struct file *f, const struct elf_phdr *phdr, > + bool has_interp, bool is_interp, > struct arch_elf_state *arch) > { > union { > @@ -813,7 +816,8 @@ static int parse_elf_properties(struct file *f, const struct elf_phdr *phdr, > have_prev_type = false; > do { > ret = parse_elf_property(note.data, &off, datasz, arch, > - have_prev_type, &prev_type); > + has_interp, is_interp, have_prev_type, > + &prev_type); > have_prev_type = true; > } while (!ret); > > @@ -828,6 +832,7 @@ static int load_elf_binary(struct linux_binprm *bprm) > unsigned long error; > struct elf_phdr *elf_ppnt, *elf_phdata, *interp_elf_phdata = NULL; > struct elf_phdr *elf_property_phdata = NULL; > + struct elf_phdr *interp_elf_property_phdata = NULL; > unsigned long elf_bss, elf_brk; > int bss_prot = 0; > int retval, i; > @@ -936,6 +941,10 @@ static int load_elf_binary(struct linux_binprm *bprm) > executable_stack = EXSTACK_DISABLE_X; > break; > > + case PT_GNU_PROPERTY: > + elf_property_phdata = elf_ppnt; > + break; > + > case PT_LOPROC ... PT_HIPROC: > retval = arch_elf_pt_proc(elf_ex, elf_ppnt, > bprm->file, false, > @@ -963,12 +972,11 @@ static int load_elf_binary(struct linux_binprm *bprm) > goto out_free_dentry; > > /* Pass PT_LOPROC..PT_HIPROC headers to arch code */ > - elf_property_phdata = NULL; > elf_ppnt = interp_elf_phdata; > for (i = 0; i < interp_elf_ex->e_phnum; i++, elf_ppnt++) > switch (elf_ppnt->p_type) { > case PT_GNU_PROPERTY: > - elf_property_phdata = elf_ppnt; > + interp_elf_property_phdata = elf_ppnt; > break; > > case PT_LOPROC ... PT_HIPROC: > @@ -979,10 +987,17 @@ static int load_elf_binary(struct linux_binprm *bprm) > goto out_free_dentry; > break; > } > + > + retval = parse_elf_properties(interpreter, > + interp_elf_property_phdata, > + true, true, &arch_state); > + if (retval) > + goto out_free_dentry; > + > } > > - retval = parse_elf_properties(interpreter ?: bprm->file, > - elf_property_phdata, &arch_state); > + retval = parse_elf_properties(bprm->file, elf_property_phdata, > + interpreter != NULL, false, &arch_state); > if (retval) > goto out_free_dentry; > > diff --git a/include/linux/elf.h b/include/linux/elf.h > index c9a46c4e183b..1c45ecf29147 100644 > --- a/include/linux/elf.h > +++ b/include/linux/elf.h > @@ -88,13 +88,15 @@ struct arch_elf_state; > #ifndef CONFIG_ARCH_USE_GNU_PROPERTY > static inline int arch_parse_elf_property(u32 type, const void *data, > size_t datasz, bool compat, > + bool has_interp, bool is_interp, > struct arch_elf_state *arch) > { > return 0; > } > #else > extern int arch_parse_elf_property(u32 type, const void *data, size_t datasz, > - bool compat, struct arch_elf_state *arch); > + bool compat, bool has_interp, bool is_interp, > + struct arch_elf_state *arch); > #endif > > #ifdef CONFIG_ARCH_HAVE_ELF_PROT > -- > 2.20.1 > > > _______________________________________________ > linux-arm-kernel mailing list > linux-arm-kernel@lists.infradead.org > http://lists.infradead.org/mailman/listinfo/linux-arm-kernel From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.7 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3F283C07E9B for ; Mon, 19 Jul 2021 10:08:13 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 0827D61107 for ; Mon, 19 Jul 2021 10:08:13 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 0827D61107 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=arm.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References: Message-ID:Subject:Cc:To:From:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=QK8NP2BUl1i3d0JM+nfYm+a4ZmFaG4d/RkmW278N4p4=; b=ahhY4rQK3YQ9un 5/LLnSnR3ltr6te5CEBjWgSxBR47LbN3NB0MWfuKhtOR1rsX9MU/PPiL/7k54CCp9g+eygX7dd+oh IcHtosI8eGjCHIL6myuSc7mzOVng7aBBdU6j2DAttxEIFgOOpYzAnRTlGw98sRlTV9U2JEYBFo1mK HNNcCzFagSyNQpZggJ4Bvj4Fd8bEXul5eU1PKIZ6W42Pj2TsdppfEC1RJfZhgfGJPcMax4tNCJRAD F5th8kbGF4mXnYtqaG9dJoF0nSKTKRIyHEHOxTuSo8UQLVYNurGhiiLkKZZzvB63SydeDfJLwBk28 K6PHYRU/rMyz6NFqHmcQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1m5QAJ-009ByV-JI; Mon, 19 Jul 2021 10:06:23 +0000 Received: from foss.arm.com ([217.140.110.172]) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1m5QAE-009BwV-AT for linux-arm-kernel@lists.infradead.org; Mon, 19 Jul 2021 10:06:20 +0000 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id B15B76D; Mon, 19 Jul 2021 03:06:14 -0700 (PDT) Received: from arm.com (usa-sjc-imap-foss1.foss.arm.com [10.121.207.14]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 5FF4F3F73D; Mon, 19 Jul 2021 03:06:13 -0700 (PDT) Date: Mon, 19 Jul 2021 11:04:39 +0100 From: Dave Martin To: Mark Brown Cc: Catalin Marinas , Will Deacon , Szabolcs Nagy , Jeremy Linton , "H . J . Lu" , Yu-cheng Yu , linux-arch@vger.kernel.org, linux-arm-kernel@lists.infradead.org, libc-alpha@sourceware.org Subject: Re: [PATCH v4 1/4] elf: Allow architectures to parse properties on the main executable Message-ID: <20210719100427.GT4187@arm.com> References: <20210712115259.29547-1-broonie@kernel.org> <20210712115259.29547-2-broonie@kernel.org> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20210712115259.29547-2-broonie@kernel.org> User-Agent: Mutt/1.5.23 (2014-03-12) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210719_030618_468722_CC080409 X-CRM114-Status: GOOD ( 33.22 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Mon, Jul 12, 2021 at 12:52:56PM +0100, Mark Brown wrote: > Currently the ELF code only attempts to parse properties on the image > that will start execution, either the interpreter or for statically linked > executables the main executable. The expectation is that any property > handling for the main executable will be done by the interpreter. This is > a bit inconsistent since we do map the executable and is causing problems > for the arm64 BTI support when used in conjunction with systemd's use of > seccomp to implement MemoryDenyWriteExecute which stops the dynamic linker > adjusting the permissions of executable segments. > > Allow architectures to handle properties for both the dynamic linker and > main executable, adjusting arch_parse_elf_properties() to have an is_interp Nit: to have has_interp and is_interp flags > flag as with arch_elf_adjust_prot() and calling it for both the main > executable and any intepreter. It would be helpful to note that the user of this code (arm64) is adapted to ensure that there is no functional change; otherwise the arm64 changes look a little non-obvious. This is not a big deal though, and the code looks fine. > Signed-off-by: Mark Brown > Tested-by: Jeremy Linton So, with or without the commit message tweaks: Reviewed-by: Dave Martin > --- > arch/arm64/include/asm/elf.h | 3 ++- > fs/binfmt_elf.c | 31 +++++++++++++++++++++++-------- > include/linux/elf.h | 4 +++- > 3 files changed, 28 insertions(+), 10 deletions(-) > > diff --git a/arch/arm64/include/asm/elf.h b/arch/arm64/include/asm/elf.h > index 8d1c8dcb87fd..a488a1329b16 100644 > --- a/arch/arm64/include/asm/elf.h > +++ b/arch/arm64/include/asm/elf.h > @@ -261,6 +261,7 @@ struct arch_elf_state { > > static inline int arch_parse_elf_property(u32 type, const void *data, > size_t datasz, bool compat, > + bool has_interp, bool is_interp, > struct arch_elf_state *arch) > { > /* No known properties for AArch32 yet */ > @@ -273,7 +274,7 @@ static inline int arch_parse_elf_property(u32 type, const void *data, > if (datasz != sizeof(*p)) > return -ENOEXEC; > > - if (system_supports_bti() && > + if (system_supports_bti() && has_interp == is_interp && > (*p & GNU_PROPERTY_AARCH64_FEATURE_1_BTI)) > arch->flags |= ARM64_ELF_BTI; > } > diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c > index 439ed81e755a..81e151a57df2 100644 > --- a/fs/binfmt_elf.c > +++ b/fs/binfmt_elf.c > @@ -716,8 +716,9 @@ static unsigned long load_elf_interp(struct elfhdr *interp_elf_ex, > */ > > static int parse_elf_property(const char *data, size_t *off, size_t datasz, > - struct arch_elf_state *arch, > - bool have_prev_type, u32 *prev_type) > + struct arch_elf_state *arch, bool has_interp, > + bool is_interp, bool have_prev_type, > + u32 *prev_type) > { > size_t o, step; > const struct gnu_property *pr; > @@ -751,7 +752,8 @@ static int parse_elf_property(const char *data, size_t *off, size_t datasz, > *prev_type = pr->pr_type; > > ret = arch_parse_elf_property(pr->pr_type, data + o, > - pr->pr_datasz, ELF_COMPAT, arch); > + pr->pr_datasz, ELF_COMPAT, > + has_interp, is_interp, arch); > if (ret) > return ret; > > @@ -764,6 +766,7 @@ static int parse_elf_property(const char *data, size_t *off, size_t datasz, > #define NOTE_NAME_SZ (sizeof(GNU_PROPERTY_TYPE_0_NAME)) > > static int parse_elf_properties(struct file *f, const struct elf_phdr *phdr, > + bool has_interp, bool is_interp, > struct arch_elf_state *arch) > { > union { > @@ -813,7 +816,8 @@ static int parse_elf_properties(struct file *f, const struct elf_phdr *phdr, > have_prev_type = false; > do { > ret = parse_elf_property(note.data, &off, datasz, arch, > - have_prev_type, &prev_type); > + has_interp, is_interp, have_prev_type, > + &prev_type); > have_prev_type = true; > } while (!ret); > > @@ -828,6 +832,7 @@ static int load_elf_binary(struct linux_binprm *bprm) > unsigned long error; > struct elf_phdr *elf_ppnt, *elf_phdata, *interp_elf_phdata = NULL; > struct elf_phdr *elf_property_phdata = NULL; > + struct elf_phdr *interp_elf_property_phdata = NULL; > unsigned long elf_bss, elf_brk; > int bss_prot = 0; > int retval, i; > @@ -936,6 +941,10 @@ static int load_elf_binary(struct linux_binprm *bprm) > executable_stack = EXSTACK_DISABLE_X; > break; > > + case PT_GNU_PROPERTY: > + elf_property_phdata = elf_ppnt; > + break; > + > case PT_LOPROC ... PT_HIPROC: > retval = arch_elf_pt_proc(elf_ex, elf_ppnt, > bprm->file, false, > @@ -963,12 +972,11 @@ static int load_elf_binary(struct linux_binprm *bprm) > goto out_free_dentry; > > /* Pass PT_LOPROC..PT_HIPROC headers to arch code */ > - elf_property_phdata = NULL; > elf_ppnt = interp_elf_phdata; > for (i = 0; i < interp_elf_ex->e_phnum; i++, elf_ppnt++) > switch (elf_ppnt->p_type) { > case PT_GNU_PROPERTY: > - elf_property_phdata = elf_ppnt; > + interp_elf_property_phdata = elf_ppnt; > break; > > case PT_LOPROC ... PT_HIPROC: > @@ -979,10 +987,17 @@ static int load_elf_binary(struct linux_binprm *bprm) > goto out_free_dentry; > break; > } > + > + retval = parse_elf_properties(interpreter, > + interp_elf_property_phdata, > + true, true, &arch_state); > + if (retval) > + goto out_free_dentry; > + > } > > - retval = parse_elf_properties(interpreter ?: bprm->file, > - elf_property_phdata, &arch_state); > + retval = parse_elf_properties(bprm->file, elf_property_phdata, > + interpreter != NULL, false, &arch_state); > if (retval) > goto out_free_dentry; > > diff --git a/include/linux/elf.h b/include/linux/elf.h > index c9a46c4e183b..1c45ecf29147 100644 > --- a/include/linux/elf.h > +++ b/include/linux/elf.h > @@ -88,13 +88,15 @@ struct arch_elf_state; > #ifndef CONFIG_ARCH_USE_GNU_PROPERTY > static inline int arch_parse_elf_property(u32 type, const void *data, > size_t datasz, bool compat, > + bool has_interp, bool is_interp, > struct arch_elf_state *arch) > { > return 0; > } > #else > extern int arch_parse_elf_property(u32 type, const void *data, size_t datasz, > - bool compat, struct arch_elf_state *arch); > + bool compat, bool has_interp, bool is_interp, > + struct arch_elf_state *arch); > #endif > > #ifdef CONFIG_ARCH_HAVE_ELF_PROT > -- > 2.20.1 > > > _______________________________________________ > linux-arm-kernel mailing list > linux-arm-kernel@lists.infradead.org > http://lists.infradead.org/mailman/listinfo/linux-arm-kernel _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel