From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.3 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9E3CEC55179 for ; Tue, 27 Oct 2020 14:23:55 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 5999D207C3 for ; Tue, 27 Oct 2020 14:23:55 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="YtKILFwE" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 5999D207C3 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=arm.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References:Message-ID: Subject:To:From:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=udslzCug/Aq4rrEZx1hh4kvZTy5s6/V6OEG/aEmjVro=; b=YtKILFwEyp5y+wporA3mil/kx 7rDjn5kZ2L0jiodGGc6il20hgSdKVnYZTejw75jdONpACvoUkfCWmQ+Rw3qt+Loi4JZAUCk7ni7uh gWbHvDsIXybgR62oZJVh1ZTbJjFjGDAJoYM+//v6Bt5Dyj8v9+iZK/2UmEtYcMXXgUDDyA8OFuUHa dTvhr8p2hiZPHcCvFTVcgb518dbYJNcjdrXZuBjRls1DguKTGSGpj58uZ1u6HAJbHKmlNbbI/5uat 99Bpymt9kCXWYt5gGaGnCGOZ+j46d7gs3OzOyegojFIQaPvispk695hzA5ZunJ83fsQFE1FfTQanu VmNiGKeFw==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1kXPrq-0005Tq-3c; Tue, 27 Oct 2020 14:22:30 +0000 Received: from foss.arm.com ([217.140.110.172]) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1kXPrk-0005SE-WC for linux-arm-kernel@lists.infradead.org; Tue, 27 Oct 2020 14:22:27 +0000 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id D98BC13D5; Tue, 27 Oct 2020 07:22:23 -0700 (PDT) Received: from arm.com (usa-sjc-imap-foss1.foss.arm.com [10.121.207.14]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 542CD3F719; Tue, 27 Oct 2020 07:22:22 -0700 (PDT) Date: Tue, 27 Oct 2020 14:22:19 +0000 From: Dave Martin To: Florian Weimer Subject: Re: BTI interaction between seccomp filters in systemd and glibc mprotect calls, causing service failures Message-ID: <20201027142218.GE27285@arm.com> References: <8584c14f-5c28-9d70-c054-7c78127d84ea@arm.com> <20201026162410.GB27285@arm.com> <87r1pl9brd.fsf@oldenburg2.str.redhat.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <87r1pl9brd.fsf@oldenburg2.str.redhat.com> User-Agent: Mutt/1.5.23 (2014-03-12) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20201027_102225_135635_E4511A5E X-CRM114-Status: GOOD ( 15.31 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Mark Rutland , systemd-devel@lists.freedesktop.org, Kees Cook , Catalin Marinas , Will Deacon , "linux-kernel@vger.kernel.org" , Jeremy Linton , Mark Brown , toiwoton@gmail.com, Dave Martin via Libc-alpha , "linux-arm-kernel@lists.infradead.org" Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Mon, Oct 26, 2020 at 05:45:42PM +0100, Florian Weimer via Libc-alpha wrote: > * Dave Martin via Libc-alpha: > > > Would it now help to add something like: > > > > int mchangeprot(void *addr, size_t len, int old_flags, int new_flags) > > { > > int ret = -EINVAL; > > mmap_write_lock(current->mm); > > if (all vmas in [addr .. addr + len) have > > their mprotect flags set to old_flags) { > > > > ret = mprotect(addr, len, new_flags); > > } > > > > mmap_write_unlock(current->mm); > > return ret; > > } > > I suggested something similar as well. Ideally, the interface would > subsume pkey_mprotect, though, and have a separate flags argument from > the protection flags. But then we run into argument list length limits. > > Thanks, > Florian I suppose. Assuming that a syscall filter can inspect memory, we might be able to bundle arguments into a struct if necessary. [...] Cheers ---Dave _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel