From patchwork Thu Aug 17 07:23:46 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nicolas Pitre X-Patchwork-Id: 9905195 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id D6C5C60244 for ; Thu, 17 Aug 2017 07:48:54 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C8C7F28ABE for ; Thu, 17 Aug 2017 07:48:54 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id BDAC228AC2; Thu, 17 Aug 2017 07:48:54 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.6 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [65.50.211.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 4B40728ABE for ; Thu, 17 Aug 2017 07:48:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=BQ3vv0d2i7Efx2mKllLMLgZ/oP8zwxHCFnNS/oFZEak=; b=hmqrdrCu89XOwlEVJkACfcz5M7 jRhTIEIy4/8O6K9Kkj76OpImJ2ac/zyuYSYqieX53QIO0MEm6wBEnQ4QNCd7KK/IWnPW/2pSE1wzu gs6BRaPU+b69L1De2ZpLayjJg2VJGQehGnDJ0A/cvuJf7xBXJ/aE0RW1EIKRojfQinJVWFTCTNOh/ km420YXPYU3I8bQi1T0lM5jf6vLyAJTI1WYwd791J35gcR7300sZ+tHAm4BXbuiARlFcuPT4zxq3Y OLeAuUSXbK4YE5EC06iaQqtAz3tBGRwfFEucfCIAxt1/SdqFWSYE7DNuhjwCQFNHec0+VlJBdSj6b jw3VQnSQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux)) id 1diFXw-0008Vh-TJ; Thu, 17 Aug 2017 07:48:52 +0000 Received: from merlin.infradead.org ([205.233.59.134]) by bombadil.infradead.org with esmtps (Exim 4.87 #1 (Red Hat Linux)) id 1diFAU-0005Nx-F0 for linux-arm-kernel@bombadil.infradead.org; Thu, 17 Aug 2017 07:24:38 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=merlin.20170209; h=References:In-Reply-To:Message-Id:Date: Subject:Cc:To:From:Sender:Reply-To:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=MiQ/RGwRe8FGuJSwi0YosD2izOo8eZnx0KGRPAZhXq0=; b=WtzV9PCbRDt4BU0nJEe0+QpSf OV7pEbAGYxtafptie4qmM4Rbf2jKIUjKkZ3x+0DOQmy6TEOmxdE8Nq4TFvAAarwTbhuDvNlYy+gHl 5MSOWvz0bGC3k5Gf4Q/PQxsPKHxqkkZK9TgVBCwu7cYlNq6h2H+gRpAV/0UJrsHQUiLvaf84wUYI8 uXtbWaPo4izNjWnEvunE2VO+H19kSkrVOpy+F40aO9KkI1f9rLn6Heg21BfnkGeFY++0Ph6csj7xj lutfq9ZL5hCDB5p9aTn6MLF0uTuTmACXpboSQz3dhPpYSMGLsF6WOCdw+G9o9twEZdg3KXh0ayHtb 25P/BIPpQ==; Received: from pb-smtp2.pobox.com ([64.147.108.71] helo=sasl.smtp.pobox.com) by merlin.infradead.org with esmtps (Exim 4.87 #1 (Red Hat Linux)) id 1diFAQ-0003FL-RZ for linux-arm-kernel@lists.infradead.org; Thu, 17 Aug 2017 07:24:37 +0000 Received: from sasl.smtp.pobox.com (unknown [127.0.0.1]) by pb-smtp2.pobox.com (Postfix) with ESMTP id EA6BC978A1; Thu, 17 Aug 2017 03:24:11 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=from:to:cc :subject:date:message-id:in-reply-to:references; s=sasl; bh=fzXg s4sFWdBSc/y/nRmyKc9NjiE=; b=b0z2rMCmVM7Tu6Xx/7eyf9WIdlmnsBUrmBMq v9COLNBGgowVgOniYdBYcTiU9m5E+jT6c0yWKl9J1nmAIm+bnyh834YouJXa+nuf jfUdP6Clf7ZcB6a4NgRplXEcryRXU/MyTcqIihg1cj98r4asJBp6iB77Q+wnv4kb aigfduA= Received: from pb-smtp2.nyi.icgroup.com (unknown [127.0.0.1]) by pb-smtp2.pobox.com (Postfix) with ESMTP id E25229789D; Thu, 17 Aug 2017 03:24:10 -0400 (EDT) Received: from yoda.home (unknown [70.80.200.199]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pb-smtp2.pobox.com (Postfix) with ESMTPSA id 5B76397898; Thu, 17 Aug 2017 03:24:10 -0400 (EDT) Received: from xanadu.home (xanadu.home [192.168.2.2]) by yoda.home (Postfix) with ESMTP id 30B862DA06F8; Thu, 17 Aug 2017 03:24:09 -0400 (EDT) From: Nicolas Pitre To: Russell King - ARM Linux , linux-arm-kernel@lists.infradead.org Subject: [PATCH v2 7/8] binfmt_elf: don't attempt to load FDPIC binaries Date: Thu, 17 Aug 2017 03:23:46 -0400 Message-Id: <20170817072347.19990-8-nicolas.pitre@linaro.org> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20170817072347.19990-1-nicolas.pitre@linaro.org> References: <20170817072347.19990-1-nicolas.pitre@linaro.org> X-Pobox-Relay-ID: 100178C4-831D-11E7-9C33-9D2B0D78B957-78420484!pb-smtp2.pobox.com X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: "Mickael Guene ." , Alexandre Torgue MIME-Version: 1.0 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP On platforms where both ELF and ELF-FDPIC variants are available, the regular ELF loader will happily identify FDPIC binaries as proper ELF and load them without the necessary FDPIC fixups, resulting in an immediate user space crash. Let's prevent binflt_elf from loading those binaries so binfmt_elf_fdpic has a chance to pick them up. For those architectures that don't define elf_check_fdpic(), a default version returning false is provided. Signed-off-by: Nicolas Pitre Tested-by: Vincent Abriou --- fs/binfmt_elf.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c index 879ff9c7ff..84d64afaea 100644 --- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c @@ -51,6 +51,11 @@ #define user_siginfo_t siginfo_t #endif +/* That's for binfmt_elf_fdpic to deal with */ +#ifndef elf_check_fdpic +#define elf_check_fdpic(ex) false +#endif + static int load_elf_binary(struct linux_binprm *bprm); static unsigned long elf_map(struct file *, unsigned long, struct elf_phdr *, int, int, unsigned long); @@ -541,7 +546,8 @@ static unsigned long load_elf_interp(struct elfhdr *interp_elf_ex, if (interp_elf_ex->e_type != ET_EXEC && interp_elf_ex->e_type != ET_DYN) goto out; - if (!elf_check_arch(interp_elf_ex)) + if (!elf_check_arch(interp_elf_ex) || + elf_check_fdpic(interp_elf_ex)) goto out; if (!interpreter->f_op->mmap) goto out; @@ -718,6 +724,8 @@ static int load_elf_binary(struct linux_binprm *bprm) goto out; if (!elf_check_arch(&loc->elf_ex)) goto out; + if (elf_check_fdpic(&loc->elf_ex)) + goto out; if (!bprm->file->f_op->mmap) goto out; @@ -817,7 +825,8 @@ static int load_elf_binary(struct linux_binprm *bprm) if (memcmp(loc->interp_elf_ex.e_ident, ELFMAG, SELFMAG) != 0) goto out_free_dentry; /* Verify the interpreter has a valid arch */ - if (!elf_check_arch(&loc->interp_elf_ex)) + if (!elf_check_arch(&loc->interp_elf_ex) || + elf_check_fdpic(&loc->interp_elf_ex)) goto out_free_dentry; /* Load the interpreter program headers */ @@ -1189,6 +1198,8 @@ static int load_elf_library(struct file *file) if (elf_ex.e_type != ET_EXEC || elf_ex.e_phnum > 2 || !elf_check_arch(&elf_ex) || !file->f_op->mmap) goto out; + if (elf_check_fdpic(&elf_ex)) + goto out; /* Now read in all of the header information */