| Message ID | 20210904154617.4189-1-david@redhat.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show
Return-Path: <SRS0=a5Vl=N2=kvack.org=owner-linux-mm@kernel.org> X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-23.6 required=3.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, INCLUDES_PULL_REQUEST,MAILING_LIST_MULTI,MENTIONS_GIT_HOSTING,SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1020EC433FE for <linux-mm@archiver.kernel.org>; Sat, 4 Sep 2021 15:46:29 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 9601E60F56 for <linux-mm@archiver.kernel.org>; Sat, 4 Sep 2021 15:46:28 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 9601E60F56 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=redhat.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kvack.org Received: by kanga.kvack.org (Postfix) id DCA886B0071; Sat, 4 Sep 2021 11:46:27 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id D7A2A6B0072; Sat, 4 Sep 2021 11:46:27 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C1A53900002; Sat, 4 Sep 2021 11:46:27 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0048.hostedemail.com [216.40.44.48]) by kanga.kvack.org (Postfix) with ESMTP id B0A1B6B0071 for <linux-mm@kvack.org>; Sat, 4 Sep 2021 11:46:27 -0400 (EDT) Received: from smtpin26.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay03.hostedemail.com (Postfix) with ESMTP id 3B8108248076 for <linux-mm@kvack.org>; Sat, 4 Sep 2021 15:46:27 +0000 (UTC) X-FDA: 78550318014.26.B01CC43 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by imf19.hostedemail.com (Postfix) with ESMTP id AA795B0000A5 for <linux-mm@kvack.org>; Sat, 4 Sep 2021 15:46:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1630770386; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=KB4LyBJtSm5CI3uG6bfxxb/7LkVLVb9zKUda/iwjkb8=; b=ZpElgHNESc5juc9ayUHaHnUAh7GH9FTHWdB71MSH7oLh//ilyOmT8Bx2K0f20w0ZJ3MHYu EfabcdRlwrz4mtfD1DXUkA3eTd1eb7htM699shycXrA2+DyLDTjOpzJmSoIwazQgvIm4FZ Y2g9v6g83ZEz0nglO4+qnsNDmgEXYHg= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-532-jPXRAm-mOjKLcyoUZRMJDQ-1; Sat, 04 Sep 2021 11:46:24 -0400 X-MC-Unique: jPXRAm-mOjKLcyoUZRMJDQ-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 854E3779; Sat, 4 Sep 2021 15:46:23 +0000 (UTC) Received: from t480s.redhat.com (unknown [10.39.192.70]) by smtp.corp.redhat.com (Postfix) with ESMTP id 593E55C1D1; Sat, 4 Sep 2021 15:46:18 +0000 (UTC) From: David Hildenbrand <david@redhat.com> To: Linus Torvalds <torvalds@linux-foundation.org> Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org, Andrew Morton <akpm@linux-foundation.org>, linux-fsdevel@vger.kernel.org, "Eric W . Biederman" <ebiederm@xmission.com>, David Hildenbrand <david@redhat.com> Subject: [GIT PULL] Remove in-tree usage of MAP_DENYWRITE Date: Sat, 4 Sep 2021 17:46:17 +0200 Message-Id: <20210904154617.4189-1-david@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Rspamd-Queue-Id: AA795B0000A5 Authentication-Results: imf19.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=ZpElgHNE; dmarc=pass (policy=none) header.from=redhat.com; spf=none (imf19.hostedemail.com: domain of david@redhat.com has no SPF policy when checking 170.10.133.124) smtp.mailfrom=david@redhat.com X-Rspamd-Server: rspam01 X-Stat-Signature: 1gszyah894jk4c6a8z95xakiu6ifgy41 X-HE-Tag: 1630770386-266778 Content-Transfer-Encoding: quoted-printable X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: <linux-mm.kvack.org> |
| Series |
[GIT,PULL] Remove in-tree usage of MAP_DENYWRITE
|
expand
|
The pull request you sent on Sat, 4 Sep 2021 17:46:17 +0200:
> https://github.com/davidhildenbrand/linux.git tags/denywrite-for-5.15
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/49624efa65ac9889f4e7c7b2452b2e6ce42ba37d
Thank you!
Hi Linus, as discussed ... The following changes since commit 7d2a07b769330c34b4deabeed939325c77a7ec2f: Linux 5.14 (2021-08-29 15:04:50 -0700) are available in the Git repository at: https://github.com/davidhildenbrand/linux.git tags/denywrite-for-5.15 for you to fetch changes up to 592ca09be8333bd226f50100328a905bfc377133: fs: update documentation of get_write_access() and friends (2021-09-03 18:42:02 +0200) ---------------------------------------------------------------- Remove in-tree usage of MAP_DENYWRITE Remove all in-tree usage of MAP_DENYWRITE from the kernel and remove VM_DENYWRITE. There are some (minor) user-visible changes: 1. We no longer deny write access to shared libaries loaded via legacy uselib(); this behavior matches modern user space e.g., via dlopen(). 2. We no longer deny write access to the elf interpreter after exec completed, treating it just like shared libraries (which it often is). 3. We always deny write access to the file linked via /proc/pid/exe: sys_prctl(PR_SET_MM_MAP/EXE_FILE) will fail if write access to the file cannot be denied, and write access to the file will remain denied until the link is effectivel gone (exec, termination, sys_prctl(PR_SET_MM_MAP/EXE_FILE)) -- just as if exec'ing the file. Cross-compiled for a bunch of architectures (alpha, microblaze, i386, s390x, ...) and verified via ltp that especially the relevant tests (i.e., creat07 and execve04) continue working as expected. Signed-off-by: David Hildenbrand <david@redhat.com> ---------------------------------------------------------------- David Hildenbrand (7): binfmt: don't use MAP_DENYWRITE when loading shared libraries via uselib() kernel/fork: factor out replacing the current MM exe_file kernel/fork: always deny write access to current MM exe_file binfmt: remove in-tree usage of MAP_DENYWRITE mm: remove VM_DENYWRITE mm: ignore MAP_DENYWRITE in ksys_mmap_pgoff() fs: update documentation of get_write_access() and friends arch/x86/ia32/ia32_aout.c | 8 ++-- fs/binfmt_aout.c | 7 ++-- fs/binfmt_elf.c | 6 +-- fs/binfmt_elf_fdpic.c | 2 +- fs/exec.c | 4 +- fs/proc/task_mmu.c | 1 - include/linux/fs.h | 19 +++++---- include/linux/mm.h | 4 +- include/linux/mman.h | 4 +- include/trace/events/mmflags.h | 1 - kernel/events/core.c | 2 - kernel/fork.c | 95 +++++++++++++++++++++++++++++++++++++----- kernel/sys.c | 33 +-------------- lib/test_printf.c | 5 +-- mm/mmap.c | 29 ++----------- mm/nommu.c | 2 - 16 files changed, 119 insertions(+), 103 deletions(-)