From: Jessica Yu <jeyu@kernel.org>
To: Peter Zijlstra <peterz@infradead.org>
Cc: Miroslav Benes <mbenes@suse.cz>,
Josh Poimboeuf <jpoimboe@redhat.com>,
linux-kernel@vger.kernel.org,
Thomas Gleixner <tglx@linutronix.de>,
keescook@chromium.org
Subject: Re: [PATCH] module: Harden STRICT_MODULE_RWX
Date: Mon, 6 Apr 2020 14:53:37 +0200 [thread overview]
Message-ID: <20200406125336.GA21006@linux-8ccs> (raw)
In-Reply-To: <20200406112732.GK20730@hirez.programming.kicks-ass.net>
+++ Peter Zijlstra [06/04/20 13:27 +0200]:
>On Mon, Apr 06, 2020 at 12:46:17PM +0200, Jessica Yu wrote:
>> +++ Miroslav Benes [06/04/20 11:55 +0200]:
>> > On Fri, 3 Apr 2020, Josh Poimboeuf wrote:
>> >
>> > > On Fri, Apr 03, 2020 at 06:37:16PM +0200, Peter Zijlstra wrote:
>> > > > +{
>> > > > + int i;
>> > > > +
>> > > > + for (i = 0; i < hdr->e_shnum; i++) {
>> > > > + if (sechdrs[i].sh_flags & (SHF_EXECINSTR|SHF_WRITE))
>> > > > + return -ENOEXEC;
>> > >
>> > > I think you only want the error when both are set?
>> > >
>> > > if (sechdrs[i].sh_flags & (SHF_EXECINSTR|SHF_WRITE) == (SHF_EXECINSTR|SHF_WRITE))
>> >
>> > A section with SHF_EXECINSTR and SHF_WRITE but without SHF_ALLOC would be
>> > strange though, no? It wouldn't be copied to the final module later
>> > anyway.
>>
>> That's right - move_module() ignores !SHF_ALLOC sections and does not
>> copy them over to their final location. So I think we want to look for
>> SHF_EXECINSTR|SHF_WRITE|SHF_ALLOC here..
>
>So I did notice that !SHF_ALLOC sections get ignored, but since this
>check is about W^X we don't strictly care about SHF_ALLOC. What we care
>about it never allowing a writable and executable map.
>
>Adding ALLOC to the test only allows for future mistakes and doesn't
>make the check any better.
Ugh sorry, my brain shorted out and for some reason I mistakenly
thought the check excluded SHF_WRITE|SHF_EXECINSTR|SHF_ALLOC sections.
It doesn't obviously. Sorry for the noise.
next prev parent reply other threads:[~2020-04-06 12:53 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-03 16:37 [PATCH] module: Harden STRICT_MODULE_RWX Peter Zijlstra
2020-04-03 16:56 ` Josh Poimboeuf
2020-04-03 17:08 ` Peter Zijlstra
2020-04-06 9:55 ` Miroslav Benes
2020-04-06 10:46 ` Jessica Yu
2020-04-06 11:27 ` Peter Zijlstra
2020-04-06 12:53 ` Jessica Yu [this message]
2020-04-06 14:11 ` Peter Zijlstra
2020-04-07 7:43 ` Miroslav Benes
2020-04-09 16:55 ` Miroslav Benes
2020-04-10 9:04 ` Jessica Yu
2020-04-03 16:59 ` Josh Poimboeuf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200406125336.GA21006@linux-8ccs \
--to=jeyu@kernel.org \
--cc=jpoimboe@redhat.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mbenes@suse.cz \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.