From: Andrei Vagin <avagin@google.com>
To: Kees Cook <kees@kernel.org>, Andrew Morton <akpm@linux-foundation.org>
Cc: Cyrill Gorcunov <gorcunov@gmail.com>,
Mike Rapoport <rppt@kernel.org>,
Alexander Mikhalitsyn <alexander@mihalicyn.com>,
linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-mm@kvack.org, criu@lists.linux.dev,
Chen Ridong <chenridong@huawei.com>,
Christian Brauner <brauner@kernel.org>,
David Hildenbrand <david@kernel.org>,
Eric Biederman <ebiederm@xmission.com>,
Lorenzo Stoakes <lorenzo.stoakes@oracle.com>,
Michal Koutny <mkoutny@suse.com>,
Andrei Vagin <avagin@google.com>,
Mark Brown <broonie@kernel.org>,
Max Filippov <jcmvbkbc@gmail.com>,
Alexander Mikhalitsyn <aleksandr.mikhalitsyn@futurfusion.io>
Subject: [PATCH 1/4] binfmt_elf_fdpic: fix AUXV size calculation for ELF_HWCAP3 and ELF_HWCAP4
Date: Tue, 17 Feb 2026 18:01:05 +0000 [thread overview]
Message-ID: <20260217180108.1420024-2-avagin@google.com> (raw)
In-Reply-To: <20260217180108.1420024-1-avagin@google.com>
Commit 4e6e8c2b757f ("binfmt_elf: Wire up AT_HWCAP3 at AT_HWCAP4") added
support for AT_HWCAP3 and AT_HWCAP4, but it missed updating the AUX
vector size calculation in create_elf_fdpic_tables() and
AT_VECTOR_SIZE_BASE in include/linux/auxvec.h.
Similar to the fix for AT_HWCAP2 in commit c6a09e342f8e ("binfmt_elf_fdpic:
fix AUXV size calculation when ELF_HWCAP2 is defined"), this omission
leads to a mismatch between the reserved space and the actual number of
AUX entries, eventually triggering a kernel BUG_ON(csp != sp).
Fix this by incrementing nitems when ELF_HWCAP3 or ELF_HWCAP4 are
defined and updating AT_VECTOR_SIZE_BASE.
Cc: Mark Brown <broonie@kernel.org>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Reviewed-by: Michal Koutný <mkoutny@suse.com>
Reviewed-by: Mark Brown <broonie@kernel.org>
Reviewed-by: Cyrill Gorcunov <gorcunov@gmail.com>
Reviewed-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@futurfusion.io>
Fixes: 4e6e8c2b757f ("binfmt_elf: Wire up AT_HWCAP3 at AT_HWCAP4")
Signed-off-by: Andrei Vagin <avagin@google.com>
---
fs/binfmt_elf_fdpic.c | 6 ++++++
include/linux/auxvec.h | 2 +-
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/fs/binfmt_elf_fdpic.c b/fs/binfmt_elf_fdpic.c
index 48fd2de3bca0..a3d4e6973b29 100644
--- a/fs/binfmt_elf_fdpic.c
+++ b/fs/binfmt_elf_fdpic.c
@@ -595,6 +595,12 @@ static int create_elf_fdpic_tables(struct linux_binprm *bprm,
#ifdef ELF_HWCAP2
nitems++;
#endif
+#ifdef ELF_HWCAP3
+ nitems++;
+#endif
+#ifdef ELF_HWCAP4
+ nitems++;
+#endif
csp = sp;
sp -= nitems * 2 * sizeof(unsigned long);
diff --git a/include/linux/auxvec.h b/include/linux/auxvec.h
index 407f7005e6d6..8bcb9b726262 100644
--- a/include/linux/auxvec.h
+++ b/include/linux/auxvec.h
@@ -4,6 +4,6 @@
#include <uapi/linux/auxvec.h>
-#define AT_VECTOR_SIZE_BASE 22 /* NEW_AUX_ENT entries in auxiliary table */
+#define AT_VECTOR_SIZE_BASE 24 /* NEW_AUX_ENT entries in auxiliary table */
/* number of "#define AT_.*" above, minus {AT_NULL, AT_IGNORE, AT_NOTELF} */
#endif /* _LINUX_AUXVEC_H */
--
2.53.0.310.g728cabbaf7-goog
next prev parent reply other threads:[~2026-02-17 18:01 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-17 18:01 [PATCH 0/4 v4] exec: inherit HWCAPs from the parent process Andrei Vagin
2026-02-17 18:01 ` Andrei Vagin [this message]
2026-02-17 18:01 ` [PATCH 2/4] " Andrei Vagin
2026-03-20 9:15 ` Marek Szyprowski
2026-03-20 18:19 ` Kees Cook
2026-03-20 20:10 ` Andrei Vagin
2026-03-23 18:19 ` Andrei Vagin
2026-02-17 18:01 ` [PATCH 3/4] mm: synchronize saved_auxv access with arg_lock Andrei Vagin
2026-02-17 18:01 ` [PATCH 4/4] selftests/exec: add test for HWCAP inheritance Andrei Vagin
2026-02-23 18:29 ` [PATCH 0/4 v4] exec: inherit HWCAPs from the parent process Andrei Vagin
2026-02-23 22:28 ` Kees Cook
2026-03-10 18:17 ` Andrei Vagin
-- strict thread matches above, loose matches on Subject: below --
2026-02-09 19:06 [PATCH 0/4 v3] " Andrei Vagin
2026-02-09 19:06 ` [PATCH 1/4] binfmt_elf_fdpic: fix AUXV size calculation for ELF_HWCAP3 and ELF_HWCAP4 Andrei Vagin
2026-02-10 19:59 ` Alexander Mikhalitsyn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260217180108.1420024-2-avagin@google.com \
--to=avagin@google.com \
--cc=akpm@linux-foundation.org \
--cc=aleksandr.mikhalitsyn@futurfusion.io \
--cc=alexander@mihalicyn.com \
--cc=brauner@kernel.org \
--cc=broonie@kernel.org \
--cc=chenridong@huawei.com \
--cc=criu@lists.linux.dev \
--cc=david@kernel.org \
--cc=ebiederm@xmission.com \
--cc=gorcunov@gmail.com \
--cc=jcmvbkbc@gmail.com \
--cc=kees@kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lorenzo.stoakes@oracle.com \
--cc=mkoutny@suse.com \
--cc=rppt@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.