From: Yu-cheng Yu <yu-cheng.yu@intel.com>
To: Dave Martin <Dave.Martin@arm.com>, linux-kernel@vger.kernel.org
Cc: linux-arch@vger.kernel.org, Kees Cook <keescook@chromium.org>,
Thomas Gleixner <tglx@linutronix.de>,
Jann Horn <jannh@google.com>, "H.J. Lu" <hjl.tools@gmail.com>,
Eugene Syromiatnikov <esyr@redhat.com>,
Florian Weimer <fweimer@redhat.com>,
Peter Zijlstra <peterz@infradead.org>
Subject: Re: [RFC PATCH 2/2] ELF: Add ELF program property parsing support
Date: Tue, 20 Aug 2019 14:40:54 -0700 [thread overview]
Message-ID: <bd4caadd8a9110bbbcfb4e8748d0bb416161d8e3.camel@intel.com> (raw)
In-Reply-To: <1566295063-7387-3-git-send-email-Dave.Martin@arm.com>
On Tue, 2019-08-20 at 10:57 +0100, Dave Martin wrote:
> ELF program properties will needed for detecting whether to enable
> optional architecture or ABI features for a new ELF process.
>
> For now, there are no generic properties that we care about, so do
> nothing unless CONFIG_ARCH_USE_GNU_PROPERTY=y.
>
> Otherwise, the presence of properties using the PT_PROGRAM_PROPERTY
> phdrs entry (if any), and notify each property to the arch code.
>
> For now, the added code is not used.
>
> Signed-off-by: Dave Martin <Dave.Martin@arm.com>
> ---
> fs/binfmt_elf.c | 109
> +++++++++++++++++++++++++++++++++++++++++++++++
> fs/compat_binfmt_elf.c | 4 ++
> include/linux/elf.h | 21 +++++++++
> include/uapi/linux/elf.h | 4 ++
> 4 files changed, 138 insertions(+)
>
> diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
> index d4e11b2..52f4b96 100644
> --- a/fs/binfmt_elf.c
> +++ b/fs/binfmt_elf.c
> @@ -39,12 +39,18 @@
> #include <linux/sched/coredump.h>
> #include <linux/sched/task_stack.h>
> #include <linux/sched/cputime.h>
> +#include <linux/sizes.h>
> +#include <linux/types.h>
> #include <linux/cred.h>
> #include <linux/dax.h>
> #include <linux/uaccess.h>
> #include <asm/param.h>
> #include <asm/page.h>
>
> +#ifndef ELF_COMPAT
> +#define ELF_COMPAT 0
> +#endif
> +
> #ifndef user_long_t
> #define user_long_t long
> #endif
> @@ -690,6 +696,93 @@ static unsigned long randomize_stack_top(unsigned long
> stack_top)
> #endif
> }
>
> +static int parse_elf_property(const void **prop, size_t *notesz,
> + struct arch_elf_state *arch)
> +{
> + const struct gnu_property *pr = *prop;
> + size_t sz = *notesz;
> + int ret;
> + size_t step;
> +
> + BUG_ON(sz < sizeof(*pr));
> +
> + if (sizeof(*pr) > sz)
> + return -EIO;
> +
> + if (pr->pr_datasz > sz - sizeof(*pr))
> + return -EIO;
> +
> + step = round_up(sizeof(*pr) + pr->pr_datasz, elf_gnu_property_align);
> + if (step > sz)
> + return -EIO;
> +
> + ret = arch_parse_elf_property(pr->pr_type, *prop + sizeof(*pr),
> + pr->pr_datasz, ELF_COMPAT, arch);
> + if (ret)
> + return ret;
> +
> + *prop += step;
> + *notesz -= step;
> + return 0;
> +}
> +
> +#define NOTE_DATA_SZ SZ_1K
> +#define GNU_PROPERTY_TYPE_0_NAME "GNU"
> +#define NOTE_NAME_SZ (sizeof(GNU_PROPERTY_TYPE_0_NAME))
> +
> +static int parse_elf_properties(struct file *f, const struct elf_phdr *phdr,
> + struct arch_elf_state *arch)
> +{
> + ssize_t n;
> + loff_t pos = phdr->p_offset;
> + union {
> + struct elf_note nhdr;
> + char data[NOTE_DATA_SZ];
> + } note;
> + size_t off, notesz;
> + const void *prop;
> + int ret;
> +
> + if (!IS_ENABLED(ARCH_USE_GNU_PROPERTY))
> + return 0;
> +
> + BUG_ON(phdr->p_type != PT_GNU_PROPERTY);
> +
> + /* If the properties are crazy large, that's too bad (for now): */
> + if (phdr->p_filesz > sizeof(note))
> + return -ENOEXEC;
> + n = kernel_read(f, ¬e, phdr->p_filesz, &pos);
> +
> + BUILD_BUG_ON(sizeof(note) < sizeof(note.nhdr) + NOTE_NAME_SZ);
> + if (n < 0 || n < sizeof(note.nhdr) + NOTE_NAME_SZ)
> + return -EIO;
> +
> + if (note.nhdr.n_type != NT_GNU_PROPERTY_TYPE_0 ||
> + note.nhdr.n_namesz != NOTE_NAME_SZ ||
> + strncmp(note.data + sizeof(note.nhdr),
> + GNU_PROPERTY_TYPE_0_NAME, n - sizeof(note.nhdr)))
> + return -EIO;
> +
> + off = round_up(sizeof(note.nhdr) + NOTE_NAME_SZ,
> + elf_gnu_property_align);
> + if (off > n)
> + return -EIO;
> +
> + prop = (const struct gnu_property *)(note.data + off);
> + notesz = n - off;
> + if (note.nhdr.n_descsz > notesz)
> + return -EIO;
> +
> + while (notesz) {
> + BUG_ON(((char *)prop - note.data) % elf_gnu_property_align);
> + ret = parse_elf_property(&prop, ¬esz, arch);
Properties need to be in ascending order. Can we keep track of it from here.
Also, can we replace BUG_ON with returning an error.
Thanks,
Yu-cheng
next prev parent reply other threads:[~2019-08-20 21:50 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-20 9:57 [RFC PATCH 0/2] ELF: Alternate program property parser Dave Martin
2019-08-20 9:57 ` [RFC PATCH 1/2] ELF: UAPI and Kconfig additions for ELF program properties Dave Martin
2019-08-20 9:57 ` [RFC PATCH 2/2] ELF: Add ELF program property parsing support Dave Martin
2019-08-20 21:40 ` Yu-cheng Yu [this message]
2019-08-21 9:20 ` Dave Martin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bd4caadd8a9110bbbcfb4e8748d0bb416161d8e3.camel@intel.com \
--to=yu-cheng.yu@intel.com \
--cc=Dave.Martin@arm.com \
--cc=esyr@redhat.com \
--cc=fweimer@redhat.com \
--cc=hjl.tools@gmail.com \
--cc=jannh@google.com \
--cc=keescook@chromium.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox