Re: [PATCH 5.10.y/5.15.y] ELF: fix kernel.randomize_va_space double read

[He Zhe <zhe.he@windriver.com>]

On 2025/5/22 16:36, Greg KH wrote:
> On Thu, May 22, 2025 at 03:40:16PM +0800, He Zhe wrote:
>>
>> On 2025/5/20 19:25, Greg KH wrote:
>>> On Fri, May 09, 2025 at 02:14:15PM +0800, Feng Liu wrote:
>>>> From: Alexey Dobriyan <adobriyan@gmail.com>
>>>>
>>>> [ Upstream commit 2a97388a807b6ab5538aa8f8537b2463c6988bd2 ]
>>>>
>>>> ELF loader uses "randomize_va_space" twice. It is sysctl and can change
>>>> at any moment, so 2 loads could see 2 different values in theory with
>>>> unpredictable consequences.
>>>>
>>>> Issue exactly one load for consistent value across one exec.
>>>>
>>>> Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
>>>> Link: https://lore.kernel.org/r/3329905c-7eb8-400a-8f0a-d87cff979b5b@p183
>>>> Signed-off-by: Kees Cook <kees@kernel.org>
>>>> Signed-off-by: Feng Liu <Feng.Liu3@windriver.com>
>>>> Signed-off-by: He Zhe <Zhe.He@windriver.com>
>>>> ---
>>>> Verified the build test.
>>> No you did not!  This breaks the build.
>>>
>>> This is really really annoying as it breaks the workflow on our side
>>> when you submit code that does not work at all.
>>>
>>> Please go and retest all of the outstanding commits that you all have
>>> submitted and fix them up and resend them.  I'm dropping all of the rest
>>> of them from my pending queue as this shows a total lack of testing
>>> happening which implies that I can't trust any of these at all.
>>>
>>> And I want you all to prove that you have actually tested the code, not
>>> just this bland "Verified the build test" which is a _very_ low bar,
>>> that is not even happening here at all :(
>> Sorry for any inconvenience.
>>
>> We did do some build test on Ubuntu22.04 with the default GCC 11.4.0 and
>> defconfig on an x86_64 machine against the latest linux-stable before sending
>> the patch out. And we just redid the build test and caught below warning that
>> we missed before:
> That is a very old version of gcc, and why are you using ubuntu when
> this all should be tested on your version of Linux as that's what you
> are backporting these patches for, right?  Shouldn't you be doing this
> work for the portions of the kernel that you are actually using so that
> you can properly test this stuff?

Yes, we tested on our own version too, but also have to test build with the tree we're submitting
the patch to. So we use ubuntu22.04 for the building machine, not the one we want to replace the
kernel with.

>
>> ../fs/binfmt_elf.c: In function ‘load_elf_binary’:
>> ../fs/binfmt_elf.c:1011:9: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement]
>>  1011 |         const int snapshot_randomize_va_space = READ_ONCE(randomize_va_space);
>>       |   
> Do you think adding a new warning is ok?

Of course not, we just missed this one.

>
>> Just to be clear, is this the issue that breaks the build from your side?
> I don't remember, given that it was many hundreds of patches ago.  But
> probably.  Try it yourself and see!
>
>> We just used the default config and didn't manually enable -WERROR which is
>> disabled by default for 5.10 and 5.15. After searching around we feel that
>> we should have enabled it as suggested by
>> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b9080ba4a6ec56447f263082825a4fddb873316b
>> even for 5.10 and 5.15, so that such case wouldn't go unnoticed.
> Default configs for x86 are very limited, please do better testing.

OK, will do.

Regards,
Zhe

>
> greg k-h