Re: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
From: Florian Weimer <fweimer@xxxxxxxxxx>
Date: Fri, 15 May 2020 10:43:34 +0200
Cc: Mickaël Salaün <mic@xxxxxxxxxxx>, Al Viro <viro@xxxxxxxxxxxxxxxxxx>, Aleksa Sarai <cyphar@xxxxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxx>, Mimi Zohar <zohar@xxxxxxxxxxxxx>, Stephen Smalley <stephen.smalley.work@xxxxxxxxx>, Christian Heimes <christian@xxxxxxxxxx>, Deven Bowers <deven.desai@xxxxxxxxxxxxxxxxxxx>, Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>, John Johansen <john.johansen@xxxxxxxxxxxxx>, Kentaro Takeda <takedakn@xxxxxxxxxxxxx>, "Lev R. Oshvang ." <levonshe@xxxxxxxxx>, Alexei Starovoitov <ast@xxxxxxxxxx>, Daniel Borkmann <daniel@xxxxxxxxxxxxx>, Eric Chiang <ericchiang@xxxxxxxxxx>, James Morris <jmorris@xxxxxxxxx>, Jan Kara <jack@xxxxxxx>, Jann Horn <jannh@xxxxxxxxxx>, Jonathan Corbet <corbet@xxxxxxx>, Lakshmi Ramasubramanian <nramas@xxxxxxxxxxxxxxxxxxx>, Matthew Garrett <mjg59@xxxxxxxxxx>, Matthew Wilcox <willy@xxxxxxxxxxxxx>, Michael Kerrisk <mtk.manpages@xxxxxxxxx>, Mickaël Salaün <mickael.salaun@xxxxxxxxxxx>, Philippe Trébuchet <philippe.trebuchet@xxxxxxxxxxx>, Scott Shell <scottsh@xxxxxxxxxxxxx>, Sean Christopherson <sean.j.christopherson@xxxxxxxxx>, Shuah Khan <shuah@xxxxxxxxxx>, Steve Dower <steve.dower@xxxxxxxxxx>, Steve Grubb <sgrubb@xxxxxxxxxx>, Thibaut Sautereau <thibaut.sautereau@xxxxxxxxxxx>, Vincent Strubel <vincent.strubel@xxxxxxxxxxx>, linux-kernel <linux-kernel@xxxxxxxxxxxxxxx>, kernel-hardening@xxxxxxxxxxxxxxxxxx, linux-api@xxxxxxxxxxxxxxx, linux-integrity@xxxxxxxxxxxxxxx, LSM List <linux-security-module@xxxxxxxxxxxxxxx>, Linux FS Devel <linux-fsdevel@xxxxxxxxxxxxxxx>
In-reply-to: <202005142343.D580850@keescook> (Kees Cook's message of "Fri, 15 May 2020 01:01:32 -0700")
References: <20200505153156.925111-1-mic@digikod.net> <20200505153156.925111-4-mic@digikod.net> <CAEjxPJ7y2G5hW0WTH0rSrDZrorzcJ7nrQBjfps2OWV5t1BUYHw@mail.gmail.com> <202005131525.D08BFB3@keescook> <202005132002.91B8B63@keescook> <CAEjxPJ7WjeQAz3XSCtgpYiRtH+Jx-UkSTaEcnVyz_jwXKE3dkw@mail.gmail.com> <202005140830.2475344F86@keescook> <CAEjxPJ4R_juwvRbKiCg5OGuhAi1ZuVytK4fKCDT_kT6VKc8iRg@mail.gmail.com> <b740d658-a2da-5773-7a10-59a0ca52ac6b@digikod.net> <202005142343.D580850@keescook>
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux)

* Kees Cook:

> Maybe I've missed some earlier discussion that ruled this out, but I
> couldn't find it: let's just add O_EXEC and be done with it. It actually
> makes the execve() path more like openat2() and is much cleaner after
> a little refactoring. Here are the results, though I haven't emailed it
> yet since I still want to do some more testing:
> https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git/log/?h=kspp/o_exec/v1

I think POSIX specifies O_EXEC in such a way that it does not confer
read permissions.  This seems incompatible with what we are trying to
achieve here.

Thanks,
Florian

Follow-Ups:
- Re: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
  - From: Kees Cook

References:
- [PATCH v5 0/6] Add support for O_MAYEXEC
  - From: Mickaël Salaün
- [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
  - From: Mickaël Salaün
- Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
  - From: Stephen Smalley
- Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
  - From: Kees Cook
- Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
  - From: Kees Cook
- Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
  - From: Stephen Smalley
- Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
  - From: Kees Cook
- Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
  - From: Stephen Smalley
- Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
  - From: Mickaël Salaün
- How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
  - From: Kees Cook

Prev by Date: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
Next by Date: Re: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
Previous by thread: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
Next by thread: Re: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
Index(es):
- Date
- Thread

[Index of Archives] [Linux USB Devel] [Video for Linux] [Linux Audio Users] [Yosemite News] [Linux Kernel] [Linux SCSI]