Kees Cook <keescook@xxxxxxxxxxxx> writes: > Hi, > > This is the continuation of the work Eric started for handling > "p_memsz > p_filesz" in arbitrary segments (rather than just the last, > BSS, segment). I've added the suggested changes: > > - drop unused "elf_bss" variable > - report padzero() errors when PROT_WRITE is present > - refactor load_elf_interp() to use elf_load() > > This passes my quick smoke tests, but I'm still trying to construct some > more complete tests... Acked-by: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx> You might also consider using elf_load in load_elf_library. The code in load_elf_library only supports files with a single program header, and I think is only needed for libc5. The advantage is that load_elf_library would be using well tested code, vm_brk would have no callers, and padzero would only be called by elf_load, and load_elf_library would do little more than just call load_elf_library. Eric > > -Kees > > Eric W. Biederman (1): > binfmt_elf: Support segments with 0 filesz and misaligned starts > > Kees Cook (3): > binfmt_elf: elf_bss no longer used by load_elf_binary() > binfmt_elf: Provide prot bits as context for padzero() errors > binfmt_elf: Use elf_load() for interpreter > > fs/binfmt_elf.c | 192 ++++++++++++++++++------------------------------ > 1 file changed, 71 insertions(+), 121 deletions(-)
