On 2024/08/07 12:51, Kees Cook wrote:
> Commit 04d82a6d0881 ("binfmt_flat: allow not offsetting data start")
> introduced a RISC-V specific variant of the FLAT format which does
> not allocate any space for the (obsolete) array of shared library
> pointers. However, it did not disable the code which initializes the
> array, resulting in the corruption of sizeof(long) bytes before the DATA
> segment, generally the end of the TEXT segment.
>
> Introduce MAX_SHARED_LIBS_UPDATE which depends on the state of
> CONFIG_BINFMT_FLAT_NO_DATA_START_OFFSET to guard the initialization of
> the shared library pointer region so that it will only be initialized
> if space is reserved for it.
>
> Fixes: 04d82a6d0881 ("binfmt_flat: allow not offsetting data start")
> Co-developed-by: Stefan O'Rear <sorear@xxxxxxxxxxxx>
> Signed-off-by: Stefan O'Rear <sorear@xxxxxxxxxxxx>
> Signed-off-by: Kees Cook <kees@xxxxxxxxxx>
Looks good to me.
Reviewed-by: Damien Le Moal <dlemoal@xxxxxxxxxx>
--
Damien Le Moal
Western Digital Research
