# git rev-parse -q --verify b212921b13bda088a004328457c5c21458262fe2^{commit} b212921b13bda088a004328457c5c21458262fe2 already have revision, skipping fetch # git checkout -q -f -B kisskb b212921b13bda088a004328457c5c21458262fe2 # git clean -qxdf # < git log -1 # commit b212921b13bda088a004328457c5c21458262fe2 # Author: Linus Torvalds # Date: Sun Oct 6 13:53:27 2019 -0700 # # elf: don't use MAP_FIXED_NOREPLACE for elf executable mappings # # In commit 4ed28639519c ("fs, elf: drop MAP_FIXED usage from elf_map") we # changed elf to use MAP_FIXED_NOREPLACE instead of MAP_FIXED for the # executable mappings. # # Then, people reported that it broke some binaries that had overlapping # segments from the same file, and commit ad55eac74f20 ("elf: enforce # MAP_FIXED on overlaying elf segments") re-instated MAP_FIXED for some # overlaying elf segment cases. But only some - despite the summary line # of that commit, it only did it when it also does a temporary brk vma for # one obvious overlapping case. # # Now Russell King reports another overlapping case with old 32-bit x86 # binaries, which doesn't trigger that limited case. End result: we had # better just drop MAP_FIXED_NOREPLACE entirely, and go back to MAP_FIXED. # # Yes, it's a sign of old binaries generated with old tool-chains, but we # do pride ourselves on not breaking existing setups. # # This still leaves MAP_FIXED_NOREPLACE in place for the load_elf_interp() # and the old load_elf_library() use-cases, because nobody has reported # breakage for those. Yet. # # Note that in all the cases seen so far, the overlapping elf sections # seem to be just re-mapping of the same executable with different section # attributes. We could possibly introduce a new MAP_FIXED_NOFILECHANGE # flag or similar, which acts like NOREPLACE, but allows just remapping # the same executable file using different protection flags. # # It's not clear that would make a huge difference to anything, but if # people really hate that "elf remaps over previous maps" behavior, maybe # at least a more limited form of remapping would alleviate some concerns. # # Alternatively, we should take a look at our elf_map() logic to see if we # end up not mapping things properly the first time. # # In the meantime, this is the minimal "don't do that then" patch while # people hopefully think about it more. # # Reported-by: Russell King # Fixes: 4ed28639519c ("fs, elf: drop MAP_FIXED usage from elf_map") # Fixes: ad55eac74f20 ("elf: enforce MAP_FIXED on overlaying elf segments") # Cc: Michal Hocko # Cc: Kees Cook # Signed-off-by: Linus Torvalds # < /opt/cross/kisskb/korg/gcc-8.1.0-nolibc/aarch64-linux/bin/aarch64-linux-gcc --version # < /opt/cross/kisskb/korg/gcc-8.1.0-nolibc/aarch64-linux/bin/aarch64-linux-ld --version # < git log --format=%s --max-count=1 b212921b13bda088a004328457c5c21458262fe2 # < make -s -j 10 ARCH=arm64 O=/kisskb/build/linus-rand_arm64-randconfig_arm64-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/aarch64-linux/bin/aarch64-linux- randconfig KCONFIG_SEED=0x23BDC5D6 # Added to kconfig CONFIG_PREVENT_FIRMWARE_BUILD=y # yes \n | make -s -j 10 ARCH=arm64 O=/kisskb/build/linus-rand_arm64-randconfig_arm64-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/aarch64-linux/bin/aarch64-linux- oldconfig yes: standard output: Broken pipe # make -s -j 10 ARCH=arm64 O=/kisskb/build/linus-rand_arm64-randconfig_arm64-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/aarch64-linux/bin/aarch64-linux- arch/arm64/Makefile:62: CROSS_COMPILE_COMPAT not defined or empty, the compat vDSO will not be built arch/arm64/Makefile:62: CROSS_COMPILE_COMPAT not defined or empty, the compat vDSO will not be built Completed OK # rm -rf /kisskb/build/linus-rand_arm64-randconfig_arm64-gcc8 # Build took: 0:04:16.368386