Re: Suggested Patch is not working for 22851 Bugzilla issue
From: Michal Hocko
Date: Tue Nov 19 2019 - 04:57:12 EST
Hi
let me add Kees Cook and Linus to the cc list. I didn't have much
time to study the bug report and cannot really comment on the security
aspect of it. But let me point out that a big part of
MAP_FIXED_NOREPLACE usage has been removed from the loader code just
recently because it has caused some regressions
http://lkml.kernel.org/r/20191005233227.GB25745@xxxxxxxxxxxxxxxxxxxxx
b212921b13bd ("elf: don't use MAP_FIXED_NOREPLACE for elf executable mappings").
So you definitely want to look at the current Linus tree for your future
experiments.
On Tue 19-11-19 10:37:44, Bala S wrote:
> Hi Mhocko,
>
> https://sourceware.org/bugzilla/show_bug.cgi?id=22851
> For the above issue, I have found the patch.
>
> Patch link:
> https://www.mail-archive.com/linux-kernel@xxxxxxxxxxxxxxx/msg1561935.html
>
> Only change i noticed is 'MAP_FIXED_NOREPLACE' is used instead of
> 'MAP_FIXED_SAFE'.
>
> I ran test case on the following targets with this patch:
>
> 1. For X86-64, Still i could see the reported issue( 'libevil.so' just
> runs âcat /etc/passwd')
>
> 2. For MIPS-64, i am not seeing the malicious file content as
> reported. But âlddâ could not found âlibevil.soâ.
>
> root@qemumips64:~/LIN1019-1806# ldd ./main
> linux-vdso.so.1 (0x000000fff1f20000)
> libevil.so => not found
> libc.so.6 => /lib/libc.so.6 (0x0000005e46f70000)
> /lib/ld.so.1 (0x000000fff7888000)
>
> I am not clear why this patch is not working for X86-64? But it is
> working for MIPS-64 with some issue.
> Please let me know, if anything is pending on this patch for the reported issue.
>
> Thanks,
> Bala
--
Michal Hocko
SUSE Labs