Hi,
This short series refactors the way pointers to the stack are manipulated in binfmt_elf. The changes are generic and arguably improve binfmt_elf, but the main objective is to eliminate unnecessary creation of capabilities in PCuABI (through calls to uaddr_to_user_ptr_safe()). This is done by using an actual user pointer to keep track of the current position on the stack, and writing all data through that pointer, instead of using an addresss and creating a new user pointer for every access. This is what patch 1 does. Patch 2 simplifies the elf_stack_put_user* macros we previously introduced, as we do not need them to do something special in PCuABI any more.
This series should help with further work on restricting initial capabilities [1]. It does not have any user-visible effect itself however. The new "root stack capability" is still unrestricted, but the fact that all capabilities to the stack are derived from it means that any later narrowing of its bounds or permissions will automatically propagate.
Note that these changes are mostly orthogonal to Téo's series [2] that partially addresses [1]; it just means that using uaddr_to_user_ptr_safe() is no longer necessary to derive the argv / envp capabilities.
Review branch:
https://git.morello-project.org/kbrodsky-arm/linux/-/commits/morello/binfmt_...
Thanks, Kevin
[1] https://git.morello-project.org/morello/kernel/linux/-/issues/19 [2] https://op-lists.linaro.org/archives/list/linux-morello@op-lists.linaro.org/...
Kevin Brodsky (2): fs/binfmt_elf: Improve SP manipulation in PCuABI fs/binfmt_elf: Simplify elf_stack_put_user*
fs/binfmt_elf.c | 85 +++++++++++++++++++++++------------------- fs/compat_binfmt_elf.c | 9 +---- include/linux/elf.h | 12 +----- 3 files changed, 48 insertions(+), 58 deletions(-)