[PATCH openEuler-22.09 4/4] fs: add sysctl knob for exec_hugetlb

From: Liu Zixian liuzixian4@huawei.com

euleros inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4X1VR CVE: NA

------------ If we have a bug in this feature, users can disable exec_hugetlb without changing application binaries.

Signed-off-by: Liu Zixian liuzixian4@huawei.com Reviewed-by: Zhou Kang zhoukang7@huawei.com Reviewed-by: Kefeng Wang wangkefeng.wang@huawei.com --- fs/binfmt_elf.c | 4 ++-- fs/exec.c | 4 ++++ include/linux/elf.h | 4 ++++ kernel/sysctl.c | 11 +++++++++++ 4 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c index 01c45582a910..16abbd7f6fc2 100644 --- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c @@ -474,7 +474,7 @@ static unsigned long elf_map(struct file *filep, unsigned long addr, return addr;

#ifdef CONFIG_EXEC_HUGETLB - if (eppnt->p_flags & PF_HUGETLB) + if (exec_hugetlb && (eppnt->p_flags & PF_HUGETLB)) return elf_hugetlb_map(filep, addr, eppnt, prot, type, total_size); #endif @@ -1308,7 +1308,7 @@ static int load_elf_binary(struct linux_binprm *bprm) * bss is allocated in elf_hugetlb_bss, * so skip vm_brk_flags in set_brk */ - if (elf_ppnt->p_flags & PF_HUGETLB) + if (exec_hugetlb && (elf_ppnt->p_flags & PF_HUGETLB)) elf_bss = elf_brk = ELF_HPAGEALIGN(elf_brk); #endif } diff --git a/fs/exec.c b/fs/exec.c index 4c2d18061633..cf2077bffc0a 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -74,6 +74,10 @@

#include <trace/events/sched.h>

+#ifdef CONFIG_EXEC_HUGETLB +int exec_hugetlb; +#endif + static int bprm_creds_from_file(struct linux_binprm *bprm);

int suid_dumpable = 0; diff --git a/include/linux/elf.h b/include/linux/elf.h index 5d5b0321da0b..3e64eab03384 100644 --- a/include/linux/elf.h +++ b/include/linux/elf.h @@ -99,4 +99,8 @@ static inline int arch_elf_adjust_prot(int prot, } #endif

+#ifdef CONFIG_EXEC_HUGETLB +extern int exec_hugetlb; +#endif + #endif /* _LINUX_ELF_H */ diff --git a/kernel/sysctl.c b/kernel/sysctl.c index d1243d1150b2..a0df602c9372 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -3543,6 +3543,17 @@ static struct ctl_table fs_table[] = { .proc_handler = proc_dointvec_minmax, .extra1 = SYSCTL_ONE, }, +#ifdef CONFIG_EXEC_HUGETLB + { + .procname = "exec-use-hugetlb", + .data = &exec_hugetlb, + .maxlen = sizeof(exec_hugetlb), + .mode = 0600, + .proc_handler = proc_dointvec_minmax, + .extra1 = SYSCTL_ZERO, + .extra2 = SYSCTL_ONE, + }, +#endif { } };