Re: [ANNOUNCE] Release Digsig 1.3.1: kernel module for run-time authentication of binaries

[Serge E. Hallyn]

> > When a file is being executed, deny_write_access(file) is called to
> > prevent writing until execution completes.  Because deny_write_access
> > is not exported from fs/namei.c, we emulate this behavior for shared
> > libraries.
> 
> Hmm, ok, so you're relying on the loader to do PROT_EXEC mmaps for
> shared libraries?  Probably not required at least on x86.

Correct.

We don't pretend to stop someone from mmap'ing and executing bad code, we
only want to help someone who wants to use a legitimate library to know that
the right library is being used.

> Also, does
> this work when executing loader directly (/lib/ld.so /bin/ps), and with
> dlopen?

Yup, both of these (at least on i386) use mmap with PROT_EXEC, and go
through digsig's dsi_file_mmap check.  (I've made a note to check the
/lib/ld.so /bin/ps case on a powerpc and, if I can find one, z)

-serge
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/