From: deraadt Date: Wed, 21 Aug 2024 03:16:25 +0000 (+0000) Subject: If binaries lack a pintable, execve() can now reject them at startup X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=48434b30cb59a1ff3c53f43d26ff75c25bfba19a;p=openbsd If binaries lack a pintable, execve() can now reject them at startup by returning EINVAL, rather than at runtime when the first system call occurs (and then probably dumping core). Let's find out if there are any surprising exceptions we were unaware of (would need a custom linker, or a non-crt0 runtime) errno discussions with kettenis, sthen, millert. Vague concensus it is worth trying now. --- diff --git a/sys/kern/exec_elf.c b/sys/kern/exec_elf.c index f6314803585..a9fb9211bdc 100644 --- a/sys/kern/exec_elf.c +++ b/sys/kern/exec_elf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: exec_elf.c,v 1.189 2024/08/21 03:07:45 deraadt Exp $ */ +/* $OpenBSD: exec_elf.c,v 1.190 2024/08/21 03:16:25 deraadt Exp $ */ /* * Copyright (c) 1996 Per Fogelstrom @@ -570,6 +570,9 @@ elf_load_file(struct proc *p, char *path, struct exec_package *epp, pr->ps_pin.pn_pins = pins; pr->ps_pin.pn_npins = npins; } + } else { + error = EINVAL; /* no pin table */ + goto bad1; } vn_marktext(nd.ni_vp);