diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2024-08-21 03:16:26 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2024-08-21 03:16:26 +0000 |
| commit | 684cbf0b8edc0de26da51c1f789cc31508c4715b (patch) | |
| tree | 368cf3bace5beca299b123e58ac6202364d0dd16 /sys | |
| parent | 24d75a0b14cd514df1415b959fd4960be0bcbd1c (diff) | |
If binaries lack a pintable, execve() can now reject them at startup
by returning EINVAL, rather than at runtime when the first system call
occurs (and then probably dumping core). Let's find out if there are
any surprising exceptions we were unaware of (would need a custom linker,
or a non-crt0 runtime)
errno discussions with kettenis, sthen, millert. Vague concensus it is
worth trying now.
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/kern/exec_elf.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/sys/kern/exec_elf.c b/sys/kern/exec_elf.c index f6314803585..a9fb9211bdc 100644 --- a/sys/kern/exec_elf.c +++ b/sys/kern/exec_elf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: exec_elf.c,v 1.189 2024/08/21 03:07:45 deraadt Exp $ */ +/* $OpenBSD: exec_elf.c,v 1.190 2024/08/21 03:16:25 deraadt Exp $ */ /* * Copyright (c) 1996 Per Fogelstrom @@ -570,6 +570,9 @@ elf_load_file(struct proc *p, char *path, struct exec_package *epp, pr->ps_pin.pn_pins = pins; pr->ps_pin.pn_npins = npins; } + } else { + error = EINVAL; /* no pin table */ + goto bad1; } vn_marktext(nd.ni_vp); |