Skip to content
This repository has been archived by the owner on Jan 10, 2025. It is now read-only.

Validate Overlapping Memory Regions in ELF Loader #150

Merged
merged 5 commits into from
Apr 13, 2021
Merged

Validate Overlapping Memory Regions in ELF Loader #150

merged 5 commits into from
Apr 13, 2021

Conversation

Lichtso
Copy link

@Lichtso Lichtso commented Apr 13, 2021
edited
Loading

  • Adds a name field to the SectionInfo struct for error messages
  • Throws VirtualAddressOverlap if adjacent MemorRegions overlap in virtual address space
  • Throws OutOfBounds if sections from MM_PROGRAM_START reach into MM_STACK_START

@Lichtso Lichtso added the bug Something isn't working label Apr 13, 2021
@Lichtso Lichtso requested a review from jackcmay April 13, 2021 08:47
jackcmay
jackcmay reviewed Apr 13, 2021
View reviewed changes
src/elf.rs
vaddr: text_section.sh_addr.saturating_add(ebpf::MM_PROGRAM_START),
offset_range: text_section.file_range(),
};
if text_section_info.vaddr > ebpf::MM_STACK_START {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the overlap checks elsewhere won't catch this case?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This checks the vaddr, other places check the file offset. Or is there a specific one that does that too?

jackcmay
jackcmay reviewed Apr 13, 2021
View reviewed changes
src/elf.rs Outdated
.collect::<Vec<_>>();
ro_section_infos.sort_by(|a, b| a.vaddr.cmp(&b.vaddr));
for i in 0..ro_section_infos.len() {
if ro_section_infos[i].vaddr > ebpf::MM_STACK_START {
Copy link

@jackcmay jackcmay Apr 13, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would a final check of all regions (or on each region add) for overlapping be more robust? I like that this is focused on ELF validation but I wonder if we should have a higher level elf rejection here where any overlapping elf section should cause a failure. And, we are probably going to start adding new sections at runtime related to ephemeral accounts or whatever else we plan to map into the program space. Maybe doing this check in the memory_mappings would help solve both?

Copy link
Author

@Lichtso Lichtso Apr 13, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, I also considered that, was just a bit more involved due to introducing a Result type in the constructor of MemoryMapping. Anyway, I moved the overlap checks there.

jackcmay
jackcmay approved these changes Apr 13, 2021
View reviewed changes
Copy link

@jackcmay jackcmay left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These changes look sufficient to address the issue at hand. My comments are more related to follow-up and future considerations.

@Lichtso Lichtso force-pushed the fix/overlapping_memory_regions branch from cf876c7 to b132834 Compare April 13, 2021 10:54
@Lichtso Lichtso merged commit 2e88119 into main Apr 13, 2021
@Lichtso Lichtso deleted the fix/overlapping_memory_regions branch April 13, 2021 12:24
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@jackcmay jackcmay jackcmay approved these changes

Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Lichtso @jackcmay