lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <87y1gp6llg.fsf@email.froward.int.ebiederm.org> Date: Fri, 29 Sep 2023 10:32:59 -0500 From: "Eric W. Biederman" <ebiederm@...ssion.com> To: Pedro Falcato <pedro.falcato@...il.com> Cc: Kees Cook <keescook@...omium.org>, Alexander Viro <viro@...iv.linux.org.uk>, Christian Brauner <brauner@...nel.org>, linux-fsdevel@...r.kernel.org, linux-mm@...ck.org, Sebastian Ott <sebott@...hat.com>, Thomas Weißschuh <linux@...ssschuh.net>, Andrew Morton <akpm@...ux-foundation.org>, linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org Subject: Re: [PATCH v4 4/6] binfmt_elf: Use elf_load() for library Pedro Falcato <pedro.falcato@...il.com> writes: > On Fri, Sep 29, 2023 at 4:24 AM Kees Cook <keescook@...omium.org> wrote: >> >> While load_elf_library() is a libc5-ism, we can still replace most of >> its contents with elf_load() as well, further simplifying the code. > > While I understand you want to break as little as possible (as the ELF > loader maintainer), I'm wondering if we could axe CONFIG_USELIB > altogether? Since CONFIG_BINFMT_AOUT also got axed. Does this have > users anywhere? As I recall: - libc4 was a.out and used uselib. - libc5 was elf and used uselib. - libc6 is elf and has never used uselib. Anything using libc5 is extremely rare. It is an entire big process to see if there are any users in existence. In the meantime changing load_elf_library to use elf_load removes any maintenance burden. Eric
Powered by blists - more mailing lists