lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 5 Apr 2012 13:29:04 -0700
From:	Matt Helsley <matthltc@...ibm.com>
To:	Cyrill Gorcunov <gorcunov@...nvz.org>
Cc:	Matt Helsley <matthltc@...ibm.com>,
	Konstantin Khlebnikov <khlebnikov@...nvz.org>,
	Oleg Nesterov <oleg@...hat.com>,
	"linux-mm@...ck.org" <linux-mm@...ck.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	Eric Paris <eparis@...hat.com>,
	"linux-security-module@...r.kernel.org" 
	<linux-security-module@...r.kernel.org>,
	"oprofile-list@...ts.sf.net" <oprofile-list@...ts.sf.net>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Al Viro <viro@...iv.linux.org.uk>
Subject: Re: [PATCH 6/7] mm: kill vma flag VM_EXECUTABLE

On Tue, Apr 03, 2012 at 11:32:04PM +0400, Cyrill Gorcunov wrote:
> On Tue, Apr 03, 2012 at 11:16:31AM -0700, Matt Helsley wrote:
> > On Tue, Apr 03, 2012 at 09:10:20AM +0400, Konstantin Khlebnikov wrote:
> > > Matt Helsley wrote:
> > > >On Sat, Mar 31, 2012 at 10:13:24PM +0200, Oleg Nesterov wrote:
> > > >>On 03/31, Konstantin Khlebnikov wrote:
> > > >>>
> > > >>>comment from v2.6.25-6245-g925d1c4 ("procfs task exe symlink"),
> > > >>>where all this stuff was introduced:
> > > >>>
> > > >>>>...
> > > >>>>This avoids pinning the mounted filesystem.
> > > >>>
> > > >>>So, this logic is hooked into every file mmap/unmmap and vma split/merge just to
> > > >>>fix some hypothetical pinning fs from umounting by mm which already unmapped all
> > > >>>its executable files, but still alive. Does anyone know any real world example?
> > > >>
> > > >>This is the question to Matt.
> > > >
> > > >This is where I got the scenario:
> > > >
> > > >https://lkml.org/lkml/2007/7/12/398
> > > 
> > > Cyrill Gogcunov's patch "c/r: prctl: add ability to set new mm_struct::exe_file"
> > > gives userspace ability to unpin vfsmount explicitly.
> > 
> > Doesn't that break the semantics of the kernel ABI?
> 
> Which one? exe_file can be changed iif there is no MAP_EXECUTABLE left.
> Still, once assigned (via this prctl) the mm_struct::exe_file can't be changed
> again, until program exit.

The prctl() interface itself is fine as it stands now.

As far as I can tell Konstantin is proposing that we remove the unusual
counter that tracks the number of mappings of the exe_file and require
userspace use the prctl() to drop the last reference. That's what I think
will break the ABI because after that change you *must* change userspace
code to use the prctl(). It's an ABI change because the same sequence of
system calls with the same input bits produces different behavior.

Cheers,
	-Matt

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ