lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 1 May 2013 15:49:20 -0700 From: Cody P Schafer <cody@...ux.vnet.ibm.com> To: Alexander Viro <viro@...iv.linux.org.uk> Cc: linux-fsdevel@...r.kernel.org, LKML <linux-kernel@...r.kernel.org>, Cody P Schafer <cody@...ux.vnet.ibm.com> Subject: [PATCH] fs/binfmt_misc: avoid accidental exec disable via binfmt_misc loop On my ubuntu system the update-binfmts command recently went berserk and added a binfmt_misc for executing x86_64 elf files via a static qemu. That static qemu is also an x86_64 elf (as are the majority of the binaries on my x86_64 system). This prevented me from execing any new programs and, due to the lack of an open root shell, made it impossible for me to disable the offending binfmt. [For anyone in a similar situation with update-binfmts going berserk, delete your native arch's qemu from /var/lib/binfmts/ to allow binfmt-support to be installed] This fix is a hack to disable binfmt_misc handlers when a loop occurs in the hope of saving the system. Ideally, it would also attempt to re-resolve the binfmt that was currently being resolved instead of failing that one and allowing all that follows, but this behavior is much better than the failure of everything that occurs right now. Signed-off-by: Cody P Schafer <cody@...ux.vnet.ibm.com> --- fs/binfmt_misc.c | 5 +++++ 1 file changed, 5 insertions(+) --- If this is considered too terrible, even adding a hack to sysrq to let me recover the system (in the future) without a system reset would be appreciated. diff --git a/fs/binfmt_misc.c b/fs/binfmt_misc.c index 751df5e..24e1ce6 100644 --- a/fs/binfmt_misc.c +++ b/fs/binfmt_misc.c @@ -197,6 +197,11 @@ static int load_misc_binary(struct linux_binprm *bprm) goto _error; retval = search_binary_handler(bprm); + if (retval == -ELOOP) { + pr_err("binfmt misc %s is involved in a loop, disabling.\n", + fmt->name); + clear_bit(Enabled, &fmt->flags); + } if (retval < 0) goto _error; -- 1.8.2.2 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists