lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 27 Jun 2019 06:56:03 +0200
From:   Christian Brauner <christian@...uner.io>
To:     torvalds@...ux-foundation.org
Cc:     linux-kernel@...r.kernel.org, ldv@...linux.org,
        viro@...iv.linux.org.uk, jannh@...gle.com
Subject: Re: [GIT PULL] fixes for v5.2-rc7

On Wed, Jun 26, 2019 at 04:07:33PM +0200, Christian Brauner wrote:
> Hi Linus,
> 
> This pull request removes the validation of the pidfd return argument if
> CLONE_PIDFD is specified:
> 
> The following changes since commit 4b972a01a7da614b4796475f933094751a295a2f:
> 
>   Linux 5.2-rc6 (2019-06-22 16:01:36 -0700)
> 
> are available in the Git repository at:
> 
>   git@...olite.kernel.org:pub/scm/linux/kernel/git/brauner/linux tags/for-linus-20190626
> 
> for you to fetch changes up to bee19cd8f241ab3cd1bf79e03884e5371f9ef514:
> 
>   samples: make pidfd-metadata fail gracefully on older kernels (2019-06-24 15:55:50 +0200)
> 
> Userspace tools and libraries such as strace or glibc need a cheap and
> reliable way to tell whether CLONE_PIDFD is supported.
> The easiest way is to pass an invalid fd value in the return argument,
> perform the syscall and verify the value in the return argument has been
> changed to a valid fd.
> 
> However, if CLONE_PIDFD is specified we currently check if pidfd == 0 and
> return EINVAL if not.
> 
> The check for pidfd == 0 was originally added to enable us to abuse the
> return argument for passing additional flags along with CLONE_PIDFD in the
> future.
> 
> However, extending legacy clone this way would be a terrible idea and with
> clone3 on the horizon and the ability to reuse CLONE_DETACHED with
> CLONE_PIDFD there's no real need for this clutch. So remove the pidfd == 0
> check and help userspace out.
> 
> Please consider pulling these changes from the signed for-linus-20190626 tag.

Al has another patch that removes the use of anon_inode_getfd() for the
sake of anon_inode_getfile() + fd_install() to avoid the use of
ksys_close().
I'll put it in my fixes branch and send a new PR with all those fixes in
a few hours.

Thanks!
Christian

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ