lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <45e55b6b-4ee0-0700-e425-2d661de394ed@vivier.eu>
Date:   Mon, 16 Dec 2019 10:22:26 +0100
From:   Laurent Vivier <laurent@...ier.eu>
To:     linux-kernel@...r.kernel.org
Cc:     linux-fsdevel@...r.kernel.org,
        Alexander Viro <viro@...iv.linux.org.uk>,
        James Bottomley <James.Bottomley@...senPartnership.com>,
        YunQiang Su <ysu@...ecomp.com>
Subject: Re: [RFC v2] binfmt_misc: pass binfmt_misc flags to the interpreter

Hi,

this feature is really needed and requested by several binfmt_misc
users. It is difficult to manage this at user level without this
information.

I've found that someone else tried to address this problem in the past
in the same way:
https://patchwork.kernel.org/patch/10902935/

Can a maintainer/reviewer have a look at this and agrees or disagrees?

I will update getauxval(3) manual page with the new flags in the case
one of these patches is merged.

Thanks,
Laurent


Le 22/11/2019 à 16:08, Laurent Vivier a écrit :
> It can be useful to the interpreter to know which flags are in use.
> 
> For instance, knowing if the preserve-argv[0] is in use would
> allow to skip the pathname argument.
> 
> This patch uses an unused auxiliary vector, AT_FLAGS,  to pass the
> content of the binfmt flags (special flags: P, F, C, O).
> 
> Signed-off-by: Laurent Vivier <laurent@...ier.eu>
> ---
> 
> Notes:
>     v2: only pass special flags (remove Magic and Enabled flags)
> 
>  fs/binfmt_elf.c         | 2 +-
>  fs/binfmt_elf_fdpic.c   | 2 +-
>  fs/binfmt_misc.c        | 6 ++++++
>  include/linux/binfmts.h | 2 +-
>  4 files changed, 9 insertions(+), 3 deletions(-)
> 
> diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
> index c5642bcb6b46..7a34c03e5857 100644
> --- a/fs/binfmt_elf.c
> +++ b/fs/binfmt_elf.c
> @@ -250,7 +250,7 @@ create_elf_tables(struct linux_binprm *bprm, struct elfhdr *exec,
>  	NEW_AUX_ENT(AT_PHENT, sizeof(struct elf_phdr));
>  	NEW_AUX_ENT(AT_PHNUM, exec->e_phnum);
>  	NEW_AUX_ENT(AT_BASE, interp_load_addr);
> -	NEW_AUX_ENT(AT_FLAGS, 0);
> +	NEW_AUX_ENT(AT_FLAGS, bprm->fmt_flags);
>  	NEW_AUX_ENT(AT_ENTRY, exec->e_entry);
>  	NEW_AUX_ENT(AT_UID, from_kuid_munged(cred->user_ns, cred->uid));
>  	NEW_AUX_ENT(AT_EUID, from_kuid_munged(cred->user_ns, cred->euid));
> diff --git a/fs/binfmt_elf_fdpic.c b/fs/binfmt_elf_fdpic.c
> index d86ebd0dcc3d..8fe839be125e 100644
> --- a/fs/binfmt_elf_fdpic.c
> +++ b/fs/binfmt_elf_fdpic.c
> @@ -647,7 +647,7 @@ static int create_elf_fdpic_tables(struct linux_binprm *bprm,
>  	NEW_AUX_ENT(AT_PHENT,	sizeof(struct elf_phdr));
>  	NEW_AUX_ENT(AT_PHNUM,	exec_params->hdr.e_phnum);
>  	NEW_AUX_ENT(AT_BASE,	interp_params->elfhdr_addr);
> -	NEW_AUX_ENT(AT_FLAGS,	0);
> +	NEW_AUX_ENT(AT_FLAGS,	bprm->fmt_flags);
>  	NEW_AUX_ENT(AT_ENTRY,	exec_params->entry_addr);
>  	NEW_AUX_ENT(AT_UID,	(elf_addr_t) from_kuid_munged(cred->user_ns, cred->uid));
>  	NEW_AUX_ENT(AT_EUID,	(elf_addr_t) from_kuid_munged(cred->user_ns, cred->euid));
> diff --git a/fs/binfmt_misc.c b/fs/binfmt_misc.c
> index cdb45829354d..25a392f23409 100644
> --- a/fs/binfmt_misc.c
> +++ b/fs/binfmt_misc.c
> @@ -48,6 +48,9 @@ enum {Enabled, Magic};
>  #define MISC_FMT_OPEN_BINARY (1 << 30)
>  #define MISC_FMT_CREDENTIALS (1 << 29)
>  #define MISC_FMT_OPEN_FILE (1 << 28)
> +#define MISC_FMT_FLAGS_MASK (MISC_FMT_PRESERVE_ARGV0 | MISC_FMT_OPEN_BINARY | \
> +			     MISC_FMT_CREDENTIALS | MISC_FMT_OPEN_FILE)
> +
>  
>  typedef struct {
>  	struct list_head list;
> @@ -149,6 +152,9 @@ static int load_misc_binary(struct linux_binprm *bprm)
>  	if (!fmt)
>  		return retval;
>  
> +	/* pass special flags to the interpreter */
> +	bprm->fmt_flags = fmt->flags & MISC_FMT_FLAGS_MASK;
> +
>  	/* Need to be able to load the file after exec */
>  	retval = -ENOENT;
>  	if (bprm->interp_flags & BINPRM_FLAGS_PATH_INACCESSIBLE)
> diff --git a/include/linux/binfmts.h b/include/linux/binfmts.h
> index b40fc633f3be..dae0d0d7b84d 100644
> --- a/include/linux/binfmts.h
> +++ b/include/linux/binfmts.h
> @@ -60,7 +60,7 @@ struct linux_binprm {
>  				   different for binfmt_{misc,script} */
>  	unsigned interp_flags;
>  	unsigned interp_data;
> -	unsigned long loader, exec;
> +	unsigned long loader, exec, fmt_flags;
>  
>  	struct rlimit rlim_stack; /* Saved RLIMIT_STACK used during exec. */
>  
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ