| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 7 Jan 2020 15:50:42 +0100
From: Laurent Vivier <laurent@...ier.eu>
To: linux-kernel@...r.kernel.org,
Alexander Viro <viro@...iv.linux.org.uk>
Cc: linux-fsdevel@...r.kernel.org,
James Bottomley <James.Bottomley@...senPartnership.com>
Subject: Re: [RFC v2] binfmt_misc: pass binfmt_misc flags to the interpreter
Hi,
this change is simple, easy to read and understand but it is really
needed by user space application interpreter to know the status of the
system configuration.
Could we have a comment saying if there is a problem or if it is good to
be merged?
Thanks,
Laurent
Le 22/11/2019 à 16:08, Laurent Vivier a écrit :
> It can be useful to the interpreter to know which flags are in use.
>
> For instance, knowing if the preserve-argv[0] is in use would
> allow to skip the pathname argument.
>
> This patch uses an unused auxiliary vector, AT_FLAGS, to pass the
> content of the binfmt flags (special flags: P, F, C, O).
>
> Signed-off-by: Laurent Vivier <laurent@...ier.eu>
> ---
>
> Notes:
> v2: only pass special flags (remove Magic and Enabled flags)
>
> fs/binfmt_elf.c | 2 +-
> fs/binfmt_elf_fdpic.c | 2 +-
> fs/binfmt_misc.c | 6 ++++++
> include/linux/binfmts.h | 2 +-
> 4 files changed, 9 insertions(+), 3 deletions(-)
>
> diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
> index c5642bcb6b46..7a34c03e5857 100644
> --- a/fs/binfmt_elf.c
> +++ b/fs/binfmt_elf.c
> @@ -250,7 +250,7 @@ create_elf_tables(struct linux_binprm *bprm, struct elfhdr *exec,
> NEW_AUX_ENT(AT_PHENT, sizeof(struct elf_phdr));
> NEW_AUX_ENT(AT_PHNUM, exec->e_phnum);
> NEW_AUX_ENT(AT_BASE, interp_load_addr);
> - NEW_AUX_ENT(AT_FLAGS, 0);
> + NEW_AUX_ENT(AT_FLAGS, bprm->fmt_flags);
> NEW_AUX_ENT(AT_ENTRY, exec->e_entry);
> NEW_AUX_ENT(AT_UID, from_kuid_munged(cred->user_ns, cred->uid));
> NEW_AUX_ENT(AT_EUID, from_kuid_munged(cred->user_ns, cred->euid));
> diff --git a/fs/binfmt_elf_fdpic.c b/fs/binfmt_elf_fdpic.c
> index d86ebd0dcc3d..8fe839be125e 100644
> --- a/fs/binfmt_elf_fdpic.c
> +++ b/fs/binfmt_elf_fdpic.c
> @@ -647,7 +647,7 @@ static int create_elf_fdpic_tables(struct linux_binprm *bprm,
> NEW_AUX_ENT(AT_PHENT, sizeof(struct elf_phdr));
> NEW_AUX_ENT(AT_PHNUM, exec_params->hdr.e_phnum);
> NEW_AUX_ENT(AT_BASE, interp_params->elfhdr_addr);
> - NEW_AUX_ENT(AT_FLAGS, 0);
> + NEW_AUX_ENT(AT_FLAGS, bprm->fmt_flags);
> NEW_AUX_ENT(AT_ENTRY, exec_params->entry_addr);
> NEW_AUX_ENT(AT_UID, (elf_addr_t) from_kuid_munged(cred->user_ns, cred->uid));
> NEW_AUX_ENT(AT_EUID, (elf_addr_t) from_kuid_munged(cred->user_ns, cred->euid));
> diff --git a/fs/binfmt_misc.c b/fs/binfmt_misc.c
> index cdb45829354d..25a392f23409 100644
> --- a/fs/binfmt_misc.c
> +++ b/fs/binfmt_misc.c
> @@ -48,6 +48,9 @@ enum {Enabled, Magic};
> #define MISC_FMT_OPEN_BINARY (1 << 30)
> #define MISC_FMT_CREDENTIALS (1 << 29)
> #define MISC_FMT_OPEN_FILE (1 << 28)
> +#define MISC_FMT_FLAGS_MASK (MISC_FMT_PRESERVE_ARGV0 | MISC_FMT_OPEN_BINARY | \
> + MISC_FMT_CREDENTIALS | MISC_FMT_OPEN_FILE)
> +
>
> typedef struct {
> struct list_head list;
> @@ -149,6 +152,9 @@ static int load_misc_binary(struct linux_binprm *bprm)
> if (!fmt)
> return retval;
>
> + /* pass special flags to the interpreter */
> + bprm->fmt_flags = fmt->flags & MISC_FMT_FLAGS_MASK;
> +
> /* Need to be able to load the file after exec */
> retval = -ENOENT;
> if (bprm->interp_flags & BINPRM_FLAGS_PATH_INACCESSIBLE)
> diff --git a/include/linux/binfmts.h b/include/linux/binfmts.h
> index b40fc633f3be..dae0d0d7b84d 100644
> --- a/include/linux/binfmts.h
> +++ b/include/linux/binfmts.h
> @@ -60,7 +60,7 @@ struct linux_binprm {
> different for binfmt_{misc,script} */
> unsigned interp_flags;
> unsigned interp_data;
> - unsigned long loader, exec;
> + unsigned long loader, exec, fmt_flags;
>
> struct rlimit rlim_stack; /* Saved RLIMIT_STACK used during exec. */
>
>
Powered by blists - more mailing lists