lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20e6c345-b984-7b28-4d3f-c8f3799b8579@vivier.eu>
Date:   Wed, 15 Jan 2020 15:07:05 +0100
From:   Laurent Vivier <laurent@...ier.eu>
To:     Al Viro <viro@...iv.linux.org.uk>
Cc:     linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
        James Bottomley <James.Bottomley@...senpartnership.com>,
        YunQiang Su <ysu@...ecomp.com>
Subject: Re: [RFC v2] binfmt_misc: pass binfmt_misc flags to the interpreter

Le 15/01/2020 à 14:55, Al Viro a écrit :
> On Wed, Jan 15, 2020 at 01:19:16PM +0100, Laurent Vivier wrote:
>> Le 07/01/2020 à 15:50, Laurent Vivier a écrit :
>>> Hi,
>>>
>>> this change is simple, easy to read and understand but it is really
>>> needed by user space application interpreter to know the status of the
>>> system configuration.
>>>
>>> Could we have a comment saying if there is a problem or if it is good to
>>> be merged?
>>
>> Anyone?
> 
> 	FWIW, one thing that looks worrying here is that these bits become
> userland ABI after this patch - specific values passed in that thing
> can't be changed.  And no a single mention of that in fs/binfmt_misc.c,
> leaving a nasty trap.  As far as one can tell, their values are fair game
> for reordering, etc. - not even visible outside of fs/binfmt_misc.c;
> purely internal constants.  And the effect of such modifications after
> your patch will not be "everything breaks, patch gets caught by somebody's
> tests" - it will be a quiet breakage for some users.
> 
>>>>  #define MISC_FMT_OPEN_BINARY (1 << 30)
>>>>  #define MISC_FMT_CREDENTIALS (1 << 29)
>>>>  #define MISC_FMT_OPEN_FILE (1 << 28)
>>>> +#define MISC_FMT_FLAGS_MASK (MISC_FMT_PRESERVE_ARGV0 | MISC_FMT_OPEN_BINARY | \
>>>> +			     MISC_FMT_CREDENTIALS | MISC_FMT_OPEN_FILE)
> 
> IOW, you are making those parts of userland ABI cast in stone forever.
> Whether this bit assignment does make sense or not, such things really
> should not be hidden.
> 

Thank you for your answer.

So I think the patch from YunQiang Su is a better approach than mine,
much cleaner, see:

  binfmt_misc: pass info about P flag by AT_FLAGS
  https://patchwork.kernel.org/patch/10902935/

It does the same thing as my patch but uses a dedicated value for AT_FLAGS.

Perhaps YunQiang can send a new version (without the kdebug() part)?

Thanks,
Laurent

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ