| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 1 May 2020 00:10:05 +1000
From: Greg Ungerer <gerg@...ux-m68k.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>,
Russell King - ARM Linux admin <linux@...linux.org.uk>
Cc: Jann Horn <jannh@...gle.com>, Nicolas Pitre <nico@...xnic.net>,
Andrew Morton <akpm@...ux-foundation.org>,
Christoph Hellwig <hch@....de>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Linux-MM <linux-mm@...ck.org>,
linux-fsdevel <linux-fsdevel@...r.kernel.org>,
Alexander Viro <viro@...iv.linux.org.uk>,
"Eric W . Biederman" <ebiederm@...ssion.com>,
Oleg Nesterov <oleg@...hat.com>,
Linux ARM <linux-arm-kernel@...ts.infradead.org>,
Mark Salter <msalter@...hat.com>,
Aurelien Jacquiot <jacquiot.aurelien@...il.com>,
linux-c6x-dev@...ux-c6x.org,
Yoshinori Sato <ysato@...rs.sourceforge.jp>,
Rich Felker <dalias@...c.org>,
Linux-sh list <linux-sh@...r.kernel.org>
Subject: Re: [PATCH v2 0/5] Fix ELF / FDPIC ELF core dumping, and use mmap_sem
properly in there
On 30/4/20 9:03 am, Linus Torvalds wrote:
> On Wed, Apr 29, 2020 at 2:57 PM Russell King - ARM Linux admin
> <linux@...linux.org.uk> wrote:
>>
>> I've never had any reason to use FDPIC, and I don't have any binaries
>> that would use it. Nicolas Pitre added ARM support, so I guess he
>> would be the one to talk to about it. (Added Nicolas.)
>
> While we're at it, is there anybody who knows binfmt_flat?
>
> It might be Nicolas too.
>
> binfmt_flat doesn't do core-dumping, but it has some other oddities.
> In particular, I'd like to bring sanity to the installation of the new
> creds, and all the _normal_ binfmt cases do it largely close together
> with setup_new_exec().
>
> binfmt_flat is doing odd things. It's doing this:
>
> /* Flush all traces of the currently running executable */
> if (id == 0) {
> ret = flush_old_exec(bprm);
> if (ret)
> goto err;
>
> /* OK, This is the point of no return */
> set_personality(PER_LINUX_32BIT);
> setup_new_exec(bprm);
> }
>
> in load_flat_file() - which is also used to loading _libraries_. Where
> it makes no sense at all.
I haven't looked at the shared lib support in there for a long time,
but I thought that "id" is only 0 for the actual final program.
Libraries have a slot or id number associated with them.
> It does the
>
> install_exec_creds(bprm);
>
> in load_flat_binary() (which makes more sense: that is only for actual
> binary loading, no library case).
>
> I would _like_ for every binfmt loader to do
>
> /* Flush all traces of the currently running executable */
> retval = flush_old_exec(bprm);
> if (retval)
> return retval;
>
> .. possibly set up personalities here ..
>
> setup_new_exec(bprm);
> install_exec_creds(bprm);
>
> all together, and at least merge 'setup_new_exec()' with 'install_exec_creds()'.
>
> And I think all the binfmt handlers would be ok with that, but the
> flat one in particular is really oddly set up.
>
> *Particularly* with that flush_old_exec/setup_new_exec() being done by
> the same routine that is also loading libraries (and called from
> 'calc_reloc()' from binary loading too).
>
> Adding Greg Ungerer for m68knommu. Can somebody sort out why that
> flush_old_exec/setup_new_exec() isn't in load_flat_binary() like
> install_exec_creds() is?
>
> Most of that file goes back to pre-git days. And most of the commits
> since are not so much about binfmt_flat, as they are about cleanups or
> changes elsewhere where binfmt_flat was just a victim.
I'll have a look at this.
Quick hack test shows moving setup_new_exec(bprm) to be just before
install_exec_creds(bprm) works fine for the static binaries case.
Doing the flush_old_exec(bprm) there too crashed out - I'll need to
dig into that to see why.
Regards
Greg
Powered by blists - more mailing lists