| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Yhb0vB/G2a92zJJP@zeniv-ca.linux.org.uk>
Date: Thu, 24 Feb 2022 03:00:12 +0000
From: Al Viro <viro@...iv.linux.org.uk>
To: Yun Levi <ppbuk5246@...il.com>
Cc: Kees Cook <keescook@...omium.org>, ebiederm@...ssion.com,
linux-fsdevel@...r.kernel.org,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] fs/exec.c: Avoid a race in formats
On Thu, Feb 24, 2022 at 08:59:59AM +0900, Yun Levi wrote:
> I think if someone wants to control their own binfmt via "ioctl" not
> on time on LOAD.
> For example, someone wants to control exec (notification,
> allow/disallow and etc..)
> and want to enable and disable own's control exec via binfmt reg / unreg
> In that situation, While the module is loaded, binfmt is still live
> and can be reused by
> reg/unreg to enable/disable his exec' control.
Er... So have your ->load_binary() start with
if (I_want_it_disabled)
return -ENOEXEC;
and be done with that.
The only caller of that thing is
list_for_each_entry(fmt, &formats, lh) {
if (!try_module_get(fmt->module))
continue;
read_unlock(&binfmt_lock);
retval = fmt->load_binary(bprm);
read_lock(&binfmt_lock);
put_binfmt(fmt);
if (bprm->point_of_no_return || (retval != -ENOEXEC)) {
read_unlock(&binfmt_lock);
return retval;
}
}
so returning -ENOEXEC is equivalent to not having it in the list.
IDGI... Why bother unregistering/re-registering/etc.?
Powered by blists - more mailing lists