| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 09 Mar 2022 10:29:10 -0600
From: "Eric W. Biederman" <ebiederm@...ssion.com>
To: Kees Cook <keescook@...omium.org>
Cc: Matthew Wilcox <willy@...radead.org>,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
Alexander Viro <viro@...iv.linux.org.uk>,
Denys Vlasenko <vda.linux@...glemail.com>,
Vlastimil Babka <vbabka@...e.cz>,
"Liam R . Howlett" <liam.howlett@...cle.com>,
Jann Horn <jannh@...gle.com>, linux-mm@...ck.org
Subject: Re: [GIT PULL] Fix fill_files_note
Kees Cook <keescook@...omium.org> writes:
> On Tue, Mar 08, 2022 at 01:35:03PM -0600, Eric W. Biederman wrote:
>>
>> Kees,
>>
>> Please pull the coredump-vma-snapshot-fix branch from the git tree:
>>
>> git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git coredump-vma-snapshot-fix
>>
>> HEAD: 390031c942116d4733310f0684beb8db19885fe6 coredump: Use the vma snapshot in fill_files_note
>>
>> Matthew Wilcox has reported that a missing mmap_lock in file_files_note,
>> which could cause trouble.
>>
>> Refactor the code and clean it up so that the vma snapshot makes
>> it to fill_files_note, and then use the vma snapshot in fill_files_note.
>>
>> Eric W. Biederman (5):
>> coredump: Move definition of struct coredump_params into coredump.h
>> coredump: Snapshot the vmas in do_coredump
>> coredump: Remove the WARN_ON in dump_vma_snapshot
>> coredump/elf: Pass coredump_params into fill_note_info
>> coredump: Use the vma snapshot in fill_files_note
>>
>> fs/binfmt_elf.c | 66 ++++++++++++++++++++++--------------------------
>> fs/binfmt_elf_fdpic.c | 18 +++++--------
>> fs/binfmt_flat.c | 1 +
>> fs/coredump.c | 59 ++++++++++++++++++++++++++++---------------
>> include/linux/binfmts.h | 13 +---------
>> include/linux/coredump.h | 20 ++++++++++++---
>> 6 files changed, 93 insertions(+), 84 deletions(-)
>>
>> ---
>>
>> Kees I realized I needed to rebase this on Jann Horn's commit
>> 84158b7f6a06 ("coredump: Also dump first pages of non-executable ELF
>> libraries"). Unfortunately before I got that done I got distracted and
>> these changes have been sitting in limbo for most of the development
>> cycle. Since you are running a tree that is including changes like this
>> including Jann's can you please pull these changes into your tree.
>
> Sure! Can you make a signed tag for this pull?
Not yet.
Hopefully I will get the time to set that up soon, but I am not at all
setup to do signed tags at this point.
> If it helps, my workflow look like this, though I assume there might be
> better ways. (tl;dr: "git tag -s TAG BRANCH")
>
>
> PULL_BRANCH=name-of-branch
> BASE=sha-of-base
> FOR=someone
> TOPIC=topic-name
>
> TAG="for-$FOR/$TOPIC"
> SIGNED=~/.pull-request-signed-"$TAG"
> echo "$TOPIC update" > "$SIGNED"
> git request-pull "$BASE" git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git "$PULL_BRANCH" | awk '{print "# " $0}' >> "$SIGNED"
> vi "$SIGNED"
>
> git tag -sF "$SIGNED" "$TAG" "$PULL_BRANCH"
> git push origin "$PULL_BRANCH"
> git push origin +"$TAG"
Thanks. That looks like a good place to start.
Eric
Powered by blists - more mailing lists