lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <984d7898-d86a-4cea-9cdf-262b9ec4bc84@p183>
Date: Wed, 19 Jun 2024 13:14:34 +0300
From: Alexey Dobriyan <adobriyan@...il.com>
To: Andrii Nakryiko <andrii@...nel.org>
Cc: linux-fsdevel@...r.kernel.org, brauner@...nel.org,
	viro@...iv.linux.org.uk, akpm@...ux-foundation.org,
	linux-kernel@...r.kernel.org, bpf@...r.kernel.org,
	gregkh@...uxfoundation.org, linux-mm@...ck.org,
	liam.howlett@...cle.com, surenb@...gle.com, rppt@...nel.org
Subject: Re: [PATCH v5 3/6] fs/procfs: add build ID fetching to PROCMAP_QUERY
 API

On Tue, Jun 18, 2024 at 03:45:22PM -0700, Andrii Nakryiko wrote:
> The need to get ELF build ID reliably is an important aspect when
> dealing with profiling and stack trace symbolization, and
> /proc/<pid>/maps textual representation doesn't help with this.

> @@ -539,6 +543,21 @@ static int do_procmap_query(struct proc_maps_private *priv, void __user *uarg)
>  		}
>  	}
>  
> +	if (karg.build_id_size) {
> +		__u32 build_id_sz;
> +
> +		err = build_id_parse(vma, build_id_buf, &build_id_sz);

This is not your bug but build_id_parse() assumes program headers
immediately follow ELF header which is not guaranteed.

> +	 * If this field is set to non-zero value, build_id_addr should point
> +	 * to valid user space memory buffer of at least build_id_size bytes.
> +	 * If set to zero, build_id_addr should be set to zero as well
> +	 */
> +	__u32 build_id_size;		/* in/out */
>  	/*
>  	 * User-supplied address of a buffer of at least vma_name_size bytes
>  	 * for kernel to fill with matched VMA's name (see vma_name_size field
> @@ -519,6 +539,14 @@ struct procmap_query {
>  	 * Should be set to zero if VMA name should not be returned.
>  	 */
>  	__u64 vma_name_addr;		/* in */
> +	/*
> +	 * User-supplied address of a buffer of at least build_id_size bytes
> +	 * for kernel to fill with matched VMA's ELF build ID, if available
> +	 * (see build_id_size field description above for details).
> +	 *
> +	 * Should be set to zero if build ID should not be returned.
> +	 */
> +	__u64 build_id_addr;		/* in */

Can this be simplified to 512-bit buffer in ioctl structure?
BUILD_ID_SIZE_MAX is 20 which is sha1.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ