lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHk-=wh_P7UR6RiYmgBDQ4L-kgmmLMziGarLsx_0bUn5vYTJUw@mail.gmail.com>
Date: Tue, 6 Aug 2024 11:33:12 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Brian Mak <makb@...iper.net>
Cc: "Eric W. Biederman" <ebiederm@...ssion.com>, Kees Cook <kees@...nel.org>, 
	Alexander Viro <viro@...iv.linux.org.uk>, Christian Brauner <brauner@...nel.org>, Jan Kara <jack@...e.cz>, 
	"linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>, "linux-mm@...ck.org" <linux-mm@...ck.org>, 
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Oleg Nesterov <oleg@...hat.com>
Subject: Re: [PATCH v3] binfmt_elf: Dump smaller VMAs first in ELF cores

On Tue, 6 Aug 2024 at 11:16, Brian Mak <makb@...iper.net> wrote:
>
> @@ -1253,5 +1266,8 @@ static bool dump_vma_snapshot(struct coredump_params *cprm)
>                 cprm->vma_data_size += m->dump_size;
>         }
>
> +       sort(cprm->vma_meta, cprm->vma_count, sizeof(*cprm->vma_meta),
> +               cmp_vma_size, NULL);
> +
>         return true;
>  }

Hmm. Realistically we only dump core in ELF, and the order of the
segments shouldn't matter.

But I wonder if we should do this in the ->core_dump() function
itself, in case it would have mattered for other dump formats?

IOW, instead of being at the bottom of dump_vma_snapshot(), maybe the
sorting should be at the top of elf_core_dump()?

And yes, in practice I doubt we'll ever have other dump formats, and
no, a.out isn't doing some miraculous comeback either.

But I bet you didn't test elf_fdpic_core_dump() even if I bet it (a)
works and (b) nobody cares.

So moving it to the ELF side might be conceptually the right thing to do?

(Or is there some reason it needs to be done at snapshot time that I
just didn't fully appreciate?)

           Linus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ