lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20241116214832.GD3387508@ZenIV>
Date: Sat, 16 Nov 2024 21:48:32 +0000
From: Al Viro <viro@...iv.linux.org.uk>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Nir Lichtman <nir@...htman.org>, ebiederm@...ssion.com, kees@...nel.org,
	brauner@...nel.org, jack@...e.cz, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] exec: make printable macro more concise

On Sat, Nov 16, 2024 at 08:49:39AM -0800, Linus Torvalds wrote:

> The original ctype array was US-ASCII only, and at some point in the
> random past it got changed to be based on Latin1. Maybe indeed 1.3.60
> as you say, I didn't go digging around.

Almost certainly unrelated.
0.10:
	initial support of #! in do_execve()
0.99.12:
	binfmt added; array, with aout as the hardwired first entry.
	#! handling happens prior to looking through that array.
0.99.13:
	binfmt_elf added; goes into the second slot of array if
	enabled.
0.99.14g:
	binfmt_coff added.
1.1.14:
	formats is a linked list instead of an array now, aout is
	still the hardwired first entry.  Anything else
	should call register_binfmt().  Nobody does, though, so
	elf and coff support got broken?  Lovely...
	At the same point binfmt_elf.c got copied from fs/ to ibcs/,
	along with fs/binfmt_coff.c (originals gone in 1.1.23)
1.1.54:
	fs/binfmt_elf.c returns (ibcs copy sticks around)
	elf_format is added back to the list - explicitly kludged
	into initializer of aout_format if non-modular and
	handled by register_binfmt() if modular.
1.1.77:
	ibcs moved to arch/i386/ibcs, stuff in there still not
	reachable?
1.3.5:
	arch/i386/ibcs finally gone; exists out of tree, with
	varying degrees of rot.
1.3.60:
	binfmt autoload if no match found, setting aliases up is
	up to userland (decimal aliases, at that).  Check for "printable"
	first 4 bytes added, apparently to filter out text files (recall
	that msdosfs marked everything executable).
	Aliases potentially useful for iBCS2 binaries (with out of tree
	module).
1.3.61:
	aout made modular, both elf and aout use register_binfmt()
	both in modular and built-in cases (earlier kludge would
	be hopeless, so it's gone and good riddance).
	These two (aout and elf) are the only binfmt in the tree.
	Aliases are theoretically useful for both, probably set up only
	for aout - insmod(8) itself is ELF by that point.  Again,
	that's up to distros - we are decades before MODULE_ALIAS
	machinery, so the kernel build is not setting those up.

1.3.60/1.3.61 look like a transition to modular a.out, on systems with
already mostly ELF userland - arranging for autoload of modular aout
and allowing it to become modular.  Filter hadn't been there before
that - it appeared along with autoload, so ctype changes are irrelevant;
there hadn't been an earlier stage of that thing anyway.

1.3.71:
	binfmt_script added (unconditional, nominally may be modular,
	in reality always built-in).  Special-casing of #! is gone.
	Never going to be autoloaded (and filter would reject it
	anyway).
1.3.100:
	binfmt_java added.  Two formats (java binary and crapplet);
	the former might be subject to autoload (and I've seen
	such aliases in examples of /etc/module* on the net),
	the latter couldn't - text files.
2.1.23:
	aliases went from binfmt-%hd to binfmt-%04x; userland either
	adapts, or it hadn't needed those in the first place...
2.1.32:
	binfmt_em86 added (alpha emulation of i386 ELF); aliases
	are not going to be useful for that - the first 4 bytes are
	identical to those for native ELF.
2.1.34:
	binfmt_elf32 added (sparc64 compat ELF); same story wrt
	aliases usefulness.
2.1.43pre1:
	binfmt_misc added; at that point aliases have become useless -
	in effect, that's a better replacement for those.
	another binfmt_elf32 (itanic compat)
2.1.44pre3:
	binfmt_irixelf added (irix compat); ELF binaries, so aliases
	are useless.
2.1.44:
	binfmt_aout32 added (sparc64 compat aout)
2.3.5:
	binfmt_java gone

Past that point there's really not much happening - and by now all
traces of aout are gone, which leaves this autoload logics pretty
much useless.

I mean, all ELF binaries are indistinguishable to it, scripts are
out of consideration anyway, aliases for binfmt_misc are pretty
much insane...  What does it leave?  binfmt_flat?  Sorry, the first
4 bytes are "bFLT", so it won't pass the filter...

All alias examples I had been able to find were for
	* a.out variants
	* iBCS2
	* java
Oh, and binfmt-0000 aliased to /bin/true, so that trying to exec a
zero-filled file wouldn't trigger whining from the modprobe when
we hit that autoload.

IMO we should simply take it out.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ