| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Z0cz/Dhrw118WPiE@tycho.pizza>
Date: Wed, 27 Nov 2024 08:00:12 -0700
From: Tycho Andersen <tycho@...ho.pizza>
To: Mark Brown <broonie@...nel.org>
Cc: Alexander Viro <viro@...iv.linux.org.uk>,
Christian Brauner <brauner@...nel.org>, Jan Kara <jack@...e.cz>,
Eric Biederman <ebiederm@...ssion.com>, Kees Cook <kees@...nel.org>,
Shuah Khan <skhan@...uxfoundation.org>,
Zbigniew Jędrzejewski-Szmek <zbyszek@...waw.pl>,
Aleksa Sarai <cyphar@...har.com>, linux-fsdevel@...r.kernel.org,
linux-mm@...ck.org, linux-kernel@...r.kernel.org,
linux-kselftest@...r.kernel.org,
Tycho Andersen <tandersen@...flix.com>
Subject: Re: [PATCH 2/2] selftests/exec: add a test for execveat()'s comm
On Wed, Nov 27, 2024 at 02:25:29PM +0000, Mark Brown wrote:
> On Wed, Oct 30, 2024 at 02:37:32PM -0600, Tycho Andersen wrote:
> > From: Tycho Andersen <tandersen@...flix.com>
> >
> > In the previous patch we've defined a couple behaviors:
> >
> > 1. execveat(fd, AT_EMPTY_PATH, {"foo"}, ...) should render argv[0] as
> > /proc/pid/comm
> > 2. execveat(fd, AT_EMPTY_PATH, {NULL}, ...) should keep the old behavior of
> > rendering the fd as /proc/pid/comm
> >
> > and just to be sure keeps working with symlinks, which was a concern in
> > [1], I've added a test for that as well.
> >
> > The test itself is a bit ugly, because the existing check_execveat_fail()
> > helpers use a hardcoded envp and argv, and we want to "pass" things via the
> > environment to test various argument values, but it seemed cleaner than
> > passing one in everywhere in all the existing tests.
>
> This test doesn't pass in my CI, running on an i.MX8MP Verdin board.
> This is an arm64 system and I'm running the tests on NFS.
>
> > Output looks like:
>
> > ok 51 Check success of execveat(6, 'home/tycho/packages/...yyyyyyyyyyyyyyyyyyyy', 0)...
> > # Check execveat(AT_EMPTY_PATH)'s comm is sentinel
> > ok 52 Check success of execveat(9, '', 4096)...
> > # Check execveat(AT_EMPTY_PATH)'s comm is sentinel
> > ok 53 Check success of execveat(11, '', 4096)...
> > # Check execveat(AT_EMPTY_PATH)'s comm is 9
> > [ 25.579272] process 'execveat' launched '/dev/fd/9' with NULL argv: empty string added
> > ok 54 Check success of execveat(9, '', 4096)...
>
> The output when things fail is:
>
> # # Check execveat(AT_EMPTY_PATH)'s comm is sentinel
> # # bad comm, got: 11 expected: sentinel# child 8257 exited with 1 neither 0 nor 0
> # not ok 52 Check success of execveat(11, '', 4096)...
> # # Check execveat(AT_EMPTY_PATH)'s comm is sentinel
> # # bad comm, got: 13 expected: sentinel# child 8258 exited with 1 neither 0 nor 0
> # not ok 53 Check success of execveat(13, '', 4096)...
>
> Full log from a failing job at:
>
> https://lava.sirena.org.uk/scheduler/job/993508
>
> I didn't do any investigation beyond this.
Strange... but this series has been rejected by Linus anyway, so
probably not worth investigating further.
Tycho
Powered by blists - more mailing lists