Quoting Oleg Nesterov <o...@redhat.com>:
On 07/31, Oleg Nesterov wrote:
> From: Zach Levis <z...@linux.vnet.ibm.com>
> Subject: fs/binfmts: better handling of binfmt loops
>
> With these changes, when a binfmt loop is encountered, the ELOOP will
> propagate back to the 0 depth. At this point the argv and argc values
> will be reset to what they were originally and an attempt is made to
> continue with the following binfmt handlers.
I must admit, I do not really understand why do we want to recover
after pr_err(). Perhaps the changelog could say a bit more.
And still can't. Probably I missed something, but it seems that
this tries to "fix" the wrong /proc/sys/fs/binfmt_misc/register...
So an example of what this would be used for (going into commit
message of a v2 with your earlier suggestions):
A qemu is configured to run 64-bit ELFs on an otherwise 32-bit system.
The system's owner switches to running with 64-bit executables, but
forgets to disable the binfmt_misc option that redirects 64bit ELFs to
qemu. Since the qemu executable is a 64-bit ELF now, binfmt_misc keeps
on matching it with the qemu rule, preventing the execution of any
64-bit binary.
With this patch, an error is printed and search_binary_handler()
continues on to the next handler, allowing the original executable to
run normally so the user can (hopefully) fix their misconfiguration
more easily.
> +
> + copy_strings(bprm->argc_orig, *((struct user_arg_ptr *)
bprm->argv_orig), bprm);
Perhaps it would be more clean to add "struct user_arg_ptr;"
into binfmts.h and avoid the typecast.
I was kinda trying to avoid exposing the struct, but yeah, that's better.
And I do not think we should ignore the possible error from
copy_strings(). Even if we know that it succeeded before, another
thread can, say, unmap this memory in between.
And since we do copy_strings() again we probably need acct_arg_size()
after remove_arg_zero() loop, although this is not that important.
I'm not sure if that's even necessary. It looks like there's
copy_strings()->get_arg_page()->acct_arg_size() that's already called.
And with this patch "depth == 0" check(s) look even worse, imho we
need to cleanup this code first. And proc_exec_connector() looks
simply wrong. I'll try to make a patch.
But once again, I can be easily wrong, so please correct me.
Oleg.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
