On 5/13/20 4:59 PM, Eric W. Biederman wrote:
> Careful with your terminology. ELF sections are for .o's For
> executables ELF have segments. And reading through the code it is the
> program segments that are independently relocatable.
Sorry, I have trouble keeping this stuff straight when it's n
Casey Schaufler writes:
> On 5/14/2020 7:56 AM, Eric W. Biederman wrote:
>> Kees Cook writes:
>>
>>> On Tue, May 12, 2020 at 04:47:14PM -0700, Kees Cook wrote:
And now I wonder if qemu actually uses the resulting AT_EXECFD ...
>>> It does, though I'm not sure if this is to support crossing
On 5/14/2020 7:56 AM, Eric W. Biederman wrote:
> Kees Cook writes:
>
>> On Tue, May 12, 2020 at 04:47:14PM -0700, Kees Cook wrote:
>>> And now I wonder if qemu actually uses the resulting AT_EXECFD ...
>> It does, though I'm not sure if this is to support crossing mount points,
>> dropping privile
Linus Torvalds writes:
> On Tue, May 12, 2020 at 11:46 AM Eric W. Biederman
> wrote:
>>
>> I am still thinking about this one, but here is where I am at. At a
>> practical level passing the file descriptor of the script to interpreter
>> seems like something we should encourage in the long term
Kees Cook writes:
> On Tue, May 12, 2020 at 04:47:14PM -0700, Kees Cook wrote:
>> And now I wonder if qemu actually uses the resulting AT_EXECFD ...
>
> It does, though I'm not sure if this is to support crossing mount points,
> dropping privileges, or something else, since it does fall back to j
Rob Landley writes:
> On 5/11/20 9:33 AM, Eric W. Biederman wrote:
>> What I do see is that interp_data is just a parameter that is smuggled
>> into the call of search binary handler. And the next binary handler
>> needs to be binfmt_elf for it to make much sense, as only binfmt_elf
>> (and binf
On Tue, May 12, 2020 at 7:32 PM Rob Landley wrote:
>
> On 5/12/20 7:20 PM, Linus Torvalds wrote:
> > Ack. I think the AT_EXECFD thing is a sign that this isn't internal to
> > binfmt_misc, but it also shouldn't be gating this issue. In reality,
> > ELF is the only real binary format that matters -
On 5/12/20 7:20 PM, Linus Torvalds wrote:
> On Tue, May 12, 2020 at 11:46 AM Eric W. Biederman
> wrote:
>>
>> I am still thinking about this one, but here is where I am at. At a
>> practical level passing the file descriptor of the script to interpreter
>> seems like something we should encour
On Tue, May 12, 2020 at 11:46 AM Eric W. Biederman
wrote:
>
> I am still thinking about this one, but here is where I am at. At a
> practical level passing the file descriptor of the script to interpreter
> seems like something we should encourage in the long term. It removes
> races and it is c
On Tue, May 12, 2020 at 04:47:14PM -0700, Kees Cook wrote:
> And now I wonder if qemu actually uses the resulting AT_EXECFD ...
It does, though I'm not sure if this is to support crossing mount points,
dropping privileges, or something else, since it does fall back to just
trying to open the file.
On Tue, May 12, 2020 at 04:08:56PM -0700, Kees Cook wrote:
> I'm nearly certain the answer is "yes", but I wonder if we should stop
> for a moment and ask "does anything still use MISC_FMT_OPEN_BINARY ? It
> looks like either "O" or "C" binfmt_misc registration flag. My installed
> binfmts on Ubunt
On Tue, May 12, 2020 at 03:31:57PM -0500, Eric W. Biederman wrote:
> >> It is possible although unlikely for userspace to find the file
> >> descriptor without consulting AT_EXECFD so just to be conservative I
> >> think we should install the file descriptor in begin_new_exec even if
> >> the next
Kees Cook writes:
> On Tue, May 12, 2020 at 01:42:53PM -0500, Eric W. Biederman wrote:
>> Kees Cook writes:
>> > Should binfmt_misc do the install, or can the consuming binfmt do it?
>> > i.e. when binfmt_elf sees bprm->execfd, does it perform the install
>> > instead?
>>
>> I am still thinking
On Tue, May 12, 2020 at 01:42:53PM -0500, Eric W. Biederman wrote:
> Kees Cook writes:
> > Should binfmt_misc do the install, or can the consuming binfmt do it?
> > i.e. when binfmt_elf sees bprm->execfd, does it perform the install
> > instead?
>
> I am still thinking about this one, but here is
Kees Cook writes:
> On Mon, May 11, 2020 at 09:33:21AM -0500, Eric W. Biederman wrote:
>> Linus Torvalds writes:
>>
>> > On Sat, May 9, 2020 at 9:30 PM Tetsuo Handa
>> > wrote:
>> >>
>> >> Wouldn't this change cause
>> >>
>> >> if (fd_binary > 0)
>> >> ksys_close(fd_bin
On Mon, May 11, 2020 at 09:33:21AM -0500, Eric W. Biederman wrote:
> Linus Torvalds writes:
>
> > On Sat, May 9, 2020 at 9:30 PM Tetsuo Handa
> > wrote:
> >>
> >> Wouldn't this change cause
> >>
> >> if (fd_binary > 0)
> >> ksys_close(fd_binary);
> >> bprm->interp
On 5/11/20 9:33 AM, Eric W. Biederman wrote:
> What I do see is that interp_data is just a parameter that is smuggled
> into the call of search binary handler. And the next binary handler
> needs to be binfmt_elf for it to make much sense, as only binfmt_elf
> (and binfmt_elf_fdpic) deals with BIN
Linus Torvalds writes:
> On Sat, May 9, 2020 at 9:30 PM Tetsuo Handa
> wrote:
>>
>> Wouldn't this change cause
>>
>> if (fd_binary > 0)
>> ksys_close(fd_binary);
>> bprm->interp_flags = 0;
>> bprm->interp_data = 0;
>>
>> not to be called when "Search for t
On Sat, May 9, 2020 at 9:30 PM Tetsuo Handa
wrote:
>
> Wouldn't this change cause
>
> if (fd_binary > 0)
> ksys_close(fd_binary);
> bprm->interp_flags = 0;
> bprm->interp_data = 0;
>
> not to be called when "Search for the interpreter" failed?
Good catch. W
On 2020/05/10 4:41, Eric W. Biederman wrote:
> --- a/fs/binfmt_misc.c
> +++ b/fs/binfmt_misc.c
> @@ -234,10 +234,7 @@ static int load_misc_binary(struct linux_binprm *bprm)
> if (retval < 0)
> goto error;
>
> - retval = search_binary_handler(bprm);
> - if (retval < 0)
On Sat, May 9, 2020 at 12:45 PM Eric W. Biederman wrote:
>
> Instead of recursing in search_binary_handler have the methods that
> would recurse return a positive value, and simply loop in exec_binprm.
>
> This is a trivial change as all of the methods that would recurse do
> so as effectively the
Instead of recursing in search_binary_handler have the methods that
would recurse return a positive value, and simply loop in exec_binprm.
This is a trivial change as all of the methods that would recurse do
so as effectively the last thing they do. Making this a trivial code
change.
Signed-o
22 matches
Mail list logo
