>-----Original Message-----
>From: Albert Cahalan [mailto:[email protected]]
>Sent: Sunday, June 20, 2004 15:17
>To: Zach, Yoav
>Cc: linux-kernel mailing list
>Subject: RE: [PATCH] Handle non-readable binfmt misc executables
>
>So the content of /proc/*/cmdline is correct?
>
After the translator fixes it - yes.
>At a minimum, you will have a problem at startup.
>The process might be observed before you fix argv.
>
Right. It might happen once in a (long) while that
'ps -f' doesn't show the correct command line.
>What about apps that walk off the end of argv to get
>at the environment?
>
Please note that the stack is that of the translator, which
is aware of the fixing of argv.
>It seems cleaner to use some other mechanism.
>Assuming your interpreter is ELF, ELF notes are good.
Using ELF notes means changing the binaries, which is not
suitable for cases where the use of translator for running
the binaries is not 'known' to the binaries. For example,
an administrator might start using a translator to enhance
performance of existing binaries. In such a case, re-building
the binaries will probably be out of the question.
>You might use prctl().
>
Do you mean enhancing sys_prctl to allow for fixing
the argv ?
Thanks,
Yoav.
On Mon, 2004-06-21 at 07:31, Zach, Yoav wrote:
> >From: Albert Cahalan [mailto:[email protected]]
> >So the content of /proc/*/cmdline is correct?
>
> After the translator fixes it - yes.
>
> >At a minimum, you will have a problem at startup.
> >The process might be observed before you fix argv.
>
> Right. It might happen once in a (long) while that
> 'ps -f' doesn't show the correct command line.
So this is a hole in the emulation.
> >It seems cleaner to use some other mechanism.
> >Assuming your interpreter is ELF, ELF notes are good.
>
> Using ELF notes means changing the binaries, which is not
> suitable for cases where the use of translator for running
> the binaries is not 'known' to the binaries. For example,
> an administrator might start using a translator to enhance
> performance of existing binaries. In such a case, re-building
> the binaries will probably be out of the question.
No. Well, the translator would change. The old i386
binaries would not.
ELF notes are supplied by the kernel. They provide
data like USER_HZ, the UID, a flag to indicate that
ld.so must take setuid-type precautions, and so on.
ELF notes are on the stack, beyond the environment.
> >You might use prctl().
>
> Do you mean enhancing sys_prctl to allow for fixing
> the argv ?
No. I mean enhancing sys_prctl to allow asking for
the file descriptor number. That way, argv doesn't
need to get mangled in the first place.
I'm sure there are many other good ways to pass the
file descriptor number to the interpreter.