Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp6266773ybi; Wed, 29 May 2019 05:31:00 -0700 (PDT) X-Google-Smtp-Source: APXvYqz86BN6xTqq4vo2jzV8tDtC09oasQRNHRA0BDKjd2KMLoHXyS5pAhpMfOJuSWkyuUY88DoA X-Received: by 2002:a17:902:a50c:: with SMTP id s12mr27905193plq.273.1559133060488; Wed, 29 May 2019 05:31:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559133060; cv=none; d=google.com; s=arc-20160816; b=zSIXnl4G7ykLKtFhQCTHPHBYNr+lb8irDz2sOz9nLCluHiLfyyy4i5YIi9HZRpk0Ge s7IJWAS1zhg0D3wXhA04Y2McowmQns9oljuidKbk8dHJnIv3SeUNcHvve35ZOBenhS2S FuhG6zUqdFg1RF4kl1gFKf9ZChI560nZ9TtfG9CyaWA7ADzkYtZzOdszClr7KX21vr3K rSrhk9Uo3eW9YWTCHv8cFjllAd4fRZ16Z0z1I/XxjwqQ4X/R64VkbRwwp1MifeApMjmn RgUgEqeqobwc4BbmMLE0MaqhE3Iak7IQ068V9JPl+V5TqavsassMmaDmTVxQZmQhpNud aeyQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:references:cc:to:subject:from:dkim-signature; bh=D0hd+8IlrFbrljX6rJkpYHeRy73O1oI/e5niWGIamB0=; b=t9XukyX30kzk7jkZcUU/wIaoaSyoxCYVbjkaKFjCiUf9dTCheBjnSjVtiCCqSWW4H4 SX5bBIzMnS9n01MOFn+PWV7BZ5uixvt3K6JUk3DGJTV7TLuckAu3jM283TVSx/kUS6CZ XqNTN5PA5/t3e6Y1+EaosXhZjc7TKiZF0tQ4p/VbSBh6cjuzLDQyvH7IkIV9M3GwvXYK atTWTbNDBI+c5acTWpk8clKWg9FgEcA7hL3fblIGecqHN5nq9DodCsqDNeISJBiej4zr hxDUmJ+weXOyejWWffDqgIxejQcBL/U9OB7MZ6fPhGsdHoe2bU7blGliETT9HEztF1C/ 0Jvw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=mAcxVAnn; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e4si26430223plk.304.2019.05.29.05.30.43; Wed, 29 May 2019 05:31:00 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=mAcxVAnn; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727123AbfE2M3j (ORCPT + 99 others); Wed, 29 May 2019 08:29:39 -0400 Received: from mail-pf1-f194.google.com ([209.85.210.194]:33848 "EHLO mail-pf1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726833AbfE2M3j (ORCPT ); Wed, 29 May 2019 08:29:39 -0400 Received: by mail-pf1-f194.google.com with SMTP id n19so1552966pfa.1; Wed, 29 May 2019 05:29:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:subject:to:cc:references:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=D0hd+8IlrFbrljX6rJkpYHeRy73O1oI/e5niWGIamB0=; b=mAcxVAnnohWG0y0fKP3zZRtJ9Mq0fbqgBgbd4Te568VAQB3iC2NRJZx8MOVbhSgVcr q8uc64x9OhD6j9rUpMYGLmCNyP1h1cV+BfcIG4EojhVN5o8jt392WMo/kv8XytBo80xK OV2w3cwm+8XzT0+SIxTZUNxaRlzRRs+o5qOu4+ZMdypBR3n0PABL/WxuFy4P9cP/yfC1 iDYaaGIzeDN6KAeKfiT0f7VIwfPdr15Su8dUO3rpVjmSIzAZp/vZJE3qkB7R1FCCbcUJ khffaKH2byom1uPVcgLmy/EwaNhHiFU7slPfaxV6E4CjL4IEwznlwVjYiciKcB7hzmVG nYSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:cc:references:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=D0hd+8IlrFbrljX6rJkpYHeRy73O1oI/e5niWGIamB0=; b=YifM5zGCQvPFNVWVcfNY+x9buWa1yJLbvNKD0WIGvjFuWJOH/evQvazdqSA9O6laVR wRgT9UBEcJXxh+VaQxkjrjtwzsTyofoQ8PvkCzsmYRqQJk4OWINsUgmTiyrWcsNRxD6Q fwk426hK1uWeUHKp98/5KrSTJljuEJN7SqW0Rxd4uH5k+RFGkUjhn4536KaoQ4TWDmZI d+rVIe6XOAFTZEpaIvdAVym1K/HwEVoXGD6w1AsVB5Tzd9Yc1JnnZ9WrPJNZskVPicwP nWbzLnLk6GyTElEjJbWHM1Ca4n7Y89f6XatA3nwhkc+fyR2vgis6USI5Y96Oc0ZRlQ0I eaNg== X-Gm-Message-State: APjAAAWfIAxqpeSa4ZslJpp5ARLtSLSQwHrosyTsKK3zZxiU93734CCx kilytnSOewVf5/DJ1bU8wkM= X-Received: by 2002:a63:d04b:: with SMTP id s11mr138152208pgi.187.1559132978396; Wed, 29 May 2019 05:29:38 -0700 (PDT) Received: from [10.44.0.192] ([103.48.210.53]) by smtp.gmail.com with ESMTPSA id y16sm17439175pfl.140.2019.05.29.05.29.33 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 29 May 2019 05:29:37 -0700 (PDT) From: Greg Ungerer X-Google-Original-From: Greg Ungerer Subject: Re: [PATCH] binfmt_flat: make load_flat_shared_library() work To: Arnd Bergmann Cc: Jann Horn , Andrew Morton , Alexander Viro , linux-fsdevel , kernel list , Kees Cook , Nicolas Pitre , Geert Uytterhoeven , Linux/m68k , Russell King , Linux ARM , Sergei Poselenov References: <20190524201817.16509-1-jannh@google.com> <20190525144304.e2b9475a18a1f78a964c5640@linux-foundation.org> <6956cfe5-90d4-aad4-48e3-66b0ece91fed@linux-m68k.org> Message-ID: <889fc718-b662-8235-5d60-9d330e77cf18@linux-m68k.org> Date: Wed, 29 May 2019 22:29:31 +1000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 29/5/19 10:05 pm, Arnd Bergmann wrote: > On Tue, May 28, 2019 at 12:56 PM Greg Ungerer wrote: >> On 27/5/19 11:38 pm, Jann Horn wrote: >>> On Sat, May 25, 2019 at 11:43 PM Andrew Morton >>> wrote: >>>> On Fri, 24 May 2019 22:18:17 +0200 Jann Horn wrote: >>>>> load_flat_shared_library() is broken: It only calls load_flat_file() if >>>>> prepare_binprm() returns zero, but prepare_binprm() returns the number of >>>>> bytes read - so this only happens if the file is empty. >>>> >>>> ouch. >>>> >>>>> Instead, call into load_flat_file() if the number of bytes read is >>>>> non-negative. (Even if the number of bytes is zero - in that case, >>>>> load_flat_file() will see nullbytes and return a nice -ENOEXEC.) >>>>> >>>>> In addition, remove the code related to bprm creds and stop using >>>>> prepare_binprm() - this code is loading a library, not a main executable, >>>>> and it only actually uses the members "buf", "file" and "filename" of the >>>>> linux_binprm struct. Instead, call kernel_read() directly. >>>>> >>>>> Cc: stable@vger.kernel.org >>>>> Fixes: 287980e49ffc ("remove lots of IS_ERR_VALUE abuses") >>>>> Signed-off-by: Jann Horn >>>>> --- >>>>> I only found the bug by looking at the code, I have not verified its >>>>> existence at runtime. >>>>> Also, this patch is compile-tested only. >>>>> It would be nice if someone who works with nommu Linux could have a >>>>> look at this patch. >>>> >>>> 287980e49ffc was three years ago! Has it really been broken for all >>>> that time? If so, it seems a good source of freed disk space... >>> >>> Maybe... but I didn't want to rip it out without having one of the >>> maintainers confirm that this really isn't likely to be used anymore. >> >> I have not used shared libraries on m68k non-mmu setups for >> a very long time. At least 10 years I would think. > > I think Emcraft have a significant customer base running ARM NOMMU > Linux, I wonder whether they would have run into this (adding > Sergei to Cc). > My suspicion is that they use only binfmt-elf-fdpic, not binfmt-flat. > > The only architectures I see that enable binfmt-flat are sh, xtensa > and h8300, but only arch/sh uses CONFIG_BINFMT_SHARED_FLAT m68k uses enables it too. It is the only binary format supported when running no-mmu on m68k. (You can use it with MMU enabled too if you really want too). The shared flat format has been used on m68k in the past (it was originally developed on m68k platforms). But I haven't used them for a long time (probably 10 years at least) on m68k. Regards Greg