Received: by 10.223.164.197 with SMTP id h5csp544956wrb;
        Sat, 4 Nov 2017 18:11:28 -0700 (PDT)
X-Google-Smtp-Source: ABhQp+T/oQzfqiQ34t50oY23aR5TveNcDvs3M/21JLTYF0tdOnjwvwvBtwxjThFc6njBlrP/JteH
X-Received: by 10.99.104.73 with SMTP id d70mr11274406pgc.58.1509844288300;
        Sat, 04 Nov 2017 18:11:28 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1509844288; cv=none;
        d=google.com; s=arc-20160816;
        b=R+J9lHHSIjfa0eyhKMwJKAIHKjFXkKaNcd7/njfuAhKHbMEmgGtSyB+LuPVQ3Q12FB
         22pSB2l5Nj1EHDhPLXihfugFv8j6qmkZRh79uxJaplcdvnWiWx4p5KR+h+zGWh+Sg9C7
         UJo6e0vyNyIklSKlqJ+5WyyU2ZmDDzeAyWYxIE1PXy/jGYhsBukSeChMoc+lCHXFI9A0
         Aqy1g8J3mbkVMW26fE1NnyM/TTUpyoBwrkqNzNp5HckA0Oj3jSqaDgqalYN1jK71CyD0
         zUkG88KccA2OuoLM3WsukOUGn9w4lSP3xpTevo4sx9RASCvKJWe82dMx2iVtEA/OXav3
         viJA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:dkim-signature
         :arc-authentication-results;
        bh=/kNZz58IXOMo2pDjBoGlbJ94L18hfnaSdbM+z2iQze0=;
        b=aiVRhTkuszBPQbImXGMAeZJVUBW34cl9tikrYFf/kVOsRU9zoJTmbdUJp9P8rWuJie
         BkdCWZpy143uuXOxz7xiEDBhPrpTTtNLs5l22idAiA41LcawlXDdnSZsasYTAE/h2/nO
         +KC4aOaT9GeN0IdjSFl+1Y5nPqnb5sif4dQXYKE5uM2LXZXak5m3AJM/UfSpxqdKZBtT
         02cUKVDiYwGt0KgyANdSSyPVhK4vVALAR1/r97dT0f7SHGG20qsnGhbMuenviAd2XIWF
         L+f7sVg1DnYaxsBDK5YlyqG2X5hhRelL5fc/JQ1InO2mrcnJgqUED+WZxbC4ZGkbWlD1
         IIaw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@landley-net.20150623.gappssmtp.com header.s=20150623 header.b=0b69pBqk;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 68si9930431pfq.46.2017.11.04.18.11.01;
        Sat, 04 Nov 2017 18:11:28 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@landley-net.20150623.gappssmtp.com header.s=20150623 header.b=0b69pBqk;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752484AbdKEBKJ (ORCPT <rfc822;brice.berna@gmail.com>
        + 94 others); Sat, 4 Nov 2017 21:10:09 -0400
Received: from mail-pg0-f42.google.com ([74.125.83.42]:49454 "EHLO
        mail-pg0-f42.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751913AbdKEBKH (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 4 Nov 2017 21:10:07 -0400
Received: by mail-pg0-f42.google.com with SMTP id g6so5488473pgn.6
        for <linux-kernel@vger.kernel.org>; Sat, 04 Nov 2017 18:10:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=landley-net.20150623.gappssmtp.com; s=20150623;
        h=subject:to:cc:references:from:message-id:date:user-agent
         :mime-version:in-reply-to:content-language:content-transfer-encoding;
        bh=/kNZz58IXOMo2pDjBoGlbJ94L18hfnaSdbM+z2iQze0=;
        b=0b69pBqkwaGrSgOHfpCJ+FxDESG+vQkkHO09YBzTYSVyl9G0k1YfwKRdbtGACfJWEo
         0AVjei4KnG2lNtjVVtzup9jpgsAp+Xrj+Rxgux82ESkGjgXxwtvSTAWpxfb87en8/hne
         MZ2cJ/yBp681V+e8i2P4xjuxGuFd17Q0AvFyf5xv2jtzrNuCUBoBBnO4Y74Nr4P0jPXs
         2y1xoC0QGrh9gi+QF2nsURv3z/05xtbBfoqydNyKAY8KuFLKceryr71en+nNXo6MD203
         LApKTAQoOVvc8l620DQLUjPXPwP8YSgbZGDfFM1IDpVET5zY4t1jIGT1GIakUFuBLZee
         CbgA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:subject:to:cc:references:from:message-id:date
         :user-agent:mime-version:in-reply-to:content-language
         :content-transfer-encoding;
        bh=/kNZz58IXOMo2pDjBoGlbJ94L18hfnaSdbM+z2iQze0=;
        b=RyCIdvjEbqWOvE5FZvExHdkGkdvc/XKGIPcg7jg8Cyjge/sBnhckeuG2TssgaoAaRU
         wo0nQrJt+nl2SUmRmjsM/7Vp/NR63V/D8z2s0Poy11ng2xT+E0cjApzFOWkIwNiTgTIk
         4XXL8clfxZJRkJMSJYxleedSQ9FJIFrY5R73ewZanl6iwCmWwONqDCjdi8UZ5XoSDtfZ
         Te7BPfa5NL8vVVtuEUpjzlaRznJxnd5luxBG3mFHQlNX29/Ad91pVrgfkd31NZMCPGBH
         YdDcACL9lE42UsW0H66HGwMPcvn+LRUb/So+3CKNPO3jPHT6SNxA3vCJt5+hjfKAtg7g
         o7Lg==
X-Gm-Message-State: AMCzsaXf/a5qY5iKMaSgCMjWeUln39Q2b/CvpkwhJv51U2w/XFdJNCUV
        qJildWcJiQDTAmgccCvnA6fUkg==
X-Received: by 10.159.204.146 with SMTP id t18mr9805561plo.83.1509844206878;
        Sat, 04 Nov 2017 18:10:06 -0700 (PDT)
Received: from [10.0.4.203] (aa041158.ppp.asahi-net.or.jp. [110.5.41.158])
        by smtp.googlemail.com with ESMTPSA id o2sm19511421pfj.136.2017.11.04.18.10.04
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Sat, 04 Nov 2017 18:10:06 -0700 (PDT)
Subject: Re: Regression: commit da029c11e6b1 broke toybox xargs.
To:     Kees Cook <keescook@chromium.org>,
        Linus Torvalds <torvalds@linux-foundation.org>
Cc:     Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        toybox@lists.landley.net, enh@google.com
References: <b33da177-a836-40eb-25c8-8134da83c63d@landley.net>
 <CA+55aFyw74DcPygS=SB0d-Fufz3j73zTVp2UXUUOUt4=1_He=Q@mail.gmail.com>
 <CA+55aFyWWMipF2sLdcUbz2JwMQ0YRK5YAHTy8HrUPevMF+6XZA@mail.gmail.com>
 <0b3a9bd0-3046-cdab-cfee-0ca45ee64e8d@landley.net>
 <CAGXu5jKdjA+RiZAR4_YMqZyjGJKN2a0pU44CAtpmTBCSMDfEBA@mail.gmail.com>
 <CA+55aFzDFD6dnRvUFW93r3TGaV9LVw6bTSABvr7vv2jGZdBAjQ@mail.gmail.com>
 <CAGXu5jK9OFZpvNeyKCit7gcSJQ=cR=KhHuv-LS3vf7AdxueA9Q@mail.gmail.com>
From:   Rob Landley <rob@landley.net>
Message-ID: <db7ed4a1-c6aa-6b21-ff2e-6c5b09e2fe30@landley.net>
Date:   Sat, 4 Nov 2017 20:10:03 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.3.0
MIME-Version: 1.0
In-Reply-To: <CAGXu5jK9OFZpvNeyKCit7gcSJQ=cR=KhHuv-LS3vf7AdxueA9Q@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 11/03/2017 08:37 PM, Kees Cook wrote:
> We don't. (In fact, arg copying happens before we've even figured out
> which binfmt is involved.) I lifted it to just before the point of no
> return, but moving it before arg copying looks very hard (which
> contributed to why we went with the implementation we did).
> 
>> So it's pretty painful to make the limits different for suid and
>> non-suid binaries.
> 
> I would agree.

I think I know what to implement for toybox now: xargs should trust
libc's sysconf() to provide the common-case starting limit (subtracting
env space) then implement the fallback pipe-from-child thing to
iteratively try half the argument list when that fails.

Elliott's even cc'd so he can update bionic's sysconf for the new 10 meg
thing from the title commit. :)

Rob


From 1583184571131583481@xxx Sun Nov 05 00:41:03 +0000 2017
X-GM-THRID: 1582908659593594930
X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread