From: Al Viro <viro@ZenIV.linux.org.uk>
To: Shentino <shentino@gmail.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: [RFC] SIGKILL vs. SIGSEGV on late execve() failures
Date: Sat, 16 Feb 2013 02:20:06 +0000 [thread overview]
Message-ID: <20130216022006.GB4503@ZenIV.linux.org.uk> (raw)
In-Reply-To: <20130216015024.GA4503@ZenIV.linux.org.uk>
On Sat, Feb 16, 2013 at 01:50:24AM +0000, Al Viro wrote:
> On Fri, Feb 15, 2013 at 04:46:43PM -0800, Shentino wrote:
> > On Fri, Feb 15, 2013 at 4:38 PM, Shentino <shentino@gmail.com> wrote:
> > > On Fri, Feb 15, 2013 at 4:04 PM, Al Viro <viro@zeniv.linux.org.uk> wrote:
> > >> How would you manage to have it masked at that point? setup_new_exec()
> > >> is inevitable after success of flush_old_exec() and it will do
> > >> flush_signal_handlers() for us.
> > >
> > > I wouldn't know for sure but I read somewhere that even if execve
> > > resets handled signals, it didn't also say that ignored signals were
> > > also reset. (Source: execve man page.)
> >
> > Also, apologies for the terminology mix-up. By masked, I mean that
> > the signal was ignored as directed by userspace a-la signal(SIGSEGV,
> > SIG_IGN).
> >
> > Plus I *think* that signal ignore masks are preserved across an exec.
>
> You are correct. OK, what it means is that we do need that force_sigsegv() -
> either there or in all places in ->load_binary() where we currently have
> send_sig_info(SIGSEGV). I don't think that it's an urgent hole, but yes,
> it is a bug. Nice catch.
Arrgh... OK, I'm a blind idiot. These places in binfmt_elf.c currently use
force_sig(), not send_sig_info(). Currently == since 2006 when somebody
noticed the problem. Their counterparts in binfmt_elf_fdpic.c were *not*
noticed. Anyway, that definitely means we want to do it in a single commit;
the only remaining question is whether we have any problems with somebody
ptracing such execve() and then poking the sucker with ptrace(); that _can_
happen with the current mainline for ELF binaries, so this is not something
new. I'm low on coffee and about to crash, so I might be missing some
horrible problem with it, but in this case I'm fairly sure that such a problem
would be present in current mainline.
next prev parent reply other threads:[~2013-02-16 2:20 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-02-14 5:36 [RFC] SIGKILL vs. SIGSEGV on late execve() failures Al Viro
2013-02-15 20:02 ` Linus Torvalds
2013-02-15 21:59 ` Al Viro
2013-02-15 23:12 ` Shentino
2013-02-16 0:04 ` Al Viro
2013-02-16 0:38 ` Maciej W. Rozycki
2013-02-16 0:38 ` Shentino
2013-02-16 0:46 ` Shentino
2013-02-16 1:50 ` Al Viro
2013-02-16 2:20 ` Al Viro [this message]
2013-02-16 7:20 ` Raymond Jennings
2013-02-16 7:43 ` Al Viro
2013-02-16 8:13 ` Raymond Jennings
2013-02-16 0:40 ` Linus Torvalds
2013-02-16 1:22 ` Al Viro
2013-02-16 1:44 ` Linus Torvalds
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130216022006.GB4503@ZenIV.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=linux-kernel@vger.kernel.org \
--cc=shentino@gmail.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.