Re: Potential bug in fs/binfmt_elf.c?

All of lore.kernel.org
 help / color / mirror / Atom feed

From: John Reiser <jreiser@BitWagon.com>
To: mike@navi.cx
Cc: linux-kernel@vger.kernel.org
Subject: Re: Potential bug in fs/binfmt_elf.c?
Date: Fri, 05 Mar 2004 10:28:07 -0800	[thread overview]
Message-ID: <4048C6B7.7080202@BitWagon.com> (raw)
In-Reply-To: <1078508281.3065.33.camel@linux.littlegreen>

> When mapping a nobits PT_LOAD segment with a memsize > filesize, the
> kernel calls set_brk (which in turns calls do_brk) to map and clear the
> area, but this discards access permissons on the mapping leading to rwx
> protection. This causes a load failure on systems where the VM cannot
> reserve swap space for the segment, unless overcommit is active (on many
> systems it's not on by default).
[snip]

I believe that's not the only problem with binfmt_elf.  If the total address
space described by the PT_LOADs is not exactly one contiguous interval, then
2.6.3 binfmt_elf fills in the gaps with 'prw.' of zero-filled pages, instead
of the intended "holes" with no mapping at all between isolated PT_LOADs.
One example is  https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=115913

--

next prev parent reply	other threads:[~2004-03-05 18:29 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-03-05 17:38 Potential bug in fs/binfmt_elf.c? Mike Hearn
2004-03-05 18:28 ` John Reiser [this message]
2004-03-06 18:46 ` Ulrich Drepper
2004-03-06 21:10   ` Mike Hearn
2004-03-07  6:11     ` Ulrich Drepper
2004-03-07  9:58       ` Mike Hearn
2004-03-07 10:46         ` Ulrich Drepper
2004-03-07 11:53           ` Mike Hearn
2004-03-07 21:32             ` Ulrich Drepper
2004-03-07 23:55     ` Eric W. Biederman
2004-03-08  5:57       ` John Reiser
2004-03-08  8:06         ` Jakub Jelinek
2004-03-11  6:17           ` [PATCH] binfmt_elf.c allow .bss with no access (p---) John Reiser
2004-03-11 14:23             ` Mike Hearn
2004-03-11 19:18               ` John Reiser
2004-03-12 16:42                 ` Mike Hearn
     [not found]             ` <20040412185317.79ac7d7d.akpm@osdl.org>
2004-04-13 17:33               ` John Reiser

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4048C6B7.7080202@BitWagon.com \
    --to=jreiser@bitwagon.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mike@navi.cx \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.