From: Eugene Teo <eteo@redhat.com>
To: Andrew Morton <akpm@osdl.org>
Cc: Christoph Hellwig <hch@infradead.org>,
Marcel Holtmann <marcel@holtmann.org>,
Linus Torvalds <torvalds@osdl.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Eugene Teo <eteo@redhat.com>
Subject: Re: Require mmap handler for a.out executables
Date: Fri, 28 Jul 2006 01:21:11 +0800 [thread overview]
Message-ID: <44C8F607.7070704@redhat.com> (raw)
In-Reply-To: <20060727150737.GA29521@infradead.org>
Christoph Hellwig wrote:
>> diff --git a/fs/binfmt_aout.c b/fs/binfmt_aout.c
>> index f312103..5638acf 100644
>> --- a/fs/binfmt_aout.c
>> +++ b/fs/binfmt_aout.c
>> @@ -278,6 +278,9 @@ static int load_aout_binary(struct linux
>> return -ENOEXEC;
>> }
>>
>> + if (!bprm->file->f_op || !bprm->file->f_op->mmap)
>> + return -ENOEXEC;
>> +
>
> These checks need a big comment explanining why they are there, else people
> will remove them again by accident.
Here's a resend.
Like what Marcel wrote, Andrew, please include this patch in -mm for testing.
Thanks.
Eugene
--
[PATCH] Require mmap handler for a.out executables
Files supported by fs/proc/base.c, i.e. /proc/<pid>/*, are not capable
of meeting the validity checks in ELF load_elf_*() handling because they
have no mmap handler which is required by ELF. In order to stop a.out
executables being used as part of an exploit attack against /proc-related
vulnerabilities, we make a.out executables depend on ->mmap() existing.
Signed-off-by: Eugene Teo <eteo@redhat.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
diff --git a/fs/binfmt_aout.c b/fs/binfmt_aout.c
index f312103..2042dfa 100644
--- a/fs/binfmt_aout.c
+++ b/fs/binfmt_aout.c
@@ -278,6 +278,12 @@ static int load_aout_binary(struct linux
return -ENOEXEC;
}
+ /* Requires a mmap handler. This prevents people from using a.out
+ * as part of an exploit attack against /proc-related vulnerabilities.
+ */
+ if (!bprm->file->f_op || !bprm->file->f_op->mmap)
+ return -ENOEXEC;
+
fd_offset = N_TXTOFF(ex);
/* Check initial limits. This avoids letting people circumvent
@@ -476,6 +482,12 @@ static int load_aout_library(struct file
goto out;
}
+ /* Requires a mmap handler. This prevents people from using a.out
+ * as part of an exploit attack against /proc-related vulnerabilities.
+ */
+ if (!file->f_op || !file->f_op->mmap)
+ goto out;
+
if (N_FLAGS(ex))
goto out;
--
eteo redhat.com ph: +65 6490 4142 http://www.kernel.org/~eugeneteo
gpg fingerprint: 47B9 90F6 AE4A 9C51 37E0 D6E1 EA84 C6A2 58DF 8823
next prev parent reply other threads:[~2006-07-27 17:21 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-07-26 10:31 Require mmap handler for a.out executables Marcel Holtmann
2006-07-27 15:07 ` Christoph Hellwig
2006-07-27 15:18 ` Linus Torvalds
2006-07-27 15:44 ` Marcel Holtmann
2006-07-27 17:21 ` Eugene Teo [this message]
[not found] <6COYh-8f0-41@gated-at.bofh.it>
2006-07-27 17:49 ` Bodo Eggert
2006-07-27 17:59 ` Eugene Teo
2006-07-27 18:25 ` Alan Cox
2006-07-27 21:18 ` Bodo Eggert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=44C8F607.7070704@redhat.com \
--to=eteo@redhat.com \
--cc=akpm@osdl.org \
--cc=hch@infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=marcel@holtmann.org \
--cc=torvalds@osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.