* [PATCH] preserve personality flag bits across exec
@ 2010-02-12 22:22 Luck, Tony
0 siblings, 0 replies; 2+ messages in thread
From: Luck, Tony @ 2010-02-12 22:22 UTC (permalink / raw)
To: linux-arch
Only x86, powerpc and sparc seem to preserve the upper bits
of personality across exec(). Whether this is important depends
on whether each architecture implements any bits in the upper
3 bytes of the personality. For ia64 the problem showed up
when someone was trying to set ADDR_NO_RANDOMIZE and wanted
the setting to stick across exec.
I'm planning on apply the patch below for ia64. Other arch
maintainers should look to see if they need to do the same.
Signed-off-by: Tony Luck <tony.luck@intel.com>
---
diff --git a/arch/ia64/include/asm/elf.h b/arch/ia64/include/asm/elf.h
index e14108b..4c41656 100644
--- a/arch/ia64/include/asm/elf.h
+++ b/arch/ia64/include/asm/elf.h
@@ -201,7 +201,9 @@ extern void ia64_elf_core_copy_regs (struct pt_regs *src, elf_gregset_t dst);
relevant until we have real hardware to play with... */
#define ELF_PLATFORM NULL
-#define SET_PERSONALITY(ex) set_personality(PER_LINUX)
+#define SET_PERSONALITY(ex) \
+ set_personality((current->personality & ~PER_MASK) | PER_LINUX)
+
#define elf_read_implies_exec(ex, executable_stack) \
((executable_stack!=EXSTACK_DISABLE_X) && ((ex).e_flags & EF_IA_64_LINUX_EXECUTABLE_STACK) != 0)
^ permalink raw reply related [flat|nested] 2+ messages in thread* [PATCH] preserve personality flag bits across exec
@ 2010-02-12 17:12 Luck, Tony
0 siblings, 0 replies; 2+ messages in thread
From: Luck, Tony @ 2010-02-12 17:12 UTC (permalink / raw)
To: linux-ia64
In its <asm/elf.h> ia64 defines SET_PERSONALITY in a way that unconditionally
sets the personality of the current process to PER_LINUX, losing any flag bits
from the upper 3 bytes of current->personality. This is wrong. Those bits are
intended to be inherited across exec (other code takes care of ensuring that
security sensitive bits like ADDR_NO_RANDOMIZE are not passed to unsuspecting
setuid/setgid applications).
Date: Fri, 12 Feb 2010 09:12:50 -0800
Message-Id: <4b758c12105653e560@agluck-desktop.sc.intel.com>
Signed-off-by: Tony Luck <tony.luck@intel.com>
---
Technically elf32_set_personality() should have this same fix applied,
but the whole of arch/ia64/ia32/ is going to be deleted in the next
merge window, so there seems little point.
diff --git a/arch/ia64/include/asm/elf.h b/arch/ia64/include/asm/elf.h
index e14108b..4c41656 100644
--- a/arch/ia64/include/asm/elf.h
+++ b/arch/ia64/include/asm/elf.h
@@ -201,7 +201,9 @@ extern void ia64_elf_core_copy_regs (struct pt_regs *src, elf_gregset_t dst);
relevant until we have real hardware to play with... */
#define ELF_PLATFORM NULL
-#define SET_PERSONALITY(ex) set_personality(PER_LINUX)
+#define SET_PERSONALITY(ex) \
+ set_personality((current->personality & ~PER_MASK) | PER_LINUX)
+
#define elf_read_implies_exec(ex, executable_stack) \
((executable_stack!=EXSTACK_DISABLE_X) && ((ex).e_flags & EF_IA_64_LINUX_EXECUTABLE_STACK) != 0)
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2010-02-12 22:24 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-02-12 22:22 [PATCH] preserve personality flag bits across exec Luck, Tony
-- strict thread matches above, loose matches on Subject: below --
2010-02-12 17:12 Luck, Tony
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.