From: "Serge E. Hallyn" <serue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
To: Oren Laadan <orenl-eQaUEPhvms7ENvBUuze7eA@public.gmane.org>
Cc: Linux Containers <containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org>
Subject: Re: [RFC PATCH] Make AT_VECTOR_SIZE_ARCH 2 for x86-32
Date: Mon, 8 Feb 2010 20:07:20 -0600 [thread overview]
Message-ID: <20100209020720.GB13571@us.ibm.com> (raw)
In-Reply-To: <4B708A73.9010306-eQaUEPhvms7ENvBUuze7eA@public.gmane.org>
Quoting Oren Laadan (orenl-eQaUEPhvms7ENvBUuze7eA@public.gmane.org):
>
>
> Serge E. Hallyn wrote:
> >Quoting Serge E. Hallyn (serue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org):
> >>[ RFC: Am I on crack? ]
> >>
> >>Both x86-32 and x86-64 with 32-bit compat use ARCH_DLINFO_IA32,
> >>which defines two saved_auxv entries. But system.h only defines
> >>AT_VECTOR_SIZE_ARCH as 2 for CONFIG_IA32_EMULATION, not for
> >>CONFIG_X86_32. Fix that.
> >
> >To be clear, this patch if right would be for pushing upstream
> >immediately. It still leaves open the question of what we want
> >to do about saved_auxv. We currently just write it out as a
> >buffer, but since it is actually an array of longs, and therefore
> >differently sized on x86-32 and x86-64-compat, we would need to
> >write them out entry-by-entry (and validate no overflows for
> >TIF_IA32 tasks). Does that seem warranted?
>
> Yes: iterate over entries and copy them.
>
> From a brief look at the code, I don't think the contents of the
> saved_auxv is used anywhere inside the kernel (it's exported via
> /proc), except for the reliance on a trailing AT_NULL record
> which is easy to test for.
>
> Would it be wrong or insecure to export whatever garbage the user
> may have put in that array (assuming it is null terminated) ?
I don't know which tools use the /proc/$$/auxv output, but I don't
see why it would be unsafe so long as we (as I do) only copy
AT_VECTOR_SIZE unsigned longs.
I suppose we could try and be more knowledgable about the internals
and restore them to values that make sense, using code we'd share
with fs/binfmt_elf.c...
-serge
next prev parent reply other threads:[~2010-02-09 2:07 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-02-08 20:34 [RFC PATCH] Make AT_VECTOR_SIZE_ARCH 2 for x86-32 Serge E. Hallyn
[not found] ` <20100208203440.GA27389-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2010-02-08 20:48 ` Serge E. Hallyn
[not found] ` <20100208204837.GA27904-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2010-02-08 22:04 ` Oren Laadan
[not found] ` <4B708A73.9010306-eQaUEPhvms7ENvBUuze7eA@public.gmane.org>
2010-02-09 2:07 ` Serge E. Hallyn [this message]
[not found] ` <20100209020720.GB13571-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2010-02-09 17:05 ` Oren Laadan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100209020720.GB13571@us.ibm.com \
--to=serue-r/jw6+rmf7hqt0dzr+alfa@public.gmane.org \
--cc=containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org \
--cc=orenl-eQaUEPhvms7ENvBUuze7eA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox