From: Al Viro <viro@ZenIV.linux.org.uk>
To: Shentino <shentino@gmail.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: [RFC] SIGKILL vs. SIGSEGV on late execve() failures
Date: Sat, 16 Feb 2013 02:20:06 +0000 [thread overview]
Message-ID: <20130216022006.GB4503@ZenIV.linux.org.uk> (raw)
In-Reply-To: <20130216015024.GA4503@ZenIV.linux.org.uk>
On Sat, Feb 16, 2013 at 01:50:24AM +0000, Al Viro wrote:
> On Fri, Feb 15, 2013 at 04:46:43PM -0800, Shentino wrote:
> > On Fri, Feb 15, 2013 at 4:38 PM, Shentino <shentino@gmail.com> wrote:
> > > On Fri, Feb 15, 2013 at 4:04 PM, Al Viro <viro@zeniv.linux.org.uk> wrote:
> > >> How would you manage to have it masked at that point? setup_new_exec()
> > >> is inevitable after success of flush_old_exec() and it will do
> > >> flush_signal_handlers() for us.
> > >
> > > I wouldn't know for sure but I read somewhere that even if execve
> > > resets handled signals, it didn't also say that ignored signals were
> > > also reset. (Source: execve man page.)
> >
> > Also, apologies for the terminology mix-up. By masked, I mean that
> > the signal was ignored as directed by userspace a-la signal(SIGSEGV,
> > SIG_IGN).
> >
> > Plus I *think* that signal ignore masks are preserved across an exec.
>
> You are correct. OK, what it means is that we do need that force_sigsegv() -
> either there or in all places in ->load_binary() where we currently have
> send_sig_info(SIGSEGV). I don't think that it's an urgent hole, but yes,
> it is a bug. Nice catch.
Arrgh... OK, I'm a blind idiot. These places in binfmt_elf.c currently use
force_sig(), not send_sig_info(). Currently == since 2006 when somebody
noticed the problem. Their counterparts in binfmt_elf_fdpic.c were *not*
noticed. Anyway, that definitely means we want to do it in a single commit;
the only remaining question is whether we have any problems with somebody
ptracing such execve() and then poking the sucker with ptrace(); that _can_
happen with the current mainline for ELF binaries, so this is not something
new. I'm low on coffee and about to crash, so I might be missing some
horrible problem with it, but in this case I'm fairly sure that such a problem
would be present in current mainline.
next prev parent reply other threads:[~2013-02-16 2:20 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-02-14 5:36 [RFC] SIGKILL vs. SIGSEGV on late execve() failures Al Viro
2013-02-15 20:02 ` Linus Torvalds
2013-02-15 21:59 ` Al Viro
2013-02-15 23:12 ` Shentino
2013-02-16 0:04 ` Al Viro
2013-02-16 0:38 ` Maciej W. Rozycki
2013-02-16 0:38 ` Shentino
2013-02-16 0:46 ` Shentino
2013-02-16 1:50 ` Al Viro
2013-02-16 2:20 ` Al Viro [this message]
2013-02-16 7:20 ` Raymond Jennings
2013-02-16 7:43 ` Al Viro
2013-02-16 8:13 ` Raymond Jennings
2013-02-16 0:40 ` Linus Torvalds
2013-02-16 1:22 ` Al Viro
2013-02-16 1:44 ` Linus Torvalds
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130216022006.GB4503@ZenIV.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=linux-kernel@vger.kernel.org \
--cc=shentino@gmail.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox