From: Mike Hearn <mh@codeweavers.com>
To: linux-kernel@vger.kernel.org
Subject: Re: Potential bug in fs/binfmt_elf.c?
Date: Sun, 07 Mar 2004 09:58:44 +0000 [thread overview]
Message-ID: <pan.2004.03.07.09.58.43.675972@codeweavers.com> (raw)
In-Reply-To: 404ABD06.4060607@redhat.com
On Sat, 06 Mar 2004 22:11:18 -0800, Ulrich Drepper wrote:
> Not everything which can be expressed in ELF is supported. You don't
> want to load something, you want to reserve address space. And you want
> it allocated in a certain way. The ELF loader is no generic ELF
> interpreter.
Ah, OK. I was hoping this would not the answer.
> Now, if the only problem is the overcommit and making the do_brk() call
> allocate the memory as read-only a change to the do_brk() interface
> might be acceptable (well, ask somebody doing mm hacking). I wouldn't
> be entirely sure whether read-only pages alone are enough. This does
> not open any new holes as far as I can see.
This is certainly one long term solution, but we'd like to avoid kernel
hacking if at all possible. We have a prototype of a program which is
statically linked then turns itself into a dynamically linked app by
bootstrapping the ELF interpreter in the same way the kernel does after
mapping the range wanted with MAP_NORESERVE. Obviously we'd like the real
fix, but something which works nicely on Fedora Core 1 machines today is
also necessary.
Thanks for your advice. One quick question - you said binfmt_elf is not a
generic ELF interpreter, but the one in glibc presumably is yes? Would it
be possible to achieve the effect wanted by having a dummy stub binary
linked with -nostdlib etc, so it's a dynamically linked ELF program with
only one DT_NEEDED entry which is against the real binary.
This would short-circuit the kernel loader and pass control as soon as
possible to glibc, which would follow the first DT_NEEDED entry and map in
the real binary, which in turn contains the PE load area reservation
section. IIRC glibc always uses mmap to map ELF sections so this could
work better.
Does this sound plausible? If so, do you have any tips on where to look
for docs on it? Last time I tried compiling something with -nostdlib, I
ran into problems with the default linker script not liking it (entry
points I think).
thanks -mike
next prev parent reply other threads:[~2004-03-07 10:00 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-03-05 17:38 Potential bug in fs/binfmt_elf.c? Mike Hearn
2004-03-05 18:28 ` John Reiser
2004-03-06 18:46 ` Ulrich Drepper
2004-03-06 21:10 ` Mike Hearn
2004-03-07 6:11 ` Ulrich Drepper
2004-03-07 9:58 ` Mike Hearn [this message]
2004-03-07 10:46 ` Ulrich Drepper
2004-03-07 11:53 ` Mike Hearn
2004-03-07 21:32 ` Ulrich Drepper
2004-03-07 23:55 ` Eric W. Biederman
2004-03-08 5:57 ` John Reiser
2004-03-08 8:06 ` Jakub Jelinek
2004-03-11 6:17 ` [PATCH] binfmt_elf.c allow .bss with no access (p---) John Reiser
2004-03-11 14:23 ` Mike Hearn
2004-03-11 19:18 ` John Reiser
2004-03-12 16:42 ` Mike Hearn
[not found] ` <20040412185317.79ac7d7d.akpm@osdl.org>
2004-04-13 17:33 ` John Reiser
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=pan.2004.03.07.09.58.43.675972@codeweavers.com \
--to=mh@codeweavers.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mike@theoretic.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox