Re: [PATCH V2] Keep 3 high personality bytes across exec
Eric B Munson writes: --- a/include/asm-powerpc/elf.h +++ b/include/asm-powerpc/elf.h @@ -257,7 +257,8 @@ do { \ else\ clear_thread_flag(TIF_ABI_PENDING); \ if (personality(current-personality) != PER_LINUX32) \ - set_personality(PER_LINUX); \ + set_personality(PER_LINUX | \ + (current-personality PER_INHERIT)); \ Couldn't we use ~PER_MASK here instead of PER_INHERIT? That would mean we wouldn't have to modify include/linux/personality.h, and we wouldn't have to keep updating PER_INHERIT as more flags get added. (Nice patch description, BTW. Thanks.) Paul. ___ Linuxppc-dev mailing list Linuxppc-dev@ozlabs.org https://ozlabs.org/mailman/listinfo/linuxppc-dev
Re: [PATCH V2] Keep 3 high personality bytes across exec
On Mon, 30 Jun 2008, Paul Mackerras wrote: Eric B Munson writes: --- a/include/asm-powerpc/elf.h +++ b/include/asm-powerpc/elf.h @@ -257,7 +257,8 @@ do { \ else\ clear_thread_flag(TIF_ABI_PENDING); \ if (personality(current-personality) != PER_LINUX32) \ - set_personality(PER_LINUX); \ + set_personality(PER_LINUX | \ + (current-personality PER_INHERIT)); \ Couldn't we use ~PER_MASK here instead of PER_INHERIT? That would mean we wouldn't have to modify include/linux/personality.h, and we wouldn't have to keep updating PER_INHERIT as more flags get added. (Nice patch description, BTW. Thanks.) Paul. Yeah, ~PER_MASK will work fine. I used PER_INHERIT first because I was not sure if there were values that should not be carried forward. I will have an updated patch out shortly. Eric signature.asc Description: Digital signature ___ Linuxppc-dev mailing list Linuxppc-dev@ozlabs.org https://ozlabs.org/mailman/listinfo/linuxppc-dev
[PATCH V2] Keep 3 high personality bytes across exec
Currently when a 32 bit process is exec'd on a powerpc 64 bit host the value in the top three bytes of the personality is clobbered. This patch adds a check in the SET_PERSONALITY macro that will carry all the values in the top three bytes across the exec. These three bytes currently carry flags to disable address randomisation, limit the address space, force zeroing of an mmapped page, etc. Should an application set any of these bits they will be maintained and honoured on homogeneous environment but discarded and ignored on a heterogeneous environment. So if an application requires all mmapped pages to be initialised to zero and a wrapper is used to setup the personality and exec the target, these flags will remain set on an all 32 or all 64 bit envrionment, but they will be lost in the exec on a mixed 32/64 bit environment. Losing these bits means that the same application would behave differently in different environments. Tested on a POWER5+ machine with 64bit kernel and a mixed 64/32 bit user space. Signed-off-by: Eric B Munson [EMAIL PROTECTED] --- V2 Changes from V1: Updated changelog with a better description of why this change is useful Based on 2.6.26-rc6 include/asm-powerpc/elf.h |3 ++- include/linux/personality.h |6 ++ 2 files changed, 8 insertions(+), 1 deletions(-) diff --git a/include/asm-powerpc/elf.h b/include/asm-powerpc/elf.h index 9080d85..2f11a0e 100644 --- a/include/asm-powerpc/elf.h +++ b/include/asm-powerpc/elf.h @@ -257,7 +257,8 @@ do { \ else\ clear_thread_flag(TIF_ABI_PENDING); \ if (personality(current-personality) != PER_LINUX32) \ - set_personality(PER_LINUX); \ + set_personality(PER_LINUX | \ + (current-personality PER_INHERIT)); \ } while (0) /* * An executable for which elf_read_implies_exec() returns TRUE will diff --git a/include/linux/personality.h b/include/linux/personality.h index a84e9ff..362eb90 100644 --- a/include/linux/personality.h +++ b/include/linux/personality.h @@ -36,6 +36,12 @@ enum { ADDR_LIMIT_3GB =0x800, }; +/* Mask for the above personality values */ +#define PER_INHERIT (ADDR_NO_RANDOMIZE|FDPIC_FUNCPTRS|MMAP_PAGE_ZERO| \ + ADDR_COMPAT_LAYOUT|READ_IMPLIES_EXEC|ADDR_LIMIT_32BIT| \ + SHORT_INODE|WHOLE_SECONDS|STICKY_TIMEOUTS| \ + ADDR_LIMIT_3GB) + /* * Security-relevant compatibility flags that must be * cleared upon setuid or setgid exec: signature.asc Description: Digital signature ___ Linuxppc-dev mailing list Linuxppc-dev@ozlabs.org https://ozlabs.org/mailman/listinfo/linuxppc-dev
[RFC PATCH V2] Keep 3 high personality bytes across exec
Currently when a 32 bit process is exec'd on a powerpc 64 bit host the value in the top three bytes of the personality is clobbered. This patch adds a check in the SET_PERSONALITY macro that will carry all the values in the top three bytes across the exec. These three bytes currently carry flags to disable address randomisation, limit the address space, force zeroing of an mmapped page, etc. Should an application set any of these bits they will be maintained and honoured on homogeneous environment but discarded and ignored on a heterogeneous environment. So if an application requires all mmapped pages to be initialised to zero and a wrapper is used to setup the personality and exec the target, these flags will remain set on an all 32 or all 64 bit envrionment, but they will be lost in the exec on a mixed 32/64 bit environment. Losing these bits means that the same application would behave differently in different environments. Tested on a POWER5+ machine with 64bit kernel and a mixed 64/32 bit user space. Signed-off-by: Eric B Munson [EMAIL PROTECTED] --- V2 Changes from V1: Updated changelog with a better description of why this change is useful Based on 2.6.26-rc6 include/asm-powerpc/elf.h |3 ++- include/linux/personality.h |6 ++ 2 files changed, 8 insertions(+), 1 deletions(-) diff --git a/include/asm-powerpc/elf.h b/include/asm-powerpc/elf.h index 9080d85..2f11a0e 100644 --- a/include/asm-powerpc/elf.h +++ b/include/asm-powerpc/elf.h @@ -257,7 +257,8 @@ do { \ else\ clear_thread_flag(TIF_ABI_PENDING); \ if (personality(current-personality) != PER_LINUX32) \ - set_personality(PER_LINUX); \ + set_personality(PER_LINUX | \ + (current-personality PER_INHERIT)); \ } while (0) /* * An executable for which elf_read_implies_exec() returns TRUE will diff --git a/include/linux/personality.h b/include/linux/personality.h index a84e9ff..362eb90 100644 --- a/include/linux/personality.h +++ b/include/linux/personality.h @@ -36,6 +36,12 @@ enum { ADDR_LIMIT_3GB =0x800, }; +/* Mask for the above personality values */ +#define PER_INHERIT (ADDR_NO_RANDOMIZE|FDPIC_FUNCPTRS|MMAP_PAGE_ZERO| \ + ADDR_COMPAT_LAYOUT|READ_IMPLIES_EXEC|ADDR_LIMIT_32BIT| \ + SHORT_INODE|WHOLE_SECONDS|STICKY_TIMEOUTS| \ + ADDR_LIMIT_3GB) + /* * Security-relevant compatibility flags that must be * cleared upon setuid or setgid exec: signature.asc Description: Digital signature ___ Linuxppc-dev mailing list Linuxppc-dev@ozlabs.org https://ozlabs.org/mailman/listinfo/linuxppc-dev