On Thu, Apr 30, 2020 at 7:10 AM Greg Ungerer <gerg@xxxxxxxxxxxxxx> wrote: > > > in load_flat_file() - which is also used to loading _libraries_. Where > > it makes no sense at all. > > I haven't looked at the shared lib support in there for a long time, > but I thought that "id" is only 0 for the actual final program. > Libraries have a slot or id number associated with them. Yes, that was my assumption, but looking at the code, it really isn't obvious that that is the case at all. 'id' gets calculated from fields that very much look like they could be zero (eg by taking the top bits from another random field). > > Most of that file goes back to pre-git days. And most of the commits > > since are not so much about binfmt_flat, as they are about cleanups or > > changes elsewhere where binfmt_flat was just a victim. > > I'll have a look at this. Thanks. > Quick hack test shows moving setup_new_exec(bprm) to be just before > install_exec_creds(bprm) works fine for the static binaries case. > Doing the flush_old_exec(bprm) there too crashed out - I'll need to > dig into that to see why. Just moving setup_new_exec() would at least allow us to then join the two together, and just say "setup_new_exec() does the credential installation too". So to some degree, that's the important one. But that flush_old_exec() does look odd in load_flat_file(). It's not like anything but executing a binary should flush the old exec. Certainly not loading a library, however odd that flat library code is. My _guess_ is that the reason for this is that "load_flat_file()" also does a lot of verification of the file and does that whole "return -ENOEXEC if the file format isn't right". So we don't want to flush the old exec before that is done, but we obviously also don't want to flush the old exec after we've actually loaded the new one into memory.. So the location of flush_old_exec() makes that kind of sense, but it would have made it better if that flat file support had a clear separation of "check the file" from "load the file". Oh well. As mentioned, the whole "at least put setup_new_exec() and install_exec_creds() together" is the bigger thing. But if it's true that nobody really uses the odd flat library support any more and there are no testers, maybe we should consider ripping it out... Linus