Re: [GIT PULL] Fix fill_files_note

Kees Cook <keescook@xxxxxxxxxxxx> · Tue, 8 Mar 2022 13:49:32 -0800

On Tue, Mar 08, 2022 at 01:35:03PM -0600, Eric W. Biederman wrote:
> 
> Kees,
> 
> Please pull the coredump-vma-snapshot-fix branch from the git tree:
> 
>   git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git coredump-vma-snapshot-fix
> 
>   HEAD: 390031c942116d4733310f0684beb8db19885fe6 coredump: Use the vma snapshot in fill_files_note
> 
> Matthew Wilcox has reported that a missing mmap_lock in file_files_note,
> which could cause trouble.
> 
> Refactor the code and clean it up so that the vma snapshot makes
> it to fill_files_note, and then use the vma snapshot in fill_files_note.
> 
> Eric W. Biederman (5):
>       coredump: Move definition of struct coredump_params into coredump.h
>       coredump: Snapshot the vmas in do_coredump
>       coredump: Remove the WARN_ON in dump_vma_snapshot
>       coredump/elf: Pass coredump_params into fill_note_info
>       coredump: Use the vma snapshot in fill_files_note
> 
>  fs/binfmt_elf.c          | 66 ++++++++++++++++++++++--------------------------
>  fs/binfmt_elf_fdpic.c    | 18 +++++--------
>  fs/binfmt_flat.c         |  1 +
>  fs/coredump.c            | 59 ++++++++++++++++++++++++++++---------------
>  include/linux/binfmts.h  | 13 +---------
>  include/linux/coredump.h | 20 ++++++++++++---
>  6 files changed, 93 insertions(+), 84 deletions(-)
> 
> ---
> 
> Kees I realized I needed to rebase this on Jann Horn's commit
> 84158b7f6a06 ("coredump: Also dump first pages of non-executable ELF
> libraries").  Unfortunately before I got that done I got distracted and
> these changes have been sitting in limbo for most of the development
> cycle.  Since you are running a tree that is including changes like this
> including Jann's can you please pull these changes into your tree.

Sure! Can you make a signed tag for this pull?

If it helps, my workflow look like this, though I assume there might be
better ways. (tl;dr: "git tag -s TAG BRANCH")

PULL_BRANCH=name-of-branch
BASE=sha-of-base
FOR=someone
TOPIC=topic-name

TAG="for-$FOR/$TOPIC"
SIGNED=~/.pull-request-signed-"$TAG"
echo "$TOPIC update" > "$SIGNED"
git request-pull "$BASE" git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git "$PULL_BRANCH" | awk '{print "# " $0}' >> "$SIGNED"
vi "$SIGNED"

git tag -sF "$SIGNED" "$TAG" "$PULL_BRANCH"
git push origin "$PULL_BRANCH"
git push origin +"$TAG"

-- 
Kees Cook