Kees Cook <keescook@xxxxxxxxxxxx> writes:
> On Wed, Mar 09, 2022 at 10:29:10AM -0600, Eric W. Biederman wrote:
>> Kees Cook <keescook@xxxxxxxxxxxx> writes:
>>
>> > On Tue, Mar 08, 2022 at 01:35:03PM -0600, Eric W. Biederman wrote:
>> >>
>> >> Kees,
>> >>
>> >> Please pull the coredump-vma-snapshot-fix branch from the git tree:
>> >>
>> >> git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git coredump-vma-snapshot-fix
>> >>
>> >> HEAD: 390031c942116d4733310f0684beb8db19885fe6 coredump: Use the vma snapshot in fill_files_note
>> >>
>> >> Matthew Wilcox has reported that a missing mmap_lock in file_files_note,
>> >> which could cause trouble.
>> >>
>> >> Refactor the code and clean it up so that the vma snapshot makes
>> >> it to fill_files_note, and then use the vma snapshot in fill_files_note.
>> >>
>> >> Eric W. Biederman (5):
>> >> coredump: Move definition of struct coredump_params into coredump.h
>> >> coredump: Snapshot the vmas in do_coredump
>> >> coredump: Remove the WARN_ON in dump_vma_snapshot
>> >> coredump/elf: Pass coredump_params into fill_note_info
>> >> coredump: Use the vma snapshot in fill_files_note
>> >>
>> >> fs/binfmt_elf.c | 66 ++++++++++++++++++++++--------------------------
>> >> fs/binfmt_elf_fdpic.c | 18 +++++--------
>> >> fs/binfmt_flat.c | 1 +
>> >> fs/coredump.c | 59 ++++++++++++++++++++++++++++---------------
>> >> include/linux/binfmts.h | 13 +---------
>> >> include/linux/coredump.h | 20 ++++++++++++---
>> >> 6 files changed, 93 insertions(+), 84 deletions(-)
>> >>
>> >> ---
>> >>
>> >> Kees I realized I needed to rebase this on Jann Horn's commit
>> >> 84158b7f6a06 ("coredump: Also dump first pages of non-executable ELF
>> >> libraries"). Unfortunately before I got that done I got distracted and
>> >> these changes have been sitting in limbo for most of the development
>> >> cycle. Since you are running a tree that is including changes like this
>> >> including Jann's can you please pull these changes into your tree.
>> >
>> > Sure! Can you make a signed tag for this pull?
>>
>> Not yet.
>>
>> Hopefully I will get the time to set that up soon, but I am not at all
>> setup to do signed tags at this point.
>
> Okay, cool. Since I'd already review these before, I've pulled and it
> should be in -next now.
>
>> [...]
>> Thanks. That looks like a good place to start.
>
> I will try to clean up that work-flow and stuff it into my kernel-tools
> repo.
It turns out I missed a crazy corner case of binfmt_flat, when coredumps
are disabled. This fixes a compile error that was reported.
git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git coredump-vma-snapshot-fix-for-v5.18
HEAD: f833116ad2c3eabf9c739946170e07825cca67ed coredump: Don't compile flat_core_dump when coredumps are disabled
Can you include this as well.
Thank you,
Eric
This is the entire patch.
From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
Date: Wed, 9 Mar 2022 10:37:07 -0600
Subject: [PATCH] coredump: Don't compile flat_core_dump when coredumps are disabled
Recently the kernel test robot reported:
> In file included from include/linux/kernel.h:29,
> from fs/binfmt_flat.c:21:
> fs/binfmt_flat.c: In function 'flat_core_dump':
> >> fs/binfmt_flat.c:121:50: error: invalid use of undefined type 'struct coredump_params'
> 121 | current->comm, current->pid, cprm->siginfo->si_signo);
> | ^~
> include/linux/printk.h:418:33: note: in definition of macro 'printk_index_wrap'
> 418 | _p_func(_fmt, ##__VA_ARGS__); \
> | ^~~~~~~~~~~
> include/linux/printk.h:499:9: note: in expansion of macro 'printk'
> 499 | printk(KERN_WARNING pr_fmt(fmt), ##__VA_ARGS__)
> | ^~~~~~
> fs/binfmt_flat.c:120:9: note: in expansion of macro 'pr_warn'
> 120 | pr_warn("Process %s:%d received signr %d and should have core dumped\n",
> | ^~~~~~~
> At top level:
> fs/binfmt_flat.c:118:12: warning: 'flat_core_dump' defined but not used [-Wunused-function]
> 118 | static int flat_core_dump(struct coredump_params *cprm)
> | ^~~~~~~~~~~~~~
The little dinky do nothing function flat_core_dump has always been
compiled unconditionally. With my change to move coredump_params into
coredump.h coredump_params reasonably becomes unavailable when
coredump support is not compiled in. Fix this old issue by simply not
compiling flat_core_dump when coredump support is not supported.
Fixes: a99a3e2efaf1 ("coredump: Move definition of struct coredump_params into coredump.h")
Reported-by: kernel test robot <lkp@xxxxxxxxx>
Signed-off-by: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
---
fs/binfmt_flat.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/fs/binfmt_flat.c b/fs/binfmt_flat.c
index 208cdce16de1..626898150011 100644
--- a/fs/binfmt_flat.c
+++ b/fs/binfmt_flat.c
@@ -98,7 +98,9 @@ static int load_flat_shared_library(int id, struct lib_info *p);
#endif
static int load_flat_binary(struct linux_binprm *);
+#ifdef CONFIG_COREDUMP
static int flat_core_dump(struct coredump_params *cprm);
+#endif
static struct linux_binfmt flat_format = {
.module = THIS_MODULE,
@@ -115,12 +117,14 @@ static struct linux_binfmt flat_format = {
* Currently only a stub-function.
*/
+#ifdef CONFIG_COREDUMP
static int flat_core_dump(struct coredump_params *cprm)
{
pr_warn("Process %s:%d received signr %d and should have core dumped\n",
current->comm, current->pid, cprm->siginfo->si_signo);
return 1;
}
+#endif
/****************************************************************************/
/*
--
2.29.2
