Re: Potential bug in fs/binfmt_elf.c?

From: John Reiser
Date: Fri Mar 05 2004 - 13:30:27 EST

Next message: Roland Dreier: "ANNOUCE: OpenIB InfiniBand software"
Previous message: Danny ter Haar: "Re: server migration"
In reply to: Mike Hearn: "Potential bug in fs/binfmt_elf.c?"
Next in thread: Ulrich Drepper: "Re: Potential bug in fs/binfmt_elf.c?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

When mapping a nobits PT_LOAD segment with a memsize > filesize, the
kernel calls set_brk (which in turns calls do_brk) to map and clear the
area, but this discards access permissons on the mapping leading to rwx
protection. This causes a load failure on systems where the VM cannot
reserve swap space for the segment, unless overcommit is active (on many
systems it's not on by default).

[snip]

I believe that's not the only problem with binfmt_elf. If the total address
space described by the PT_LOADs is not exactly one contiguous interval, then
2.6.3 binfmt_elf fills in the gaps with 'prw.' of zero-filled pages, instead
of the intended "holes" with no mapping at all between isolated PT_LOADs.
One example is https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=115913

--

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Roland Dreier: "ANNOUCE: OpenIB InfiniBand software"
Previous message: Danny ter Haar: "Re: server migration"
In reply to: Mike Hearn: "Potential bug in fs/binfmt_elf.c?"
Next in thread: Ulrich Drepper: "Re: Potential bug in fs/binfmt_elf.c?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]