From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id BF80CC4167D for ; Mon, 13 Nov 2023 18:30:08 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 279836B024D; Mon, 13 Nov 2023 13:30:08 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 2024A6B024E; Mon, 13 Nov 2023 13:30:08 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 07C5F6B024F; Mon, 13 Nov 2023 13:30:08 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id E5F956B024D for ; Mon, 13 Nov 2023 13:30:07 -0500 (EST) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id AA3F780931 for ; Mon, 13 Nov 2023 18:30:07 +0000 (UTC) X-FDA: 81453770454.19.1124B2D Received: from out03.mta.xmission.com (out03.mta.xmission.com [166.70.13.233]) by imf18.hostedemail.com (Postfix) with ESMTP id 4F3331C001A for ; Mon, 13 Nov 2023 18:30:05 +0000 (UTC) Authentication-Results: imf18.hostedemail.com; dkim=none; dmarc=pass (policy=none) header.from=xmission.com; spf=pass (imf18.hostedemail.com: domain of ebiederm@xmission.com designates 166.70.13.233 as permitted sender) smtp.mailfrom=ebiederm@xmission.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1699900205; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=CfeEkhNZiFV3A+XF6EOQeAzCaHctPBtMguXg4/ZB5wM=; b=SRy9F4kXk+vPCyHL6qzYyZCPQWdmvOBF2JyhoOD+3GWXqd+IAnxKLmLTCTwCzchbQDMyFp VL7YY62NE14z3kDuepl7StDLScdG9K+2rXXV17oXkT6dtpGWHIhs29yC51zJSgAucvX3nx UkzeoW7daDLz/6wJGfgYhndzvFVwB6k= ARC-Authentication-Results: i=1; imf18.hostedemail.com; dkim=none; dmarc=pass (policy=none) header.from=xmission.com; spf=pass (imf18.hostedemail.com: domain of ebiederm@xmission.com designates 166.70.13.233 as permitted sender) smtp.mailfrom=ebiederm@xmission.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1699900205; a=rsa-sha256; cv=none; b=Gui8KD6jYx2pNxBXglF5daf5gIl+Pqi1gavSqBdFnRAqxwgQaYCDmv5tcEqk2ueEq/prPV SUCqsrEjfi7cAuu0pQLu53SBlkP74cgkf0G/GItonnS9j+4gpoW3VSygaOoQeNedmqRa9N stqoJf3KbiMfTc3xB14eSRVwQ4CkQHU= Received: from in02.mta.xmission.com ([166.70.13.52]:33492) by out03.mta.xmission.com with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1r2bhB-00CASw-Tk; Mon, 13 Nov 2023 11:30:01 -0700 Received: from ip68-227-168-167.om.om.cox.net ([68.227.168.167]:44754 helo=email.froward.int.ebiederm.org.xmission.com) by in02.mta.xmission.com with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1r2bh9-009HVJ-4d; Mon, 13 Nov 2023 11:30:01 -0700 From: "Eric W. Biederman" To: "Guilherme G. Piccoli" Cc: Kees Cook , David Hildenbrand , sonicadvance1@gmail.com, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, kernel-dev@igalia.com, kernel@gpiccoli.net, oleg@redhat.com, yzaikin@google.com, mcgrof@kernel.org, akpm@linux-foundation.org, brauner@kernel.org, viro@zeniv.linux.org.uk, willy@infradead.org, dave@stgolabs.net, joshua@froggi.es References: <20230907204256.3700336-1-gpiccoli@igalia.com> <202310091034.4F58841@keescook> <8dc5069f-5642-cc5b-60e0-0ed3789c780b@igalia.com> Date: Mon, 13 Nov 2023 12:29:30 -0600 In-Reply-To: <8dc5069f-5642-cc5b-60e0-0ed3789c780b@igalia.com> (Guilherme G. Piccoli's message of "Mon, 13 Nov 2023 14:33:13 -0300") Message-ID: <871qctwlpx.fsf@email.froward.int.ebiederm.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-XM-SPF: eid=1r2bh9-009HVJ-4d;;;mid=<871qctwlpx.fsf@email.froward.int.ebiederm.org>;;;hst=in02.mta.xmission.com;;;ip=68.227.168.167;;;frm=ebiederm@xmission.com;;;spf=pass X-XM-AID: U2FsdGVkX1/I/1FYBxErHqdGaUWSfI4eU8q0l1NRhPI= X-SA-Exim-Connect-IP: 68.227.168.167 X-SA-Exim-Mail-From: ebiederm@xmission.com Subject: Re: [RFC PATCH 0/2] Introduce a way to expose the interpreted file with binfmt_misc X-SA-Exim-Version: 4.2.1 (built Sat, 08 Feb 2020 21:53:50 +0000) X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com) X-Rspam-User: X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: 4F3331C001A X-Stat-Signature: kmn5cztsi8oq1r44mkn4d7bhhz9bb6kc X-HE-Tag: 1699900205-937142 X-HE-Meta: U2FsdGVkX194Jk39zL6Zv+WKwRNX/eBMgu2WxxvcTPhkHIqNXU4v9fR9gAgEjndJ9bxNB694HhnfpWHuX/VM88rFTrwlF/k/PhqdN8u/kbT6Tzb6tx5fTB+Wy/FcH55betImTDmCX4Hue9oSoQu6k9yJ2ooCaNV6ItAEalm0fCw9an9NQdOGcgKUe/xwcLFiRmW7p6BxzxpbvNEQiW4w8PLTyuBqK2txNbVgwBmJR6IlYrA4EBRx1wGyNpgwRwcXfLVfVL7TTV76FRMKo2aJe4RyU5sLlVcLrtQygMa4Bp0GnsNZ3C70F2qFXr672leIi7T0hhafGT/TlCgshRBisjlzmGSO9Kfc1m+n2C8hvI9ZOg6ffhzAFC6fblzxDRRUwnXK8V0UxCzGLj0C0s2xepYmiaN2ylIQ0/amDiH2zc2KwZXLy97NT4HSDrafPdYZF6d6J1OEvP76d5VxyUhscNGOGDN/q3FzqIjaNtT9ywLfbqmZG/WHHYGah8UPlI3mCRm2u1fxz4uuKEoF7hywPTYicT6ntW6nxk5A1g096bDeEvKKg24o5aHPPCZBnmQmumIRLTuI1YNSHVU4lDzzt+FYZrRFL/EbQ8vo/f8REC7Zey1Mi12X5S7l2OYaTrBGp66CLLsWbNF5LUbJfvSBP7Z1OR90hmvGfiACy5rZ25ZxezwnREiqg1VL76l0ebgr4UQPlfbWEIBVBxJc+Jpa4vb13O/fLvg/ZJ2JSn4xEUF0gJPwb8O++DLP5EMu8iHcCHUgfna4oFRuTw9mvcRYn9YaL39w6C2eUQpm4YXGny12KNQEs9K39fPUKHPinRKcnKu8iYe0/MUQc5PWlq6JP82cBZHPZaPm9ecw+SugiN9gh49nvrWFm0y2vw5g+Mrmdps+RSuPNoB9Rf5/ifW4c8MJVg+g9siG3i5G8N/08TSwolY5mDd3e/Cr/FLVT0/gppiAxvlhT3F8M021s31 WmGHuAxR /jmvhqxaQdfXt95TVxEN9qI27Wt59Mrbo0OnUUOdCtGnjL5QJMXTqZjVK8ibqCPlmiJJsXAiix1mv88Yi3VehWKDEkaRp5/coXDKsh8J7OtCfGAPP7ddtRVCdLeszUx6FFbr8KmhY0BSibf50R+96bJXuo6hmwDBMlzHnhiHqkt1LQDJ7K+qmxr8HBpzKQyK92YgYUzzJ14XwiFE= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: "Guilherme G. Piccoli" writes: > On 09/10/2023 14:37, Kees Cook wrote: >> On Fri, Oct 06, 2023 at 02:07:16PM +0200, David Hildenbrand wrote: >>> On 07.09.23 22:24, Guilherme G. Piccoli wrote: >>>> Currently the kernel provides a symlink to the executable binary, in the >>>> form of procfs file exe_file (/proc/self/exe_file for example). But what >>>> happens in interpreted scenarios (like binfmt_misc) is that such link >>>> always points to the *interpreter*. For cases of Linux binary emulators, >>>> like FEX [0] for example, it's then necessary to somehow mask that and >>>> emulate the true binary path. >>> >>> I'm absolutely no expert on that, but I'm wondering if, instead of modifying >>> exe_file and adding an interpreter file, you'd want to leave exe_file alone >>> and instead provide an easier way to obtain the interpreted file. >>> >>> Can you maybe describe why modifying exe_file is desired (about which >>> consumers are we worrying? ) and what exactly FEX does to handle that (how >>> does it mask that?). >>> >>> So a bit more background on the challenges without this change would be >>> appreciated. >> >> Yeah, it sounds like you're dealing with a process that examines >> /proc/self/exe_file for itself only to find the binfmt_misc interpreter >> when it was run via binfmt_misc? >> >> What actually breaks? Or rather, why does the process to examine >> exe_file? I'm just trying to see if there are other solutions here that >> would avoid creating an ambiguous interface... >> > > Thanks Kees and David! Did Ryan's thorough comment addressed your > questions? Do you have any take on the TODOs? > > I can maybe rebase against 6.7-rc1 and resubmit , if that makes sense! > But would be better having the TODOs addressed, I guess. Currently there is a mechanism in the kernel for changing /proc/self/exe. Would that be reasonable to use in this case? It came from the checkpoint/restart work, but given that it is already implemented it seems like the path of least resistance to get your binfmt_misc that wants to look like binfmt_elf to use that mechanism. Eric