Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <b4fb6c1a0a1fb99b1deff1252f7ae9c6@ispras.ru>
Date: Thu, 23 Feb 2023 01:04:41 +0300
From: Alexey Izbyshev <izbyshev@...ras.ru>
To: musl@...ts.openwall.com
Cc: Florian Weimer <fweimer@...hat.com>
Subject: Re: vfork()-based posix_spawn() has more failure modes than
 fork()-based one

On 2022-05-03 00:31, Rich Felker wrote:
> On Mon, May 02, 2022 at 11:25:07PM +0200, Florian Weimer wrote:
>> * Rich Felker:
>> 
>> > I'm trying to understand how this comes to be. The child should
>> > inherit the namespaces of the parent and thus should not be in a
>> > different namespace that precludes spawn. I'm guessing this is some
>> > oddity where unshare doesn't affect the process itself, only its
>> > children? If so, it seems like a bug that it doesn't affect the
>> > process itself after execve (after unshare(1) runs your test program),
>> > but that probably can't be fixed now on the Linux side for stability
>> > reasons. :(
>> 
>> It's about fundamentally conflicting requirements.
>> 
>> The vDSO data mapping needs to store the time offset, so it has to be
>> distinct from the original namespace.  vfork preserves the VM sharing.
>> It's not possible to do both things at the same time.
>> 
>> unshare(CLONE_NEWTIME) should have been specified to only take effect
>> after execve, when the vDSO is remapped anyway.
> 
> Yes, exactly. The bug is that someone confused processes and process
> images (fork and exec) when coming up with the constraint and now
> we're probably stuck with it. *sigh*
> 
Status update: the recently released kernel 6.2 contains the fix[1], so 
we're not stuck with this bug after all!

[1] 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2b5f9dad32ed19e8db3b0f10a84aa824a219803b

Alexey

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.