Re: make COMPAT_LINUX match SYSV binaries
On Wed, Oct 21, 2020 at 04:02:41PM +, Eduardo Horvath wrote: > On Wed, 21 Oct 2020, co...@sdf.org wrote: > > > In the event someone adds support for another OS with this problem (say, > > modern Solaris), I don't expect this compat to be enabled by default, > > for security reasons. So the problem will only occur if a user enables > > both forms of compat at the same time. > > But Solaris *IS* SYSV. > > Eduardo Solaris has a separate tag, but I'm not sure how consistently it's used. The SmartOS binaries do say: bin/dmenu: ELF 64-bit LSB executable, x86-64, version 1 (Solaris), dynamically linked, interpreter /usr/lib/amd64/ld.so.1, not stripped Bug Go-generated binaries say: main: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib/amd64/ld.so.1, Go BuildID=OGLnPmMB8X-FwRbuu90n/GZ0Uvc8LQrh2V9P9rvDk/mRaPYobahbBw4F7aYitg/K58SIG6bmmaibHLZehP8, not stripped
Re: make COMPAT_LINUX match SYSV binaries
On Tue, Oct 20, 2020 at 07:11:05PM +, co...@sdf.org wrote: > hello, > > As a background, some Linux binaries don't claim to be targeting the > Linux OS, but instead are "SYSV". > > We have used some heuristics to still identify those binaries as being > Linux binaries, like looking into the symbols defined by the binary. > > it looks like we no longer have other forms of compat expected to use > SYSV ELF binaries. Perhaps we should drop this elaborate detection logic > in favour of detecting SYSV == Linux? > > As an added bonus, it allows detecting binaries built with a musl > toolchain as being Linux binaries. > I feel compelled to explain further: any OS that doesn't rely on this tag is prone to spitting out binaries with the wrong tag. For example, Go spits out Solaris binaries with SYSV as well. Our current solution to it is the kernel reading through the binary, checking if it contains certain known symbols that are common on Linux. We support the following forms of compat: ultrix not ELF sunos not ELF (we support only oold stuff) freebsd always correctly tagged, because the native OS checks this, like we do. linux ELF, not always correctly tagged So, currently, we only support one OS that has this problem, which is linux. I am proposing we take advantage of it. In the event someone adds support for another OS with this problem (say, modern Solaris), I don't expect this compat to be enabled by default, for security reasons. So the problem will only occur if a user enables both forms of compat at the same time. Users already have to opt in to have Linux compat support. I think it is a lot to ask to have them tag every binary.
Re: make COMPAT_LINUX match SYSV binaries
On Wed, 21 Oct 2020, co...@sdf.org wrote: > In the event someone adds support for another OS with this problem (say, > modern Solaris), I don't expect this compat to be enabled by default, > for security reasons. So the problem will only occur if a user enables > both forms of compat at the same time. But Solaris *IS* SYSV. Eduardo
Re: make COMPAT_LINUX match SYSV binaries
co...@sdf.org writes: > I feel compelled to explain further: > any OS that doesn't rely on this tag is prone to spitting out binaries > with the wrong tag. For example, Go spits out Solaris binaries with SYSV > as well. > > Our current solution to it is the kernel reading through the binary, > checking if it contains certain known symbols that are common on Linux. > > We support the following forms of compat: > > ultrixnot ELF > sunos not ELF (we support only oold stuff) > freebsd always correctly tagged, because the native OS > checks this, like we do. > linux ELF, not always correctly tagged > > > So, currently, we only support one OS that has this problem, which is > linux. I am proposing we take advantage of it. > > In the event someone adds support for another OS with this problem (say, > modern Solaris), I don't expect this compat to be enabled by default, > for security reasons. So the problem will only occur if a user enables > both forms of compat at the same time. > > Users already have to opt in to have Linux compat support. I think it is > a lot to ask to have them tag every binary. Thanks for the explanation. I'm still not thrilled, but I withdraw my objection. signature.asc Description: PGP signature
Re: make COMPAT_LINUX match SYSV binaries
On 21.10.2020 14:14, co...@sdf.org wrote: > On Tue, Oct 20, 2020 at 07:11:05PM +, co...@sdf.org wrote: >> hello, >> >> As a background, some Linux binaries don't claim to be targeting the >> Linux OS, but instead are "SYSV". >> >> We have used some heuristics to still identify those binaries as being >> Linux binaries, like looking into the symbols defined by the binary. >> >> it looks like we no longer have other forms of compat expected to use >> SYSV ELF binaries. Perhaps we should drop this elaborate detection logic >> in favour of detecting SYSV == Linux? >> >> As an added bonus, it allows detecting binaries built with a musl >> toolchain as being Linux binaries. >> > > I feel compelled to explain further: > any OS that doesn't rely on this tag is prone to spitting out binaries > with the wrong tag. For example, Go spits out Solaris binaries with SYSV > as well. > > Our current solution to it is the kernel reading through the binary, > checking if it contains certain known symbols that are common on Linux. > > We support the following forms of compat: > > ultrixnot ELF > sunos not ELF (we support only oold stuff) > freebsd always correctly tagged, because the native OS > checks this, like we do. > linux ELF, not always correctly tagged > > > So, currently, we only support one OS that has this problem, which is > linux. I am proposing we take advantage of it. > > In the event someone adds support for another OS with this problem (say, > modern Solaris), I don't expect this compat to be enabled by default, > for security reasons. So the problem will only occur if a user enables > both forms of compat at the same time. > > Users already have to opt in to have Linux compat support. I think it is > a lot to ask to have them tag every binary. > I couldn't run musl binaries without either patching the kernel or ELF files, so I'm for making this easier. In my case, I had to add manually build-id tag to musl binaries. For some reason someone in the kernel assumed that they are always present, which is just a special case in some distros. signature.asc Description: OpenPGP digital signature
make COMPAT_LINUX match SYSV binaries
hello, As a background, some Linux binaries don't claim to be targeting the Linux OS, but instead are "SYSV". We have used some heuristics to still identify those binaries as being Linux binaries, like looking into the symbols defined by the binary. it looks like we no longer have other forms of compat expected to use SYSV ELF binaries. Perhaps we should drop this elaborate detection logic in favour of detecting SYSV == Linux? As an added bonus, it allows detecting binaries built with a musl toolchain as being Linux binaries. Index: linux/common/linux_exec_elf32.c === RCS file: /cvsroot/src/sys/compat/linux/common/linux_exec_elf32.c,v retrieving revision 1.100 diff -u -r1.100 linux_exec_elf32.c --- linux/common/linux_exec_elf32.c 12 Jan 2020 18:30:58 - 1.100 +++ linux/common/linux_exec_elf32.c 19 Oct 2020 17:47:40 - @@ -370,6 +281,9 @@ memcmp(>e_ident[EI_ABIVERSION], linux, sizeof(linux)) == 0) return 0; + if (eh->e_ident[EI_OSABI] == ELFOSABI_SYSV) + return 0; + phsize = eh->e_phnum * sizeof(Elf_Phdr); ph = (Elf_Phdr *)malloc(phsize, M_TEMP, M_WAITOK); error = exec_read(l, epp->ep_vp, eh->e_phoff, ph, phsize,
Re: make COMPAT_LINUX match SYSV binaries
co...@sdf.org writes: > As a background, some Linux binaries don't claim to be targeting the > Linux OS, but instead are "SYSV". > > We have used some heuristics to still identify those binaries as being > Linux binaries, like looking into the symbols defined by the binary. > > it looks like we no longer have other forms of compat expected to use > SYSV ELF binaries. Perhaps we should drop this elaborate detection logic > in favour of detecting SYSV == Linux? In general adapting to every confused practice out there leads us to a bad place. This just feels like a step along that path. I could see having a sysctl/etc. to enable this behavior, but it seems really irregular. Is there a way to have a tool to retag binaries that are tagged incorrectly? It seems SYSV emulation should not allow non-SYSV system calls. signature.asc Description: PGP signature
