Eric Lee / smarc-fsl-linux-kernel

Blame view

fs/binfmt_aout.c 8.31 KB

09c434b8a Thomas Gleixner treewide: Add SPD...	1	// SPDX-License-Identifier: GPL-2.0-only
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23	/* * linux/fs/binfmt_aout.c * * Copyright (C) 1991, 1992, 1996 Linus Torvalds */ #include <linux/module.h> #include <linux/time.h> #include <linux/kernel.h> #include <linux/mm.h> #include <linux/mman.h> #include <linux/a.out.h> #include <linux/errno.h> #include <linux/signal.h> #include <linux/string.h> #include <linux/fs.h> #include <linux/file.h> #include <linux/stat.h> #include <linux/fcntl.h> #include <linux/ptrace.h> #include <linux/user.h>
1da177e4c Linus Torvalds Linux-2.6.12-rc2	24 25 26	#include <linux/binfmts.h> #include <linux/personality.h> #include <linux/init.h>
088e7af73 Daisuke HATAYAMA coredump: move du...	27	#include <linux/coredump.h>
5a0e3ad6a Tejun Heo include cleanup: ...	28	#include <linux/slab.h>
68db0cf10 Ingo Molnar sched/headers: Pr...	29	#include <linux/sched/task_stack.h>
1da177e4c Linus Torvalds Linux-2.6.12-rc2	30
7c0f6ba68 Linus Torvalds Replace <asm/uacc...	31	#include <linux/uaccess.h>
1da177e4c Linus Torvalds Linux-2.6.12-rc2	32	#include <asm/cacheflush.h>
71613c3b8 Al Viro get rid of pt_reg...	33	static int load_aout_binary(struct linux_binprm *);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	34	static int load_aout_library(struct file*);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	35
046d662f4 Alex Kelly coredump: make co...	36 37 38 39	static struct linux_binfmt aout_format = { .module = THIS_MODULE, .load_binary = load_aout_binary, .load_shlib = load_aout_library,
046d662f4 Alex Kelly coredump: make co...	40 41 42 43 44 45 46 47	}; #define BAD_ADDR(x) ((unsigned long)(x) >= TASK_SIZE) static int set_brk(unsigned long start, unsigned long end) { start = PAGE_ALIGN(start); end = PAGE_ALIGN(end);
5d22fc25d Linus Torvalds mm: remove more I...	48 49	if (end > start) return vm_brk(start, end - start);
046d662f4 Alex Kelly coredump: make co...	50 51	return 0; }
1da177e4c Linus Torvalds Linux-2.6.12-rc2	52 53 54 55 56 57 58 59 60 61 62 63 64 65 66	/* * create_aout_tables() parses the env- and arg-strings in new user * memory and creates the pointer tables from them, and puts their * addresses on the "stack", returning the new stack pointer value. / static unsigned long __user create_aout_tables(char __user p, struct linux_binprm bprm) { char __user * __user argv; char __user __user envp; unsigned long __user sp; int argc = bprm->argc; int envc = bprm->envc; sp = (void __user )((-(unsigned long)sizeof(char )) & (unsigned long) p);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	67 68 69 70 71 72	#ifdef __alpha__ /* whee.. test-programs are so much fun. */ put_user(0, --sp); put_user(0, --sp); if (bprm->loader) { put_user(0, --sp);
17580d7f2 Al Viro sanitize ifdefs i...	73	put_user(1003, --sp);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	74	put_user(bprm->loader, --sp);
17580d7f2 Al Viro sanitize ifdefs i...	75	put_user(1002, --sp);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	76 77	} put_user(bprm->exec, --sp);
17580d7f2 Al Viro sanitize ifdefs i...	78	put_user(1001, --sp);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	79 80 81 82 83	#endif sp -= envc+1; envp = (char __user * __user ) sp; sp -= argc+1; argv = (char __user __user *) sp;
17580d7f2 Al Viro sanitize ifdefs i...	84	#ifndef __alpha__
1da177e4c Linus Torvalds Linux-2.6.12-rc2	85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114	put_user((unsigned long) envp,--sp); put_user((unsigned long) argv,--sp); #endif put_user(argc,--sp); current->mm->arg_start = (unsigned long) p; while (argc-->0) { char c; put_user(p,argv++); do { get_user(c,p++); } while (c); } put_user(NULL,argv); current->mm->arg_end = current->mm->env_start = (unsigned long) p; while (envc-->0) { char c; put_user(p,envp++); do { get_user(c,p++); } while (c); } put_user(NULL,envp); current->mm->env_end = (unsigned long) p; return sp; } /* * These are the functions used to load a.out style executables and shared * libraries. There is no binary dependent code anywhere else. */
71613c3b8 Al Viro get rid of pt_reg...	115	static int load_aout_binary(struct linux_binprm * bprm)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	116	{
71613c3b8 Al Viro get rid of pt_reg...	117	struct pt_regs *regs = current_pt_regs();
1da177e4c Linus Torvalds Linux-2.6.12-rc2	118 119 120 121 122 123 124 125 126 127	struct exec ex; unsigned long error; unsigned long fd_offset; unsigned long rlim; int retval; ex = ((struct exec ) bprm->buf); /* exec-header */ if ((N_MAGIC(ex) != ZMAGIC && N_MAGIC(ex) != OMAGIC && N_MAGIC(ex) != QMAGIC && N_MAGIC(ex) != NMAGIC) \|\| N_TRSIZE(ex) \|\| N_DRSIZE(ex) \|\|
496ad9aa8 Al Viro new helper: file_...	128	i_size_read(file_inode(bprm->file)) < ex.a_text+ex.a_data+N_SYMSIZE(ex)+N_TXTOFF(ex)) {
1da177e4c Linus Torvalds Linux-2.6.12-rc2	129 130	return -ENOEXEC; }
8454aeef6 Eugene Teo [PATCH] Require m...	131 132 133 134	/* * Requires a mmap handler. This prevents people from using a.out * as part of an exploit attack against /proc-related vulnerabilities. */
72c2d5319 Al Viro file->f_op is nev...	135	if (!bprm->file->f_op->mmap)
8454aeef6 Eugene Teo [PATCH] Require m...	136	return -ENOEXEC;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	137 138 139 140 141 142	fd_offset = N_TXTOFF(ex); /* Check initial limits. This avoids letting people circumvent * size limits imposed on them by creating programs with large * arrays in the data or bss. */
d554ed895 Jiri Slaby fs: use rlimit he...	143	rlim = rlimit(RLIMIT_DATA);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	144 145 146 147 148 149 150 151 152 153 154	if (rlim >= RLIM_INFINITY) rlim = ~0; if (ex.a_data + ex.a_bss > rlim) return -ENOMEM; /* Flush all traces of the currently running executable / retval = flush_old_exec(bprm); if (retval) return retval; / OK, This is the point of no return */
17580d7f2 Al Viro sanitize ifdefs i...	155	#ifdef __alpha__
1da177e4c Linus Torvalds Linux-2.6.12-rc2	156	SET_AOUT_PERSONALITY(bprm, ex);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	157 158 159	#else set_personality(PER_LINUX); #endif
221af7f87 Linus Torvalds Split 'flush_old_...	160	setup_new_exec(bprm);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	161 162 163 164 165 166 167	current->mm->end_code = ex.a_text + (current->mm->start_code = N_TXTADDR(ex)); current->mm->end_data = ex.a_data + (current->mm->start_data = N_DATADDR(ex)); current->mm->brk = ex.a_bss + (current->mm->start_brk = N_BSSADDR(ex));
1da177e4c Linus Torvalds Linux-2.6.12-rc2	168
6414fa6a1 Al Viro aout: move setup_...	169	retval = setup_arg_pages(bprm, STACK_TOP, EXSTACK_DEFAULT);
19d860a14 Al Viro handle suicide on...	170	if (retval < 0)
6414fa6a1 Al Viro aout: move setup_...	171	return retval;
6414fa6a1 Al Viro aout: move setup_...	172
a6f76f23d David Howells CRED: Make execve...	173	install_exec_creds(bprm);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	174 175 176 177 178 179	if (N_MAGIC(ex) == OMAGIC) { unsigned long text_addr, map_size; loff_t pos; text_addr = N_TXTADDR(ex);
fe30af971 Al Viro remove the rudime...	180	#ifdef __alpha__
1da177e4c Linus Torvalds Linux-2.6.12-rc2	181 182 183 184 185 186	pos = fd_offset; map_size = ex.a_text+ex.a_data + PAGE_SIZE - 1; #else pos = 32; map_size = ex.a_text+ex.a_data; #endif
e4eb1ff61 Linus Torvalds VM: add "vm_brk()...	187	error = vm_brk(text_addr & PAGE_MASK, map_size);
5d22fc25d Linus Torvalds mm: remove more I...	188	if (error)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	189	return error;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	190
3dc20cb28 Al Viro new helper: read_...	191 192	error = read_code(bprm->file, text_addr, pos, ex.a_text+ex.a_data);
19d860a14 Al Viro handle suicide on...	193	if ((signed long)error < 0)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	194	return error;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	195	} else {
1da177e4c Linus Torvalds Linux-2.6.12-rc2	196	if ((ex.a_text & 0xfff \|\| ex.a_data & 0xfff) &&
2e50b6ccd S.Çağlar Onur fs/binfmt_aout.c:...	197	(N_MAGIC(ex) != NMAGIC) && printk_ratelimit())
1da177e4c Linus Torvalds Linux-2.6.12-rc2	198 199 200	{ printk(KERN_NOTICE "executable not page aligned ");
1da177e4c Linus Torvalds Linux-2.6.12-rc2	201	}
2e50b6ccd S.Çağlar Onur fs/binfmt_aout.c:...	202	if ((fd_offset & ~PAGE_MASK) != 0 && printk_ratelimit())
1da177e4c Linus Torvalds Linux-2.6.12-rc2	203 204	{ printk(KERN_WARNING
a455589f1 Al Viro assorted conversi...	205 206 207	"fd_offset is not page aligned. Please convert program: %pD ", bprm->file);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	208 209 210	} if (!bprm->file->f_op->mmap\|\|((fd_offset & ~PAGE_MASK) != 0)) {
864778b15 Michal Hocko mm, aout: handle ...	211	error = vm_brk(N_TXTADDR(ex), ex.a_text+ex.a_data);
5d22fc25d Linus Torvalds mm: remove more I...	212	if (error)
864778b15 Michal Hocko mm, aout: handle ...	213	return error;
3dc20cb28 Al Viro new helper: read_...	214 215	read_code(bprm->file, N_TXTADDR(ex), fd_offset, ex.a_text + ex.a_data);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	216 217	goto beyond_if; }
6be5ceb02 Linus Torvalds VM: add "vm_mmap(...	218	error = vm_mmap(bprm->file, N_TXTADDR(ex), ex.a_text,
1da177e4c Linus Torvalds Linux-2.6.12-rc2	219 220 221	PROT_READ \| PROT_EXEC, MAP_FIXED \| MAP_PRIVATE \| MAP_DENYWRITE \| MAP_EXECUTABLE, fd_offset);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	222
19d860a14 Al Viro handle suicide on...	223	if (error != N_TXTADDR(ex))
1da177e4c Linus Torvalds Linux-2.6.12-rc2	224	return error;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	225
6be5ceb02 Linus Torvalds VM: add "vm_mmap(...	226	error = vm_mmap(bprm->file, N_DATADDR(ex), ex.a_data,
1da177e4c Linus Torvalds Linux-2.6.12-rc2	227 228 229	PROT_READ \| PROT_WRITE \| PROT_EXEC, MAP_FIXED \| MAP_PRIVATE \| MAP_DENYWRITE \| MAP_EXECUTABLE, fd_offset + ex.a_text);
19d860a14 Al Viro handle suicide on...	230	if (error != N_DATADDR(ex))
1da177e4c Linus Torvalds Linux-2.6.12-rc2	231	return error;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	232 233 234 235 236	} beyond_if: set_binfmt(&aout_format); retval = set_brk(current->mm->start_brk, current->mm->brk);
19d860a14 Al Viro handle suicide on...	237	if (retval < 0)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	238	return retval;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	239
1da177e4c Linus Torvalds Linux-2.6.12-rc2	240 241 242 243 244	current->mm->start_stack = (unsigned long) create_aout_tables((char __user *) bprm->p, bprm); #ifdef __alpha__ regs->gp = ex.a_gpvalue; #endif
b83838313 Kees Cook exec: introduce f...	245	finalize_exec(bprm);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	246	start_thread(regs, ex.a_entry, current->mm->start_stack);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	247 248 249 250 251 252 253 254 255 256	return 0; } static int load_aout_library(struct file file) { struct inode inode; unsigned long bss, start_addr, len; unsigned long error; int retval; struct exec ex;
bdd1d2d3d Christoph Hellwig fs: fix kernel_re...	257	loff_t pos = 0;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	258
496ad9aa8 Al Viro new helper: file_...	259	inode = file_inode(file);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	260 261	retval = -ENOEXEC;
bdd1d2d3d Christoph Hellwig fs: fix kernel_re...	262	error = kernel_read(file, &ex, sizeof(ex), &pos);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	263 264 265 266 267 268 269 270 271	if (error != sizeof(ex)) goto out; /* We come in here for the regular a.out style of shared libraries */ if ((N_MAGIC(ex) != ZMAGIC && N_MAGIC(ex) != QMAGIC) \|\| N_TRSIZE(ex) \|\| N_DRSIZE(ex) \|\| ((ex.a_entry & 0xfff) && N_MAGIC(ex) == ZMAGIC) \|\| i_size_read(inode) < ex.a_text+ex.a_data+N_SYMSIZE(ex)+N_TXTOFF(ex)) { goto out; }
8454aeef6 Eugene Teo [PATCH] Require m...	272 273 274 275	/* * Requires a mmap handler. This prevents people from using a.out * as part of an exploit attack against /proc-related vulnerabilities. */
72c2d5319 Al Viro file->f_op is nev...	276	if (!file->f_op->mmap)
8454aeef6 Eugene Teo [PATCH] Require m...	277	goto out;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	278 279 280 281 282 283 284 285 286	if (N_FLAGS(ex)) goto out; /* For QMAGIC, the starting address is 0x20 into the page. We mask this off to get the starting address for the page */ start_addr = ex.a_entry & 0xfffff000; if ((N_TXTOFF(ex) & ~PAGE_MASK) != 0) {
2e50b6ccd S.Çağlar Onur fs/binfmt_aout.c:...	287	if (printk_ratelimit())
1da177e4c Linus Torvalds Linux-2.6.12-rc2	288 289	{ printk(KERN_WARNING
a455589f1 Al Viro assorted conversi...	290 291 292	"N_TXTOFF is not page aligned. Please convert library: %pD ", file);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	293	}
864778b15 Michal Hocko mm, aout: handle ...	294	retval = vm_brk(start_addr, ex.a_text + ex.a_data + ex.a_bss);
5d22fc25d Linus Torvalds mm: remove more I...	295	if (retval)
864778b15 Michal Hocko mm, aout: handle ...	296	goto out;
3dc20cb28 Al Viro new helper: read_...	297 298	read_code(file, start_addr, N_TXTOFF(ex), ex.a_text + ex.a_data);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	299 300 301 302	retval = 0; goto out; } /* Now use mmap to map the library into memory. */
6be5ceb02 Linus Torvalds VM: add "vm_mmap(...	303	error = vm_mmap(file, start_addr, ex.a_text + ex.a_data,
1da177e4c Linus Torvalds Linux-2.6.12-rc2	304 305 306	PROT_READ \| PROT_WRITE \| PROT_EXEC, MAP_FIXED \| MAP_PRIVATE \| MAP_DENYWRITE, N_TXTOFF(ex));
1da177e4c Linus Torvalds Linux-2.6.12-rc2	307 308 309 310 311 312 313	retval = error; if (error != start_addr) goto out; len = PAGE_ALIGN(ex.a_text + ex.a_data); bss = ex.a_text + ex.a_data + ex.a_bss; if (bss > len) {
5d22fc25d Linus Torvalds mm: remove more I...	314 315	retval = vm_brk(start_addr + len, bss - len); if (retval)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	316 317 318 319 320 321 322 323 324	goto out; } retval = 0; out: return retval; } static int __init init_aout_binfmt(void) {
8fc3dc5a3 Al Viro __register_binfmt...	325 326	register_binfmt(&aout_format); return 0;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	327 328 329 330 331 332 333 334 335 336	} static void __exit exit_aout_binfmt(void) { unregister_binfmt(&aout_format); } core_initcall(init_aout_binfmt); module_exit(exit_aout_binfmt); MODULE_LICENSE("GPL");