Blame view
fs/exec.c
49.1 KB
457c89965 treewide: Add SPD... |
1 |
// SPDX-License-Identifier: GPL-2.0-only |
1da177e4c Linux-2.6.12-rc2 |
2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 |
/* * linux/fs/exec.c * * Copyright (C) 1991, 1992 Linus Torvalds */ /* * #!-checking implemented by tytso. */ /* * Demand-loading implemented 01.12.91 - no need to read anything but * the header into memory. The inode of the executable is put into * "current->executable", and page faults do the actual loading. Clean. * * Once more I can proudly say that linux stood up to being changed: it * was less than 2 hours work to get demand-loading completely implemented. * * Demand loading changed July 1993 by Eric Youngdale. Use mmap instead, * current->executable is only used by the procfs. This allows a dispatch * table to check for several different types of binary formats. We keep * trying until we recognize the file or we run out of supported binary |
613cc2b6f fs: exec: apply C... |
23 |
* formats. |
1da177e4c Linux-2.6.12-rc2 |
24 |
*/ |
b89999d00 fs/kernel_read_fi... |
25 |
#include <linux/kernel_read_file.h> |
1da177e4c Linux-2.6.12-rc2 |
26 27 |
#include <linux/slab.h> #include <linux/file.h> |
9f3acc314 [PATCH] split lin... |
28 |
#include <linux/fdtable.h> |
ba92a43db exec: remove some... |
29 |
#include <linux/mm.h> |
615d6e875 mm: per-thread vm... |
30 |
#include <linux/vmacache.h> |
1da177e4c Linux-2.6.12-rc2 |
31 32 |
#include <linux/stat.h> #include <linux/fcntl.h> |
ba92a43db exec: remove some... |
33 |
#include <linux/swap.h> |
74aadce98 core_pattern: all... |
34 |
#include <linux/string.h> |
1da177e4c Linux-2.6.12-rc2 |
35 |
#include <linux/init.h> |
6e84f3152 sched/headers: Pr... |
36 |
#include <linux/sched/mm.h> |
f7ccbae45 sched/headers: Pr... |
37 |
#include <linux/sched/coredump.h> |
3f07c0144 sched/headers: Pr... |
38 |
#include <linux/sched/signal.h> |
6a3827d75 sched/headers: Pr... |
39 |
#include <linux/sched/numa_balancing.h> |
299300258 sched/headers: Pr... |
40 |
#include <linux/sched/task.h> |
ca5b172bd exec: include pag... |
41 |
#include <linux/pagemap.h> |
cdd6c482c perf: Do the big ... |
42 |
#include <linux/perf_event.h> |
1da177e4c Linux-2.6.12-rc2 |
43 44 45 46 47 |
#include <linux/highmem.h> #include <linux/spinlock.h> #include <linux/key.h> #include <linux/personality.h> #include <linux/binfmts.h> |
1da177e4c Linux-2.6.12-rc2 |
48 |
#include <linux/utsname.h> |
84d737866 [PATCH] add child... |
49 |
#include <linux/pid_namespace.h> |
1da177e4c Linux-2.6.12-rc2 |
50 51 |
#include <linux/module.h> #include <linux/namei.h> |
1da177e4c Linux-2.6.12-rc2 |
52 53 54 |
#include <linux/mount.h> #include <linux/security.h> #include <linux/syscalls.h> |
8f0ab5147 [PATCH] csa: conv... |
55 |
#include <linux/tsacct_kern.h> |
9f46080c4 [PATCH] Process E... |
56 |
#include <linux/cn_proc.h> |
473ae30bc [PATCH] execve ar... |
57 |
#include <linux/audit.h> |
6341c393f tracehook: exec |
58 |
#include <linux/tracehook.h> |
5f4123be3 remove CONFIG_KMO... |
59 |
#include <linux/kmod.h> |
6110e3abb sys_execve and sy... |
60 |
#include <linux/fsnotify.h> |
5ad4e53bd Get rid of indire... |
61 |
#include <linux/fs_struct.h> |
3d5992d2a oom: add per-mm o... |
62 |
#include <linux/oom.h> |
0e028465d exec: unify do_ex... |
63 |
#include <linux/compat.h> |
b44a7dfc6 vfs: define a gen... |
64 |
#include <linux/vmalloc.h> |
0f2122045 io_uring: don't r... |
65 |
#include <linux/io_uring.h> |
1da177e4c Linux-2.6.12-rc2 |
66 |
|
7c0f6ba68 Replace <asm/uacc... |
67 |
#include <linux/uaccess.h> |
1da177e4c Linux-2.6.12-rc2 |
68 |
#include <asm/mmu_context.h> |
b6a2fea39 mm: variable leng... |
69 |
#include <asm/tlb.h> |
43d2b1132 tracepoint: add t... |
70 71 |
#include <trace/events/task.h> |
a6f76f23d CRED: Make execve... |
72 |
#include "internal.h" |
1da177e4c Linux-2.6.12-rc2 |
73 |
|
4ff16c25e tracepoint, vfs, ... |
74 |
#include <trace/events/sched.h> |
56305aa9b exec: Compute fil... |
75 |
static int bprm_creds_from_file(struct linux_binprm *bprm); |
d6e711448 [PATCH] setuid co... |
76 |
int suid_dumpable = 0; |
e4dc1b14d Use list_head in ... |
77 |
static LIST_HEAD(formats); |
1da177e4c Linux-2.6.12-rc2 |
78 |
static DEFINE_RWLOCK(binfmt_lock); |
8fc3dc5a3 __register_binfmt... |
79 |
void __register_binfmt(struct linux_binfmt * fmt, int insert) |
1da177e4c Linux-2.6.12-rc2 |
80 |
{ |
8fc3dc5a3 __register_binfmt... |
81 |
BUG_ON(!fmt); |
92eaa565a exec: kill ->load... |
82 83 |
if (WARN_ON(!fmt->load_binary)) return; |
1da177e4c Linux-2.6.12-rc2 |
84 |
write_lock(&binfmt_lock); |
74641f584 alpha: binfmt_aou... |
85 86 |
insert ? list_add(&fmt->lh, &formats) : list_add_tail(&fmt->lh, &formats); |
1da177e4c Linux-2.6.12-rc2 |
87 |
write_unlock(&binfmt_lock); |
1da177e4c Linux-2.6.12-rc2 |
88 |
} |
74641f584 alpha: binfmt_aou... |
89 |
EXPORT_SYMBOL(__register_binfmt); |
1da177e4c Linux-2.6.12-rc2 |
90 |
|
f6b450d48 Make unregister_b... |
91 |
void unregister_binfmt(struct linux_binfmt * fmt) |
1da177e4c Linux-2.6.12-rc2 |
92 |
{ |
1da177e4c Linux-2.6.12-rc2 |
93 |
write_lock(&binfmt_lock); |
e4dc1b14d Use list_head in ... |
94 |
list_del(&fmt->lh); |
1da177e4c Linux-2.6.12-rc2 |
95 |
write_unlock(&binfmt_lock); |
1da177e4c Linux-2.6.12-rc2 |
96 97 98 99 100 101 102 103 |
} EXPORT_SYMBOL(unregister_binfmt); static inline void put_binfmt(struct linux_binfmt * fmt) { module_put(fmt->module); } |
90f8572b0 vfs: Commit to ne... |
104 105 106 107 108 |
bool path_noexec(const struct path *path) { return (path->mnt->mnt_flags & MNT_NOEXEC) || (path->mnt->mnt_sb->s_iflags & SB_I_NOEXEC); } |
69369a700 fs, kernel: permi... |
109 |
#ifdef CONFIG_USELIB |
1da177e4c Linux-2.6.12-rc2 |
110 111 112 113 114 115 |
/* * Note that a shared library must be both readable and executable due to * security reasons. * * Also note that we take the address to load from from the file itself. */ |
1e7bfb213 [CVE-2009-0029] S... |
116 |
SYSCALL_DEFINE1(uselib, const char __user *, library) |
1da177e4c Linux-2.6.12-rc2 |
117 |
{ |
72c2d5319 file->f_op is nev... |
118 |
struct linux_binfmt *fmt; |
964bd1836 [PATCH] get rid o... |
119 |
struct file *file; |
91a27b2a7 vfs: define struc... |
120 |
struct filename *tmp = getname(library); |
964bd1836 [PATCH] get rid o... |
121 |
int error = PTR_ERR(tmp); |
47c805dc2 switch do_filp_op... |
122 123 |
static const struct open_flags uselib_flags = { .open_flag = O_LARGEFILE | O_RDONLY | __FMODE_EXEC, |
62fb4a155 don't carry MAY_O... |
124 |
.acc_mode = MAY_READ | MAY_EXEC, |
f9652e10c allow build_open_... |
125 126 |
.intent = LOOKUP_OPEN, .lookup_flags = LOOKUP_FOLLOW, |
47c805dc2 switch do_filp_op... |
127 |
}; |
964bd1836 [PATCH] get rid o... |
128 |
|
6e8341a11 Switch open_exec(... |
129 130 |
if (IS_ERR(tmp)) goto out; |
f9652e10c allow build_open_... |
131 |
file = do_filp_open(AT_FDCWD, tmp, &uselib_flags); |
6e8341a11 Switch open_exec(... |
132 133 134 |
putname(tmp); error = PTR_ERR(file); if (IS_ERR(file)) |
1da177e4c Linux-2.6.12-rc2 |
135 |
goto out; |
633fb6ac3 exec: move S_ISRE... |
136 137 138 139 140 |
/* * may_open() has already checked for this, so it should be * impossible to trip now. But we need to be extra cautious * and check again at the very end too. */ |
db19c91c3 exec: change usel... |
141 |
error = -EACCES; |
0fd338b2d exec: move path_n... |
142 143 |
if (WARN_ON_ONCE(!S_ISREG(file_inode(file)->i_mode) || path_noexec(&file->f_path))) |
6146f0d5e integrity: IMA hooks |
144 |
goto exit; |
1da177e4c Linux-2.6.12-rc2 |
145 |
|
2a12a9d78 fsnotify: pass a ... |
146 |
fsnotify_open(file); |
6110e3abb sys_execve and sy... |
147 |
|
1da177e4c Linux-2.6.12-rc2 |
148 |
error = -ENOEXEC; |
1da177e4c Linux-2.6.12-rc2 |
149 |
|
72c2d5319 file->f_op is nev... |
150 151 152 153 154 155 |
read_lock(&binfmt_lock); list_for_each_entry(fmt, &formats, lh) { if (!fmt->load_shlib) continue; if (!try_module_get(fmt->module)) continue; |
1da177e4c Linux-2.6.12-rc2 |
156 |
read_unlock(&binfmt_lock); |
72c2d5319 file->f_op is nev... |
157 158 159 160 161 |
error = fmt->load_shlib(file); read_lock(&binfmt_lock); put_binfmt(fmt); if (error != -ENOEXEC) break; |
1da177e4c Linux-2.6.12-rc2 |
162 |
} |
72c2d5319 file->f_op is nev... |
163 |
read_unlock(&binfmt_lock); |
6e8341a11 Switch open_exec(... |
164 |
exit: |
1da177e4c Linux-2.6.12-rc2 |
165 166 167 |
fput(file); out: return error; |
1da177e4c Linux-2.6.12-rc2 |
168 |
} |
69369a700 fs, kernel: permi... |
169 |
#endif /* #ifdef CONFIG_USELIB */ |
1da177e4c Linux-2.6.12-rc2 |
170 |
|
b6a2fea39 mm: variable leng... |
171 |
#ifdef CONFIG_MMU |
ae6b585ee exec: document ac... |
172 173 174 175 176 177 |
/* * The nascent bprm->mm is not visible until exec_mmap() but it can * use a lot of memory, account these pages in current->mm temporary * for oom_badness()->get_mm_rss(). Once exec succeeds or fails, we * change the counter back via acct_arg_size(0). */ |
0e028465d exec: unify do_ex... |
178 |
static void acct_arg_size(struct linux_binprm *bprm, unsigned long pages) |
3c77f8457 exec: make argv/e... |
179 180 181 182 183 184 185 186 |
{ struct mm_struct *mm = current->mm; long diff = (long)(pages - bprm->vma_pages); if (!mm || !diff) return; bprm->vma_pages = pages; |
3c77f8457 exec: make argv/e... |
187 |
add_mm_counter(mm, MM_ANONPAGES, diff); |
3c77f8457 exec: make argv/e... |
188 |
} |
0e028465d exec: unify do_ex... |
189 |
static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, |
b6a2fea39 mm: variable leng... |
190 191 192 193 |
int write) { struct page *page; int ret; |
9beae1ea8 mm: replace get_u... |
194 |
unsigned int gup_flags = FOLL_FORCE; |
b6a2fea39 mm: variable leng... |
195 196 197 |
#ifdef CONFIG_STACK_GROWSUP if (write) { |
d05f3169c mm: make expand_d... |
198 |
ret = expand_downwards(bprm->vma, pos); |
b6a2fea39 mm: variable leng... |
199 200 201 202 |
if (ret < 0) return NULL; } #endif |
9beae1ea8 mm: replace get_u... |
203 204 205 |
if (write) gup_flags |= FOLL_WRITE; |
1e9877902 mm/gup: Introduce... |
206 207 208 209 |
/* * We are doing an exec(). 'current' is the process * doing the exec and bprm->mm is the new process's mm. */ |
64019a2e4 mm/gup: remove ta... |
210 |
ret = get_user_pages_remote(bprm->mm, pos, 1, gup_flags, |
5b56d49fc mm: add locked pa... |
211 |
&page, NULL, NULL); |
b6a2fea39 mm: variable leng... |
212 213 |
if (ret <= 0) return NULL; |
655c16a8c exec: separate MM... |
214 215 |
if (write) acct_arg_size(bprm, vma_pages(bprm->vma)); |
b6a2fea39 mm: variable leng... |
216 217 218 219 220 221 222 223 |
return page; } static void put_arg_page(struct page *page) { put_page(page); } |
b6a2fea39 mm: variable leng... |
224 225 226 227 228 229 230 231 232 233 234 235 |
static void free_arg_pages(struct linux_binprm *bprm) { } static void flush_arg_page(struct linux_binprm *bprm, unsigned long pos, struct page *page) { flush_cache_page(bprm->vma, pos, page_to_pfn(page)); } static int __bprm_mm_init(struct linux_binprm *bprm) { |
eaccbfa56 fs/exec.c:__bprm_... |
236 |
int err; |
b6a2fea39 mm: variable leng... |
237 238 |
struct vm_area_struct *vma = NULL; struct mm_struct *mm = bprm->mm; |
490fc0538 mm: make vm_area_... |
239 |
bprm->vma = vma = vm_area_alloc(mm); |
b6a2fea39 mm: variable leng... |
240 |
if (!vma) |
eaccbfa56 fs/exec.c:__bprm_... |
241 |
return -ENOMEM; |
bfd40eaff mm: fix vma_is_an... |
242 |
vma_set_anonymous(vma); |
b6a2fea39 mm: variable leng... |
243 |
|
d8ed45c5d mmap locking API:... |
244 |
if (mmap_write_lock_killable(mm)) { |
f268dfe90 exec: make exec p... |
245 246 247 |
err = -EINTR; goto err_free; } |
b6a2fea39 mm: variable leng... |
248 249 250 251 252 253 254 |
/* * Place the stack at the largest stack address the architecture * supports. Later, we'll move this to an appropriate place. We don't * use STACK_TOP because that can depend on attributes which aren't * configured yet. */ |
aacb3d17a fs/exec.c: use BU... |
255 |
BUILD_BUG_ON(VM_STACK_FLAGS & VM_STACK_INCOMPLETE_SETUP); |
b6a2fea39 mm: variable leng... |
256 257 |
vma->vm_end = STACK_TOP_MAX; vma->vm_start = vma->vm_end - PAGE_SIZE; |
d9104d1ca mm: track vma cha... |
258 |
vma->vm_flags = VM_SOFTDIRTY | VM_STACK_FLAGS | VM_STACK_INCOMPLETE_SETUP; |
3ed75eb8f setup vma->vm_pag... |
259 |
vma->vm_page_prot = vm_get_page_prot(vma->vm_flags); |
462e635e5 install_special_m... |
260 |
|
b6a2fea39 mm: variable leng... |
261 |
err = insert_vm_struct(mm, vma); |
eaccbfa56 fs/exec.c:__bprm_... |
262 |
if (err) |
b6a2fea39 mm: variable leng... |
263 |
goto err; |
b6a2fea39 mm: variable leng... |
264 265 |
mm->stack_vm = mm->total_vm = 1; |
d8ed45c5d mmap locking API:... |
266 |
mmap_write_unlock(mm); |
b6a2fea39 mm: variable leng... |
267 |
bprm->p = vma->vm_end - sizeof(void *); |
b6a2fea39 mm: variable leng... |
268 |
return 0; |
b6a2fea39 mm: variable leng... |
269 |
err: |
d8ed45c5d mmap locking API:... |
270 |
mmap_write_unlock(mm); |
f268dfe90 exec: make exec p... |
271 |
err_free: |
eaccbfa56 fs/exec.c:__bprm_... |
272 |
bprm->vma = NULL; |
3928d4f5e mm: use helper fu... |
273 |
vm_area_free(vma); |
b6a2fea39 mm: variable leng... |
274 275 276 277 278 279 280 281 282 |
return err; } static bool valid_arg_len(struct linux_binprm *bprm, long len) { return len <= MAX_ARG_STRLEN; } #else |
0e028465d exec: unify do_ex... |
283 |
static inline void acct_arg_size(struct linux_binprm *bprm, unsigned long pages) |
3c77f8457 exec: make argv/e... |
284 285 |
{ } |
0e028465d exec: unify do_ex... |
286 |
static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, |
b6a2fea39 mm: variable leng... |
287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 |
int write) { struct page *page; page = bprm->page[pos / PAGE_SIZE]; if (!page && write) { page = alloc_page(GFP_HIGHUSER|__GFP_ZERO); if (!page) return NULL; bprm->page[pos / PAGE_SIZE] = page; } return page; } static void put_arg_page(struct page *page) { } static void free_arg_page(struct linux_binprm *bprm, int i) { if (bprm->page[i]) { __free_page(bprm->page[i]); bprm->page[i] = NULL; } } static void free_arg_pages(struct linux_binprm *bprm) { int i; for (i = 0; i < MAX_ARG_PAGES; i++) free_arg_page(bprm, i); } static void flush_arg_page(struct linux_binprm *bprm, unsigned long pos, struct page *page) { } static int __bprm_mm_init(struct linux_binprm *bprm) { bprm->p = PAGE_SIZE * MAX_ARG_PAGES - sizeof(void *); return 0; } static bool valid_arg_len(struct linux_binprm *bprm, long len) { return len <= bprm->p; } #endif /* CONFIG_MMU */ /* * Create a new mm_struct and populate it with a temporary stack * vm_area_struct. We don't have enough context at this point to set the stack * flags, permissions, and offset, so we use temporary values. We'll update * them later in setup_arg_pages(). */ |
9cc64ceaa fs/exec.c: make b... |
346 |
static int bprm_mm_init(struct linux_binprm *bprm) |
b6a2fea39 mm: variable leng... |
347 348 349 350 351 352 353 354 |
{ int err; struct mm_struct *mm = NULL; bprm->mm = mm = mm_alloc(); err = -ENOMEM; if (!mm) goto err; |
c31dbb146 exec: pin stack l... |
355 356 357 358 |
/* Save current stack limit for all calculations made during exec. */ task_lock(current->group_leader); bprm->rlim_stack = current->signal->rlim[RLIMIT_STACK]; task_unlock(current->group_leader); |
b6a2fea39 mm: variable leng... |
359 360 361 362 363 364 365 366 367 368 369 370 371 372 |
err = __bprm_mm_init(bprm); if (err) goto err; return 0; err: if (mm) { bprm->mm = NULL; mmdrop(mm); } return err; } |
ba2d01629 exec: introduce s... |
373 |
struct user_arg_ptr { |
0e028465d exec: unify do_ex... |
374 375 376 377 378 379 |
#ifdef CONFIG_COMPAT bool is_compat; #endif union { const char __user *const __user *native; #ifdef CONFIG_COMPAT |
38b983b34 generic sys_execve() |
380 |
const compat_uptr_t __user *compat; |
0e028465d exec: unify do_ex... |
381 382 |
#endif } ptr; |
ba2d01629 exec: introduce s... |
383 384 385 |
}; static const char __user *get_user_arg_ptr(struct user_arg_ptr argv, int nr) |
1d1dbf813 exec: introduce g... |
386 |
{ |
0e028465d exec: unify do_ex... |
387 388 389 390 391 392 393 394 |
const char __user *native; #ifdef CONFIG_COMPAT if (unlikely(argv.is_compat)) { compat_uptr_t compat; if (get_user(compat, argv.ptr.compat + nr)) return ERR_PTR(-EFAULT); |
1d1dbf813 exec: introduce g... |
395 |
|
0e028465d exec: unify do_ex... |
396 397 398 399 400 |
return compat_ptr(compat); } #endif if (get_user(native, argv.ptr.native + nr)) |
1d1dbf813 exec: introduce g... |
401 |
return ERR_PTR(-EFAULT); |
0e028465d exec: unify do_ex... |
402 |
return native; |
1d1dbf813 exec: introduce g... |
403 |
} |
1da177e4c Linux-2.6.12-rc2 |
404 405 406 |
/* * count() counts the number of strings in array ARGV. */ |
ba2d01629 exec: introduce s... |
407 |
static int count(struct user_arg_ptr argv, int max) |
1da177e4c Linux-2.6.12-rc2 |
408 409 |
{ int i = 0; |
0e028465d exec: unify do_ex... |
410 |
if (argv.ptr.native != NULL) { |
1da177e4c Linux-2.6.12-rc2 |
411 |
for (;;) { |
1d1dbf813 exec: introduce g... |
412 |
const char __user *p = get_user_arg_ptr(argv, i); |
1da177e4c Linux-2.6.12-rc2 |
413 |
|
1da177e4c Linux-2.6.12-rc2 |
414 415 |
if (!p) break; |
1d1dbf813 exec: introduce g... |
416 417 418 |
if (IS_ERR(p)) return -EFAULT; |
6d92d4f6a fs/exec.c: work a... |
419 |
if (i >= max) |
1da177e4c Linux-2.6.12-rc2 |
420 |
return -E2BIG; |
6d92d4f6a fs/exec.c: work a... |
421 |
++i; |
9aea5a65a execve: make resp... |
422 423 424 |
if (fatal_signal_pending(current)) return -ERESTARTNOHAND; |
1da177e4c Linux-2.6.12-rc2 |
425 426 427 428 429 |
cond_resched(); } } return i; } |
be619f7f0 exec: Implement k... |
430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 |
static int count_strings_kernel(const char *const *argv) { int i; if (!argv) return 0; for (i = 0; argv[i]; ++i) { if (i >= MAX_ARG_STRINGS) return -E2BIG; if (fatal_signal_pending(current)) return -ERESTARTNOHAND; cond_resched(); } return i; } |
d8b9cd549 exec: Factor bprm... |
446 |
static int bprm_stack_limits(struct linux_binprm *bprm) |
655c16a8c exec: separate MM... |
447 448 |
{ unsigned long limit, ptr_size; |
655c16a8c exec: separate MM... |
449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 |
/* * Limit to 1/4 of the max stack size or 3/4 of _STK_LIM * (whichever is smaller) for the argv+env strings. * This ensures that: * - the remaining binfmt code will not run out of stack space, * - the program will have a reasonable amount of stack left * to work from. */ limit = _STK_LIM / 4 * 3; limit = min(limit, bprm->rlim_stack.rlim_cur / 4); /* * We've historically supported up to 32 pages (ARG_MAX) * of argument strings even with small stacks */ limit = max_t(unsigned long, limit, ARG_MAX); /* * We must account for the size of all the argv and envp pointers to * the argv and envp strings, since they will also take up space in * the stack. They aren't stored until much later when we can't * signal to the parent that the child has run out of stack space. * Instead, calculate it here so it's possible to fail gracefully. */ ptr_size = (bprm->argc + bprm->envc) * sizeof(void *); if (limit <= ptr_size) return -E2BIG; limit -= ptr_size; bprm->argmin = bprm->p - limit; return 0; } |
1da177e4c Linux-2.6.12-rc2 |
479 |
/* |
b6a2fea39 mm: variable leng... |
480 481 482 |
* 'copy_strings()' copies argument/environment strings from the old * processes's memory to the new process's stack. The call to get_user_pages() * ensures the destination page is created and not swapped out. |
1da177e4c Linux-2.6.12-rc2 |
483 |
*/ |
ba2d01629 exec: introduce s... |
484 |
static int copy_strings(int argc, struct user_arg_ptr argv, |
75c96f858 [PATCH] make some... |
485 |
struct linux_binprm *bprm) |
1da177e4c Linux-2.6.12-rc2 |
486 487 488 |
{ struct page *kmapped_page = NULL; char *kaddr = NULL; |
b6a2fea39 mm: variable leng... |
489 |
unsigned long kpos = 0; |
1da177e4c Linux-2.6.12-rc2 |
490 491 492 |
int ret; while (argc-- > 0) { |
d7627467b Make do_execve() ... |
493 |
const char __user *str; |
1da177e4c Linux-2.6.12-rc2 |
494 495 |
int len; unsigned long pos; |
1d1dbf813 exec: introduce g... |
496 497 498 |
ret = -EFAULT; str = get_user_arg_ptr(argv, argc); if (IS_ERR(str)) |
1da177e4c Linux-2.6.12-rc2 |
499 |
goto out; |
1da177e4c Linux-2.6.12-rc2 |
500 |
|
1d1dbf813 exec: introduce g... |
501 502 503 504 505 506 |
len = strnlen_user(str, MAX_ARG_STRLEN); if (!len) goto out; ret = -E2BIG; if (!valid_arg_len(bprm, len)) |
1da177e4c Linux-2.6.12-rc2 |
507 |
goto out; |
1da177e4c Linux-2.6.12-rc2 |
508 |
|
b6a2fea39 mm: variable leng... |
509 |
/* We're going to work our way backwords. */ |
1da177e4c Linux-2.6.12-rc2 |
510 |
pos = bprm->p; |
b6a2fea39 mm: variable leng... |
511 512 |
str += len; bprm->p -= len; |
655c16a8c exec: separate MM... |
513 514 515 516 |
#ifdef CONFIG_MMU if (bprm->p < bprm->argmin) goto out; #endif |
1da177e4c Linux-2.6.12-rc2 |
517 518 |
while (len > 0) { |
1da177e4c Linux-2.6.12-rc2 |
519 |
int offset, bytes_to_copy; |
1da177e4c Linux-2.6.12-rc2 |
520 |
|
9aea5a65a execve: make resp... |
521 522 523 524 |
if (fatal_signal_pending(current)) { ret = -ERESTARTNOHAND; goto out; } |
7993bc1f4 execve: improve i... |
525 |
cond_resched(); |
1da177e4c Linux-2.6.12-rc2 |
526 |
offset = pos % PAGE_SIZE; |
b6a2fea39 mm: variable leng... |
527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 |
if (offset == 0) offset = PAGE_SIZE; bytes_to_copy = offset; if (bytes_to_copy > len) bytes_to_copy = len; offset -= bytes_to_copy; pos -= bytes_to_copy; str -= bytes_to_copy; len -= bytes_to_copy; if (!kmapped_page || kpos != (pos & PAGE_MASK)) { struct page *page; page = get_arg_page(bprm, pos, 1); |
1da177e4c Linux-2.6.12-rc2 |
543 |
if (!page) { |
b6a2fea39 mm: variable leng... |
544 |
ret = -E2BIG; |
1da177e4c Linux-2.6.12-rc2 |
545 546 |
goto out; } |
1da177e4c Linux-2.6.12-rc2 |
547 |
|
b6a2fea39 mm: variable leng... |
548 549 |
if (kmapped_page) { flush_kernel_dcache_page(kmapped_page); |
1da177e4c Linux-2.6.12-rc2 |
550 |
kunmap(kmapped_page); |
b6a2fea39 mm: variable leng... |
551 552 |
put_arg_page(kmapped_page); } |
1da177e4c Linux-2.6.12-rc2 |
553 554 |
kmapped_page = page; kaddr = kmap(kmapped_page); |
b6a2fea39 mm: variable leng... |
555 556 |
kpos = pos & PAGE_MASK; flush_arg_page(bprm, kpos, kmapped_page); |
1da177e4c Linux-2.6.12-rc2 |
557 |
} |
b6a2fea39 mm: variable leng... |
558 |
if (copy_from_user(kaddr+offset, str, bytes_to_copy)) { |
1da177e4c Linux-2.6.12-rc2 |
559 560 561 |
ret = -EFAULT; goto out; } |
1da177e4c Linux-2.6.12-rc2 |
562 563 564 565 |
} } ret = 0; out: |
b6a2fea39 mm: variable leng... |
566 567 |
if (kmapped_page) { flush_kernel_dcache_page(kmapped_page); |
1da177e4c Linux-2.6.12-rc2 |
568 |
kunmap(kmapped_page); |
b6a2fea39 mm: variable leng... |
569 570 |
put_arg_page(kmapped_page); } |
1da177e4c Linux-2.6.12-rc2 |
571 572 573 574 |
return ret; } /* |
986db2d14 exec: simplify th... |
575 |
* Copy and argument/environment string from the kernel to the processes stack. |
1da177e4c Linux-2.6.12-rc2 |
576 |
*/ |
986db2d14 exec: simplify th... |
577 |
int copy_string_kernel(const char *arg, struct linux_binprm *bprm) |
1da177e4c Linux-2.6.12-rc2 |
578 |
{ |
762a3af6f exec: open code c... |
579 580 581 582 583 584 585 586 587 588 589 590 591 |
int len = strnlen(arg, MAX_ARG_STRLEN) + 1 /* terminating NUL */; unsigned long pos = bprm->p; if (len == 0) return -EFAULT; if (!valid_arg_len(bprm, len)) return -E2BIG; /* We're going to work our way backwards. */ arg += len; bprm->p -= len; if (IS_ENABLED(CONFIG_MMU) && bprm->p < bprm->argmin) return -E2BIG; |
ba2d01629 exec: introduce s... |
592 |
|
762a3af6f exec: open code c... |
593 594 595 596 597 |
while (len > 0) { unsigned int bytes_to_copy = min_t(unsigned int, len, min_not_zero(offset_in_page(pos), PAGE_SIZE)); struct page *page; char *kaddr; |
ba2d01629 exec: introduce s... |
598 |
|
762a3af6f exec: open code c... |
599 600 601 |
pos -= bytes_to_copy; arg -= bytes_to_copy; len -= bytes_to_copy; |
ba2d01629 exec: introduce s... |
602 |
|
762a3af6f exec: open code c... |
603 604 605 606 607 608 609 610 611 612 613 614 |
page = get_arg_page(bprm, pos, 1); if (!page) return -E2BIG; kaddr = kmap_atomic(page); flush_arg_page(bprm, pos & PAGE_MASK, page); memcpy(kaddr + offset_in_page(pos), arg, bytes_to_copy); flush_kernel_dcache_page(page); kunmap_atomic(kaddr); put_arg_page(page); } return 0; |
1da177e4c Linux-2.6.12-rc2 |
615 |
} |
986db2d14 exec: simplify th... |
616 |
EXPORT_SYMBOL(copy_string_kernel); |
1da177e4c Linux-2.6.12-rc2 |
617 |
|
be619f7f0 exec: Implement k... |
618 619 620 621 622 623 624 625 626 627 628 629 630 |
static int copy_strings_kernel(int argc, const char *const *argv, struct linux_binprm *bprm) { while (argc-- > 0) { int ret = copy_string_kernel(argv[argc], bprm); if (ret < 0) return ret; if (fatal_signal_pending(current)) return -ERESTARTNOHAND; cond_resched(); } return 0; } |
1da177e4c Linux-2.6.12-rc2 |
631 |
#ifdef CONFIG_MMU |
b6a2fea39 mm: variable leng... |
632 |
|
1da177e4c Linux-2.6.12-rc2 |
633 |
/* |
b6a2fea39 mm: variable leng... |
634 635 636 |
* During bprm_mm_init(), we create a temporary stack at STACK_TOP_MAX. Once * the binfmt code determines where the new stack should reside, we shift it to * its final location. The process proceeds as follows: |
1da177e4c Linux-2.6.12-rc2 |
637 |
* |
b6a2fea39 mm: variable leng... |
638 639 640 641 642 643 |
* 1) Use shift to calculate the new vma endpoints. * 2) Extend vma to cover both the old and new ranges. This ensures the * arguments passed to subsequent functions are consistent. * 3) Move vma's page tables to the new range. * 4) Free up any cleared pgd range. * 5) Shrink the vma to cover only the new range. |
1da177e4c Linux-2.6.12-rc2 |
644 |
*/ |
b6a2fea39 mm: variable leng... |
645 |
static int shift_arg_pages(struct vm_area_struct *vma, unsigned long shift) |
1da177e4c Linux-2.6.12-rc2 |
646 647 |
{ struct mm_struct *mm = vma->vm_mm; |
b6a2fea39 mm: variable leng... |
648 649 650 651 652 |
unsigned long old_start = vma->vm_start; unsigned long old_end = vma->vm_end; unsigned long length = old_end - old_start; unsigned long new_start = old_start - shift; unsigned long new_end = old_end - shift; |
d16dfc550 mm: mmu_gather re... |
653 |
struct mmu_gather tlb; |
1da177e4c Linux-2.6.12-rc2 |
654 |
|
b6a2fea39 mm: variable leng... |
655 |
BUG_ON(new_start > new_end); |
1da177e4c Linux-2.6.12-rc2 |
656 |
|
b6a2fea39 mm: variable leng... |
657 658 659 660 661 662 663 664 665 666 |
/* * ensure there are no vmas between where we want to go * and where we are */ if (vma != find_vma(mm, new_start)) return -EFAULT; /* * cover the whole range: [new_start, old_end) */ |
5beb49305 mm: change anon_v... |
667 668 |
if (vma_adjust(vma, new_start, old_end, vma->vm_pgoff, NULL)) return -ENOMEM; |
b6a2fea39 mm: variable leng... |
669 670 671 672 673 674 |
/* * move the page tables downwards, on failure we rely on * process cleanup to remove whatever mess we made. */ if (length != move_page_tables(vma, old_start, |
38a76013a mm: avoid taking ... |
675 |
vma, new_start, length, false)) |
b6a2fea39 mm: variable leng... |
676 677 678 |
return -ENOMEM; lru_add_drain(); |
2b047252d Fix TLB gather vi... |
679 |
tlb_gather_mmu(&tlb, mm, old_start, old_end); |
b6a2fea39 mm: variable leng... |
680 681 682 683 |
if (new_end > old_start) { /* * when the old and new regions overlap clear from new_end. */ |
d16dfc550 mm: mmu_gather re... |
684 |
free_pgd_range(&tlb, new_end, old_end, new_end, |
6ee8630e0 mm: allow arch co... |
685 |
vma->vm_next ? vma->vm_next->vm_start : USER_PGTABLES_CEILING); |
b6a2fea39 mm: variable leng... |
686 687 688 689 690 691 692 |
} else { /* * otherwise, clean from old_start; this is done to not touch * the address space in [new_end, old_start) some architectures * have constraints on va-space that make this illegal (IA64) - * for the others its just a little faster. */ |
d16dfc550 mm: mmu_gather re... |
693 |
free_pgd_range(&tlb, old_start, old_end, new_end, |
6ee8630e0 mm: allow arch co... |
694 |
vma->vm_next ? vma->vm_next->vm_start : USER_PGTABLES_CEILING); |
1da177e4c Linux-2.6.12-rc2 |
695 |
} |
2b047252d Fix TLB gather vi... |
696 |
tlb_finish_mmu(&tlb, old_start, old_end); |
b6a2fea39 mm: variable leng... |
697 698 |
/* |
5beb49305 mm: change anon_v... |
699 |
* Shrink the vma to just the new range. Always succeeds. |
b6a2fea39 mm: variable leng... |
700 701 702 703 |
*/ vma_adjust(vma, new_start, new_end, vma->vm_pgoff, NULL); return 0; |
1da177e4c Linux-2.6.12-rc2 |
704 |
} |
b6a2fea39 mm: variable leng... |
705 706 707 708 |
/* * Finalizes the stack vm_area_struct. The flags and permissions are updated, * the stack is optionally relocated, and some extra space is added. */ |
1da177e4c Linux-2.6.12-rc2 |
709 710 711 712 |
int setup_arg_pages(struct linux_binprm *bprm, unsigned long stack_top, int executable_stack) { |
b6a2fea39 mm: variable leng... |
713 714 |
unsigned long ret; unsigned long stack_shift; |
1da177e4c Linux-2.6.12-rc2 |
715 |
struct mm_struct *mm = current->mm; |
b6a2fea39 mm: variable leng... |
716 717 718 719 |
struct vm_area_struct *vma = bprm->vma; struct vm_area_struct *prev = NULL; unsigned long vm_flags; unsigned long stack_base; |
803bf5ec2 fs/exec.c: restri... |
720 721 722 |
unsigned long stack_size; unsigned long stack_expand; unsigned long rlim_stack; |
1da177e4c Linux-2.6.12-rc2 |
723 724 |
#ifdef CONFIG_STACK_GROWSUP |
d71f290b4 metag: Reduce max... |
725 |
/* Limit stack size */ |
c31dbb146 exec: pin stack l... |
726 |
stack_base = bprm->rlim_stack.rlim_max; |
d71f290b4 metag: Reduce max... |
727 728 |
if (stack_base > STACK_SIZE_MAX) stack_base = STACK_SIZE_MAX; |
1da177e4c Linux-2.6.12-rc2 |
729 |
|
d045c77c1 parisc,metag: Fix... |
730 731 |
/* Add space for stack randomization. */ stack_base += (STACK_RND_MASK << PAGE_SHIFT); |
b6a2fea39 mm: variable leng... |
732 733 734 |
/* Make sure we didn't let the argument array grow too large. */ if (vma->vm_end - vma->vm_start > stack_base) return -ENOMEM; |
1da177e4c Linux-2.6.12-rc2 |
735 |
|
b6a2fea39 mm: variable leng... |
736 |
stack_base = PAGE_ALIGN(stack_top - stack_base); |
1da177e4c Linux-2.6.12-rc2 |
737 |
|
b6a2fea39 mm: variable leng... |
738 739 740 |
stack_shift = vma->vm_start - stack_base; mm->arg_start = bprm->p - stack_shift; bprm->p = vma->vm_end - stack_shift; |
1da177e4c Linux-2.6.12-rc2 |
741 |
#else |
b6a2fea39 mm: variable leng... |
742 743 |
stack_top = arch_align_stack(stack_top); stack_top = PAGE_ALIGN(stack_top); |
1b528181b setup_arg_pages: ... |
744 745 746 747 |
if (unlikely(stack_top < mmap_min_addr) || unlikely(vma->vm_end - vma->vm_start >= stack_top - mmap_min_addr)) return -ENOMEM; |
b6a2fea39 mm: variable leng... |
748 749 750 |
stack_shift = vma->vm_end - stack_top; bprm->p -= stack_shift; |
1da177e4c Linux-2.6.12-rc2 |
751 |
mm->arg_start = bprm->p; |
1da177e4c Linux-2.6.12-rc2 |
752 |
#endif |
1da177e4c Linux-2.6.12-rc2 |
753 |
if (bprm->loader) |
b6a2fea39 mm: variable leng... |
754 755 |
bprm->loader -= stack_shift; bprm->exec -= stack_shift; |
1da177e4c Linux-2.6.12-rc2 |
756 |
|
d8ed45c5d mmap locking API:... |
757 |
if (mmap_write_lock_killable(mm)) |
f268dfe90 exec: make exec p... |
758 |
return -EINTR; |
96a8e13ed exec: fix stack e... |
759 |
vm_flags = VM_STACK_FLAGS; |
b6a2fea39 mm: variable leng... |
760 761 762 763 764 765 766 767 768 769 770 |
/* * Adjust stack execute permissions; explicitly enable for * EXSTACK_ENABLE_X, disable for EXSTACK_DISABLE_X and leave alone * (arch default) otherwise. */ if (unlikely(executable_stack == EXSTACK_ENABLE_X)) vm_flags |= VM_EXEC; else if (executable_stack == EXSTACK_DISABLE_X) vm_flags &= ~VM_EXEC; vm_flags |= mm->def_flags; |
a8bef8ff6 mm: migration: av... |
771 |
vm_flags |= VM_STACK_INCOMPLETE_SETUP; |
b6a2fea39 mm: variable leng... |
772 773 774 775 776 777 |
ret = mprotect_fixup(vma, &prev, vma->vm_start, vma->vm_end, vm_flags); if (ret) goto out_unlock; BUG_ON(prev != vma); |
47a2ebb7f execve: warn if p... |
778 779 780 781 782 |
if (unlikely(vm_flags & VM_EXEC)) { pr_warn_once("process '%pD4' started with executable stack ", bprm->file); } |
b6a2fea39 mm: variable leng... |
783 784 785 |
/* Move stack pages down in memory. */ if (stack_shift) { ret = shift_arg_pages(vma, stack_shift); |
fc63cf237 exec: setup_arg_p... |
786 787 |
if (ret) goto out_unlock; |
1da177e4c Linux-2.6.12-rc2 |
788 |
} |
a8bef8ff6 mm: migration: av... |
789 790 |
/* mprotect_fixup is overkill to remove the temporary stack flags */ vma->vm_flags &= ~VM_STACK_INCOMPLETE_SETUP; |
5ef097dd7 exec: create init... |
791 |
stack_expand = 131072UL; /* randomly 32*4k (or 2*64k) pages */ |
803bf5ec2 fs/exec.c: restri... |
792 793 794 795 796 |
stack_size = vma->vm_end - vma->vm_start; /* * Align this down to a page boundary as expand_stack * will align it up. */ |
c31dbb146 exec: pin stack l... |
797 |
rlim_stack = bprm->rlim_stack.rlim_cur & PAGE_MASK; |
b6a2fea39 mm: variable leng... |
798 |
#ifdef CONFIG_STACK_GROWSUP |
803bf5ec2 fs/exec.c: restri... |
799 800 801 802 |
if (stack_size + stack_expand > rlim_stack) stack_base = vma->vm_start + rlim_stack; else stack_base = vma->vm_end + stack_expand; |
b6a2fea39 mm: variable leng... |
803 |
#else |
803bf5ec2 fs/exec.c: restri... |
804 805 806 807 |
if (stack_size + stack_expand > rlim_stack) stack_base = vma->vm_end - rlim_stack; else stack_base = vma->vm_start - stack_expand; |
b6a2fea39 mm: variable leng... |
808 |
#endif |
3af9e8592 perf: Add non-exe... |
809 |
current->mm->start_stack = bprm->p; |
b6a2fea39 mm: variable leng... |
810 811 812 813 814 |
ret = expand_stack(vma, stack_base); if (ret) ret = -EFAULT; out_unlock: |
d8ed45c5d mmap locking API:... |
815 |
mmap_write_unlock(mm); |
fc63cf237 exec: setup_arg_p... |
816 |
return ret; |
1da177e4c Linux-2.6.12-rc2 |
817 |
} |
1da177e4c Linux-2.6.12-rc2 |
818 |
EXPORT_SYMBOL(setup_arg_pages); |
7e7ec6a93 elf_fdpic_transfe... |
819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 |
#else /* * Transfer the program arguments and environment from the holding pages * onto the stack. The provided stack pointer is adjusted accordingly. */ int transfer_args_to_stack(struct linux_binprm *bprm, unsigned long *sp_location) { unsigned long index, stop, sp; int ret = 0; stop = bprm->p >> PAGE_SHIFT; sp = *sp_location; for (index = MAX_ARG_PAGES - 1; index >= stop; index--) { unsigned int offset = index == stop ? bprm->p & ~PAGE_MASK : 0; char *src = kmap(bprm->page[index]) + offset; sp -= PAGE_SIZE - offset; if (copy_to_user((void *) sp, src, PAGE_SIZE - offset) != 0) ret = -EFAULT; kunmap(bprm->page[index]); if (ret) goto out; } *sp_location = sp; out: return ret; } EXPORT_SYMBOL(transfer_args_to_stack); |
1da177e4c Linux-2.6.12-rc2 |
851 |
#endif /* CONFIG_MMU */ |
51f39a1f0 syscalls: impleme... |
852 |
static struct file *do_open_execat(int fd, struct filename *name, int flags) |
1da177e4c Linux-2.6.12-rc2 |
853 |
{ |
1da177e4c Linux-2.6.12-rc2 |
854 |
struct file *file; |
e56b6a5dd Re: [PATCH 3/6] v... |
855 |
int err; |
51f39a1f0 syscalls: impleme... |
856 |
struct open_flags open_exec_flags = { |
47c805dc2 switch do_filp_op... |
857 |
.open_flag = O_LARGEFILE | O_RDONLY | __FMODE_EXEC, |
62fb4a155 don't carry MAY_O... |
858 |
.acc_mode = MAY_EXEC, |
f9652e10c allow build_open_... |
859 860 |
.intent = LOOKUP_OPEN, .lookup_flags = LOOKUP_FOLLOW, |
47c805dc2 switch do_filp_op... |
861 |
}; |
1da177e4c Linux-2.6.12-rc2 |
862 |
|
51f39a1f0 syscalls: impleme... |
863 864 865 866 867 868 869 870 |
if ((flags & ~(AT_SYMLINK_NOFOLLOW | AT_EMPTY_PATH)) != 0) return ERR_PTR(-EINVAL); if (flags & AT_SYMLINK_NOFOLLOW) open_exec_flags.lookup_flags &= ~LOOKUP_FOLLOW; if (flags & AT_EMPTY_PATH) open_exec_flags.lookup_flags |= LOOKUP_EMPTY; file = do_filp_open(fd, name, &open_exec_flags); |
6e8341a11 Switch open_exec(... |
871 |
if (IS_ERR(file)) |
e56b6a5dd Re: [PATCH 3/6] v... |
872 |
goto out; |
633fb6ac3 exec: move S_ISRE... |
873 874 875 876 877 |
/* * may_open() has already checked for this, so it should be * impossible to trip now. But we need to be extra cautious * and check again at the very end too. */ |
e56b6a5dd Re: [PATCH 3/6] v... |
878 |
err = -EACCES; |
0fd338b2d exec: move path_n... |
879 880 |
if (WARN_ON_ONCE(!S_ISREG(file_inode(file)->i_mode) || path_noexec(&file->f_path))) |
6e8341a11 Switch open_exec(... |
881 |
goto exit; |
e56b6a5dd Re: [PATCH 3/6] v... |
882 883 |
err = deny_write_access(file); |
6e8341a11 Switch open_exec(... |
884 885 |
if (err) goto exit; |
1da177e4c Linux-2.6.12-rc2 |
886 |
|
51f39a1f0 syscalls: impleme... |
887 888 |
if (name->name[0] != '\0') fsnotify_open(file); |
6e8341a11 Switch open_exec(... |
889 |
out: |
e56b6a5dd Re: [PATCH 3/6] v... |
890 |
return file; |
6e8341a11 Switch open_exec(... |
891 892 |
exit: fput(file); |
e56b6a5dd Re: [PATCH 3/6] v... |
893 894 |
return ERR_PTR(err); } |
c4ad8f98b execve: use 'stru... |
895 896 897 |
struct file *open_exec(const char *name) { |
516891041 fs: create proper... |
898 899 900 901 902 903 904 905 |
struct filename *filename = getname_kernel(name); struct file *f = ERR_CAST(filename); if (!IS_ERR(filename)) { f = do_open_execat(AT_FDCWD, filename, 0); putname(filename); } return f; |
c4ad8f98b execve: use 'stru... |
906 |
} |
1da177e4c Linux-2.6.12-rc2 |
907 |
EXPORT_SYMBOL(open_exec); |
48304f799 exec: only build ... |
908 909 |
#if defined(CONFIG_HAVE_AOUT) || defined(CONFIG_BINFMT_FLAT) || \ defined(CONFIG_BINFMT_ELF_FDPIC) |
3dc20cb28 new helper: read_... |
910 911 |
ssize_t read_code(struct file *file, unsigned long addr, loff_t pos, size_t len) { |
ec6955798 read_code(): go t... |
912 |
ssize_t res = vfs_read(file, (void __user *)addr, len, &pos); |
3dc20cb28 new helper: read_... |
913 |
if (res > 0) |
bce2b68b8 exec: use flush_i... |
914 |
flush_icache_user_range(addr, addr + len); |
3dc20cb28 new helper: read_... |
915 916 917 |
return res; } EXPORT_SYMBOL(read_code); |
48304f799 exec: only build ... |
918 |
#endif |
3dc20cb28 new helper: read_... |
919 |
|
eea967325 exec: Add exec_up... |
920 921 |
/* * Maps the mm_struct mm into the current task struct. |
ab7709b55 exec: Transform e... |
922 923 |
* On success, this function returns with exec_update_lock * held for writing. |
eea967325 exec: Add exec_up... |
924 |
*/ |
1da177e4c Linux-2.6.12-rc2 |
925 926 927 |
static int exec_mmap(struct mm_struct *mm) { struct task_struct *tsk; |
615d6e875 mm: per-thread vm... |
928 |
struct mm_struct *old_mm, *active_mm; |
eea967325 exec: Add exec_up... |
929 |
int ret; |
1da177e4c Linux-2.6.12-rc2 |
930 931 932 933 |
/* Notify parent that we're no longer interested in the old VM */ tsk = current; old_mm = current->mm; |
4610ba7ad exit/exec: Sepera... |
934 |
exec_mm_release(tsk, old_mm); |
a28bf136e exec: Run sync_mm... |
935 936 |
if (old_mm) sync_mm_rss(old_mm); |
1da177e4c Linux-2.6.12-rc2 |
937 |
|
ab7709b55 exec: Transform e... |
938 |
ret = down_write_killable(&tsk->signal->exec_update_lock); |
eea967325 exec: Add exec_up... |
939 940 |
if (ret) return ret; |
1da177e4c Linux-2.6.12-rc2 |
941 942 943 944 |
if (old_mm) { /* * Make sure that if there is a core dump in progress * for the old mm, we get out and die instead of going |
c1e8d7c6a mmap locking API:... |
945 |
* through with the exec. We must hold mmap_lock around |
999d9fc16 coredump: move mm... |
946 |
* checking core_state and changing tsk->mm. |
1da177e4c Linux-2.6.12-rc2 |
947 |
*/ |
d8ed45c5d mmap locking API:... |
948 |
mmap_read_lock(old_mm); |
999d9fc16 coredump: move mm... |
949 |
if (unlikely(old_mm->core_state)) { |
d8ed45c5d mmap locking API:... |
950 |
mmap_read_unlock(old_mm); |
ab7709b55 exec: Transform e... |
951 |
up_write(&tsk->signal->exec_update_lock); |
1da177e4c Linux-2.6.12-rc2 |
952 953 954 |
return -EINTR; } } |
eea967325 exec: Add exec_up... |
955 |
|
1da177e4c Linux-2.6.12-rc2 |
956 |
task_lock(tsk); |
227a4aadc sched/membarrier:... |
957 |
membarrier_exec_mmap(mm); |
d53c3dfb2 mm: fix exec acti... |
958 959 960 |
local_irq_disable(); active_mm = tsk->active_mm; |
1da177e4c Linux-2.6.12-rc2 |
961 |
tsk->active_mm = mm; |
d53c3dfb2 mm: fix exec acti... |
962 963 964 965 966 967 968 969 970 971 |
tsk->mm = mm; /* * This prevents preemption while active_mm is being loaded and * it and mm are being updated, which could cause problems for * lazy tlb mm refcounting when these are updated by context * switches. Not all architectures can handle irqs off over * activate_mm yet. */ if (!IS_ENABLED(CONFIG_ARCH_WANT_IRQS_OFF_ACTIVATE_MM)) local_irq_enable(); |
1da177e4c Linux-2.6.12-rc2 |
972 |
activate_mm(active_mm, mm); |
d53c3dfb2 mm: fix exec acti... |
973 974 |
if (IS_ENABLED(CONFIG_ARCH_WANT_IRQS_OFF_ACTIVATE_MM)) local_irq_enable(); |
615d6e875 mm: per-thread vm... |
975 976 |
tsk->mm->vmacache_seqnum = 0; vmacache_flush(tsk); |
1da177e4c Linux-2.6.12-rc2 |
977 |
task_unlock(tsk); |
1da177e4c Linux-2.6.12-rc2 |
978 |
if (old_mm) { |
d8ed45c5d mmap locking API:... |
979 |
mmap_read_unlock(old_mm); |
7dddb12c6 BUG_ON() Conversi... |
980 |
BUG_ON(active_mm != old_mm); |
701085b21 exec: move de_thr... |
981 |
setmax_mm_hiwater_rss(&tsk->signal->maxrss, old_mm); |
31a78f23b mm owner: fix rac... |
982 |
mm_update_next_owner(old_mm); |
1da177e4c Linux-2.6.12-rc2 |
983 984 985 986 987 988 |
mmput(old_mm); return 0; } mmdrop(active_mm); return 0; } |
858119e15 [PATCH] Unlinline... |
989 |
static int de_thread(struct task_struct *tsk) |
1da177e4c Linux-2.6.12-rc2 |
990 991 |
{ struct signal_struct *sig = tsk->signal; |
b2c903b87 exec: simplify th... |
992 |
struct sighand_struct *oldsighand = tsk->sighand; |
1da177e4c Linux-2.6.12-rc2 |
993 |
spinlock_t *lock = &oldsighand->siglock; |
1da177e4c Linux-2.6.12-rc2 |
994 |
|
aafe6c2a2 [PATCH] de_thread... |
995 |
if (thread_group_empty(tsk)) |
1da177e4c Linux-2.6.12-rc2 |
996 997 998 999 |
goto no_thread_group; /* * Kill all other threads in the thread group. |
1da177e4c Linux-2.6.12-rc2 |
1000 |
*/ |
1da177e4c Linux-2.6.12-rc2 |
1001 |
spin_lock_irq(lock); |
ed5d2cac1 exec: rework the ... |
1002 |
if (signal_group_exit(sig)) { |
1da177e4c Linux-2.6.12-rc2 |
1003 1004 1005 1006 1007 |
/* * Another group action in progress, just * return so that the signal is processed. */ spin_unlock_irq(lock); |
1da177e4c Linux-2.6.12-rc2 |
1008 1009 |
return -EAGAIN; } |
d344193a0 exit: avoid sig->... |
1010 |
|
ed5d2cac1 exec: rework the ... |
1011 |
sig->group_exit_task = tsk; |
d344193a0 exit: avoid sig->... |
1012 1013 1014 |
sig->notify_count = zap_other_threads(tsk); if (!thread_group_leader(tsk)) sig->notify_count--; |
1da177e4c Linux-2.6.12-rc2 |
1015 |
|
d344193a0 exit: avoid sig->... |
1016 |
while (sig->notify_count) { |
d5bbd43d5 exec: make de_thr... |
1017 |
__set_current_state(TASK_KILLABLE); |
1da177e4c Linux-2.6.12-rc2 |
1018 |
spin_unlock_irq(lock); |
a72173ecf Revert "exec: mak... |
1019 |
schedule(); |
08d405c8b fs/: remove calle... |
1020 |
if (__fatal_signal_pending(tsk)) |
d5bbd43d5 exec: make de_thr... |
1021 |
goto killed; |
1da177e4c Linux-2.6.12-rc2 |
1022 1023 |
spin_lock_irq(lock); } |
1da177e4c Linux-2.6.12-rc2 |
1024 1025 1026 1027 1028 1029 1030 |
spin_unlock_irq(lock); /* * At this point all other threads have exited, all we have to * do is to wait for the thread group leader to become inactive, * and to assume its PID: */ |
aafe6c2a2 [PATCH] de_thread... |
1031 |
if (!thread_group_leader(tsk)) { |
8187926bd posix-timers: sim... |
1032 |
struct task_struct *leader = tsk->group_leader; |
6db840fa7 exec: RT sub-thre... |
1033 |
|
6db840fa7 exec: RT sub-thre... |
1034 |
for (;;) { |
780de9dd2 sched/headers, cg... |
1035 |
cgroup_threadgroup_change_begin(tsk); |
6db840fa7 exec: RT sub-thre... |
1036 |
write_lock_irq(&tasklist_lock); |
dfcce791f fs/exec.c:de_thre... |
1037 1038 1039 1040 1041 |
/* * Do this under tasklist_lock to ensure that * exit_notify() can't miss ->group_exit_task */ sig->notify_count = -1; |
6db840fa7 exec: RT sub-thre... |
1042 1043 |
if (likely(leader->exit_state)) break; |
d5bbd43d5 exec: make de_thr... |
1044 |
__set_current_state(TASK_KILLABLE); |
6db840fa7 exec: RT sub-thre... |
1045 |
write_unlock_irq(&tasklist_lock); |
780de9dd2 sched/headers, cg... |
1046 |
cgroup_threadgroup_change_end(tsk); |
a72173ecf Revert "exec: mak... |
1047 |
schedule(); |
08d405c8b fs/: remove calle... |
1048 |
if (__fatal_signal_pending(tsk)) |
d5bbd43d5 exec: make de_thr... |
1049 |
goto killed; |
6db840fa7 exec: RT sub-thre... |
1050 |
} |
1da177e4c Linux-2.6.12-rc2 |
1051 |
|
f5e902817 [PATCH] process a... |
1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 |
/* * The only record we have of the real-time age of a * process, regardless of execs it's done, is start_time. * All the past CPU time is accumulated in signal_struct * from sister threads now dead. But in this non-leader * exec, nothing survives from the original leader thread, * whose birth marks the true age of this process now. * When we take on its identity by switching to its PID, we * also take its birthdate (always earlier than our own). */ |
aafe6c2a2 [PATCH] de_thread... |
1062 |
tsk->start_time = leader->start_time; |
cf25e24db time: Rename tsk-... |
1063 |
tsk->start_boottime = leader->start_boottime; |
f5e902817 [PATCH] process a... |
1064 |
|
bac0abd61 Isolate some expl... |
1065 |
BUG_ON(!same_thread_group(leader, tsk)); |
1da177e4c Linux-2.6.12-rc2 |
1066 1067 1068 1069 1070 1071 |
/* * An exec() starts a new thread group with the * TGID of the previous thread group. Rehash the * two threads with a switched PID, and release * the former thread group leader: */ |
d73d65293 [PATCH] pidhash: ... |
1072 1073 |
/* Become a process group leader with the old leader's pid. |
c18258c6f [PATCH] pid: Impl... |
1074 |
* The old leader becomes a thread of the this thread group. |
d73d65293 [PATCH] pidhash: ... |
1075 |
*/ |
6b03d1304 proc: Ensure we s... |
1076 |
exchange_tids(tsk, leader); |
6883f81aa pid: Implement PI... |
1077 |
transfer_pid(leader, tsk, PIDTYPE_TGID); |
aafe6c2a2 [PATCH] de_thread... |
1078 1079 |
transfer_pid(leader, tsk, PIDTYPE_PGID); transfer_pid(leader, tsk, PIDTYPE_SID); |
9cd80bbb0 do_wait() optimiz... |
1080 |
|
aafe6c2a2 [PATCH] de_thread... |
1081 |
list_replace_rcu(&leader->tasks, &tsk->tasks); |
9cd80bbb0 do_wait() optimiz... |
1082 |
list_replace_init(&leader->sibling, &tsk->sibling); |
1da177e4c Linux-2.6.12-rc2 |
1083 |
|
aafe6c2a2 [PATCH] de_thread... |
1084 1085 |
tsk->group_leader = tsk; leader->group_leader = tsk; |
de12a7878 [PATCH] de_thread... |
1086 |
|
aafe6c2a2 [PATCH] de_thread... |
1087 |
tsk->exit_signal = SIGCHLD; |
087806b12 redefine thread_g... |
1088 |
leader->exit_signal = -1; |
962b564cf [PATCH] fix do_wa... |
1089 1090 1091 |
BUG_ON(leader->exit_state != EXIT_ZOMBIE); leader->exit_state = EXIT_DEAD; |
eac1b5e57 ptrace: do_wait(t... |
1092 1093 1094 1095 1096 1097 1098 1099 |
/* * We are going to release_task()->ptrace_unlink() silently, * the tracer can sleep in do_wait(). EXIT_DEAD guarantees * the tracer wont't block again waiting for this thread. */ if (unlikely(leader->ptrace)) __wake_up_parent(leader, leader->parent); |
1da177e4c Linux-2.6.12-rc2 |
1100 |
write_unlock_irq(&tasklist_lock); |
780de9dd2 sched/headers, cg... |
1101 |
cgroup_threadgroup_change_end(tsk); |
8187926bd posix-timers: sim... |
1102 1103 |
release_task(leader); |
ed5d2cac1 exec: rework the ... |
1104 |
} |
1da177e4c Linux-2.6.12-rc2 |
1105 |
|
6db840fa7 exec: RT sub-thre... |
1106 1107 |
sig->group_exit_task = NULL; sig->notify_count = 0; |
1da177e4c Linux-2.6.12-rc2 |
1108 1109 |
no_thread_group: |
e63682534 exit_signal: simp... |
1110 1111 |
/* we have changed execution domain */ tsk->exit_signal = SIGCHLD; |
021691559 exec: Factor unsh... |
1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 |
BUG_ON(!thread_group_leader(tsk)); return 0; killed: /* protects against exit_notify() and __exit_signal() */ read_lock(&tasklist_lock); sig->group_exit_task = NULL; sig->notify_count = 0; read_unlock(&tasklist_lock); return -EAGAIN; } |
7a60ef480 exec: Move the co... |
1123 1124 1125 1126 1127 1128 |
/* * This function makes sure the current process has its own signal table, * so that flush_signal_handlers can later reset the handlers without * disturbing other processes. (Other processes might share the signal * table via the CLONE_SIGHAND option to clone().) */ |
021691559 exec: Factor unsh... |
1129 1130 1131 |
static int unshare_sighand(struct task_struct *me) { struct sighand_struct *oldsighand = me->sighand; |
329f7dba5 [PATCH] fix de_th... |
1132 |
|
d036bda7d sched/core: Conve... |
1133 |
if (refcount_read(&oldsighand->count) != 1) { |
b2c903b87 exec: simplify th... |
1134 |
struct sighand_struct *newsighand; |
1da177e4c Linux-2.6.12-rc2 |
1135 |
/* |
b2c903b87 exec: simplify th... |
1136 1137 |
* This ->sighand is shared with the CLONE_SIGHAND * but not CLONE_THREAD task, switch to the new one. |
1da177e4c Linux-2.6.12-rc2 |
1138 |
*/ |
b2c903b87 exec: simplify th... |
1139 1140 1141 |
newsighand = kmem_cache_alloc(sighand_cachep, GFP_KERNEL); if (!newsighand) return -ENOMEM; |
d036bda7d sched/core: Conve... |
1142 |
refcount_set(&newsighand->count, 1); |
1da177e4c Linux-2.6.12-rc2 |
1143 1144 1145 1146 1147 |
memcpy(newsighand->action, oldsighand->action, sizeof(newsighand->action)); write_lock_irq(&tasklist_lock); spin_lock(&oldsighand->siglock); |
021691559 exec: Factor unsh... |
1148 |
rcu_assign_pointer(me->sighand, newsighand); |
1da177e4c Linux-2.6.12-rc2 |
1149 1150 |
spin_unlock(&oldsighand->siglock); write_unlock_irq(&tasklist_lock); |
fba2afaae signal/timer/even... |
1151 |
__cleanup_sighand(oldsighand); |
1da177e4c Linux-2.6.12-rc2 |
1152 |
} |
1da177e4c Linux-2.6.12-rc2 |
1153 1154 |
return 0; } |
0840a90d9 exec: simplify ->... |
1155 |
|
3756f6401 exec: avoid gcc-8... |
1156 |
char *__get_task_comm(char *buf, size_t buf_size, struct task_struct *tsk) |
1da177e4c Linux-2.6.12-rc2 |
1157 |
{ |
1da177e4c Linux-2.6.12-rc2 |
1158 |
task_lock(tsk); |
3756f6401 exec: avoid gcc-8... |
1159 |
strncpy(buf, tsk->comm, buf_size); |
1da177e4c Linux-2.6.12-rc2 |
1160 |
task_unlock(tsk); |
59714d65d get_task_comm(): ... |
1161 |
return buf; |
1da177e4c Linux-2.6.12-rc2 |
1162 |
} |
3756f6401 exec: avoid gcc-8... |
1163 |
EXPORT_SYMBOL_GPL(__get_task_comm); |
1da177e4c Linux-2.6.12-rc2 |
1164 |
|
6a6d27de3 take close-on-exe... |
1165 1166 1167 1168 |
/* * These functions flushes out all traces of the currently running executable * so that a new one can be started */ |
82b897782 perf: Differentia... |
1169 |
void __set_task_comm(struct task_struct *tsk, const char *buf, bool exec) |
1da177e4c Linux-2.6.12-rc2 |
1170 1171 |
{ task_lock(tsk); |
43d2b1132 tracepoint: add t... |
1172 |
trace_task_rename(tsk, buf); |
1da177e4c Linux-2.6.12-rc2 |
1173 1174 |
strlcpy(tsk->comm, buf, sizeof(tsk->comm)); task_unlock(tsk); |
82b897782 perf: Differentia... |
1175 |
perf_event_comm(tsk, exec); |
1da177e4c Linux-2.6.12-rc2 |
1176 |
} |
a9208e42b exec: Correct com... |
1177 1178 1179 1180 |
/* * Calling this is the point of no return. None of the failures will be * seen by userspace since either the process is already taking a fatal * signal (via de_thread() or coredump), or will have SEGV raised |
13c432b51 exec: Fix spellin... |
1181 |
* (after exec_mmap()) by search_binary_handler (see below). |
a9208e42b exec: Correct com... |
1182 |
*/ |
2388777a0 exec: Rename flus... |
1183 |
int begin_new_exec(struct linux_binprm * bprm) |
1da177e4c Linux-2.6.12-rc2 |
1184 |
{ |
2ca7be7d5 exec: Only comput... |
1185 |
struct task_struct *me = current; |
221af7f87 Split 'flush_old_... |
1186 |
int retval; |
1da177e4c Linux-2.6.12-rc2 |
1187 |
|
56305aa9b exec: Compute fil... |
1188 1189 1190 1191 |
/* Once we are committed compute the creds */ retval = bprm_creds_from_file(bprm); if (retval) return retval; |
1da177e4c Linux-2.6.12-rc2 |
1192 |
/* |
6834e0bb4 exec: Set the poi... |
1193 1194 1195 |
* Ensure all future errors are fatal. */ bprm->point_of_no_return = true; |
1da177e4c Linux-2.6.12-rc2 |
1196 |
/* |
021691559 exec: Factor unsh... |
1197 |
* Make this the only thread in the thread group. |
1da177e4c Linux-2.6.12-rc2 |
1198 |
*/ |
2ca7be7d5 exec: Only comput... |
1199 |
retval = de_thread(me); |
1da177e4c Linux-2.6.12-rc2 |
1200 1201 |
if (retval) goto out; |
6e399cd14 prctl: avoid usin... |
1202 1203 1204 1205 1206 |
/* * Must be called _before_ exec_mmap() as bprm->mm is * not visibile until then. This also enables the update * to be lockless. */ |
925d1c401 procfs task exe s... |
1207 |
set_mm_exe_file(bprm->mm, bprm->file); |
6e399cd14 prctl: avoid usin... |
1208 |
|
b8a61c9e7 exec: Generic exe... |
1209 |
/* If the binary is not readable then enforce mm->dumpable=0 */ |
f87d1c955 exec: Move would_... |
1210 |
would_dump(bprm, bprm->file); |
b8a61c9e7 exec: Generic exe... |
1211 1212 |
if (bprm->have_execfd) would_dump(bprm, bprm->executable); |
f87d1c955 exec: Move would_... |
1213 |
|
1da177e4c Linux-2.6.12-rc2 |
1214 |
/* |
1da177e4c Linux-2.6.12-rc2 |
1215 1216 |
* Release all of the old mmap stuff */ |
3c77f8457 exec: make argv/e... |
1217 |
acct_arg_size(bprm, 0); |
1da177e4c Linux-2.6.12-rc2 |
1218 1219 |
retval = exec_mmap(bprm->mm); if (retval) |
fd8328be8 [PATCH] sanitize ... |
1220 |
goto out; |
1da177e4c Linux-2.6.12-rc2 |
1221 |
|
a9208e42b exec: Correct com... |
1222 |
bprm->mm = NULL; |
7ab02af42 Fix 'flush_old_ex... |
1223 |
|
ccf0fa6be exec: Move exec_m... |
1224 1225 1226 1227 1228 1229 1230 1231 1232 1233 |
#ifdef CONFIG_POSIX_TIMERS exit_itimers(me->signal); flush_itimer_signals(); #endif /* * Make the signal table private. */ retval = unshare_sighand(me); if (retval) |
89826cce3 exec: Make unlock... |
1234 |
goto out_unlock; |
ccf0fa6be exec: Move exec_m... |
1235 |
|
fe8141759 exec: use force_u... |
1236 1237 1238 1239 1240 |
/* * Ensure that the uaccess routines can actually operate on userspace * pointers: */ force_uaccess_begin(); |
2ca7be7d5 exec: Only comput... |
1241 |
me->flags &= ~(PF_RANDOMIZE | PF_FORKNOEXEC | PF_KTHREAD | |
b88fae644 exec: avoid propa... |
1242 |
PF_NOFREEZE | PF_NO_SETAFFINITY); |
7ab02af42 Fix 'flush_old_ex... |
1243 |
flush_thread(); |
2ca7be7d5 exec: Only comput... |
1244 |
me->personality &= ~bprm->per_clear; |
7ab02af42 Fix 'flush_old_ex... |
1245 |
|
613cc2b6f fs: exec: apply C... |
1246 1247 1248 1249 1250 1251 |
/* * We have to apply CLOEXEC before we change whether the process is * dumpable (in setup_new_exec) to avoid a race with a process in userspace * trying to access the should-be-closed file descriptors of a process * undergoing exec(2). */ |
2ca7be7d5 exec: Only comput... |
1252 |
do_close_on_exec(me->files); |
f84df2a6f exec: Ensure mm->... |
1253 |
|
64701dee4 exec: Use sane st... |
1254 |
if (bprm->secureexec) { |
fe8993b3a exec: Consolidate... |
1255 |
/* Make sure parent cannot signal privileged process. */ |
7d503feba exec: In setup_ne... |
1256 |
me->pdeath_signal = 0; |
fe8993b3a exec: Consolidate... |
1257 |
|
64701dee4 exec: Use sane st... |
1258 1259 1260 1261 1262 |
/* * For secureexec, reset the stack limit to sane default to * avoid bad behavior from the prior rlimits. This has to * happen before arch_pick_mmap_layout(), which examines * RLIMIT_STACK, but after the point of no return to avoid |
779f4e1c6 Revert "exec: avo... |
1263 |
* needing to clean up the change on failure. |
64701dee4 exec: Use sane st... |
1264 |
*/ |
c31dbb146 exec: pin stack l... |
1265 1266 |
if (bprm->rlim_stack.rlim_cur > _STK_LIM) bprm->rlim_stack.rlim_cur = _STK_LIM; |
64701dee4 exec: Use sane st... |
1267 |
} |
7d503feba exec: In setup_ne... |
1268 |
me->sas_ss_sp = me->sas_ss_size = 0; |
1da177e4c Linux-2.6.12-rc2 |
1269 |
|
e816c201a exec: Weaken dump... |
1270 1271 1272 1273 1274 |
/* * Figure out dumpability. Note that this checking only of current * is wrong, but userspace depends on it. This should be testing * bprm->secureexec instead. */ |
473d89639 exec: Consolidate... |
1275 |
if (bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP || |
e816c201a exec: Weaken dump... |
1276 1277 |
!(uid_eq(current_euid(), current_uid()) && gid_eq(current_egid(), current_gid()))) |
6c5d52382 coredump masking:... |
1278 |
set_dumpable(current->mm, suid_dumpable); |
473d89639 exec: Consolidate... |
1279 1280 |
else set_dumpable(current->mm, SUID_DUMP_USER); |
d6e711448 [PATCH] setuid co... |
1281 |
|
e041e328c perf: Fix perf_ev... |
1282 |
perf_event_exec(); |
7d503feba exec: In setup_ne... |
1283 |
__set_task_comm(me, kbasename(bprm->filename), true); |
1da177e4c Linux-2.6.12-rc2 |
1284 |
|
1da177e4c Linux-2.6.12-rc2 |
1285 1286 |
/* An exec changes our domain. We are no longer part of the thread group */ |
7d503feba exec: In setup_ne... |
1287 1288 |
WRITE_ONCE(me->self_exec_id, me->self_exec_id + 1); flush_signal_handlers(me, 0); |
96ecee29b exec: Merge insta... |
1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303 |
/* * install the new credentials for this executable */ security_bprm_committing_creds(bprm); commit_creds(bprm->cred); bprm->cred = NULL; /* * Disable monitoring for regular users * when executing setuid binaries. Must * wait until new credentials are committed * by commit_creds() above */ |
7d503feba exec: In setup_ne... |
1304 1305 |
if (get_dumpable(me->mm) != SUID_DUMP_USER) perf_event_exit_task(me); |
96ecee29b exec: Merge insta... |
1306 1307 1308 1309 1310 1311 |
/* * cred_guard_mutex must be held at least to this point to prevent * ptrace_attach() from altering our determination of the task's * credentials; any time after this it may be unlocked. */ security_bprm_committed_creds(bprm); |
b8a61c9e7 exec: Generic exe... |
1312 1313 1314 1315 1316 1317 1318 1319 1320 1321 |
/* Pass the opened binary to the interpreter. */ if (bprm->have_execfd) { retval = get_unused_fd_flags(0); if (retval < 0) goto out_unlock; fd_install(retval, bprm->executable); bprm->executable = NULL; bprm->execfd = retval; } |
221af7f87 Split 'flush_old_... |
1322 |
return 0; |
df9e4d2c4 exec: Move most o... |
1323 |
out_unlock: |
ab7709b55 exec: Transform e... |
1324 |
up_write(&me->signal->exec_update_lock); |
221af7f87 Split 'flush_old_... |
1325 1326 1327 |
out: return retval; } |
2388777a0 exec: Rename flus... |
1328 |
EXPORT_SYMBOL(begin_new_exec); |
221af7f87 Split 'flush_old_... |
1329 |
|
1b5d783c9 consolidate BINPR... |
1330 1331 |
void would_dump(struct linux_binprm *bprm, struct file *file) { |
f84df2a6f exec: Ensure mm->... |
1332 1333 1334 |
struct inode *inode = file_inode(file); if (inode_permission(inode, MAY_READ) < 0) { struct user_namespace *old, *user_ns; |
1b5d783c9 consolidate BINPR... |
1335 |
bprm->interp_flags |= BINPRM_FLAGS_ENFORCE_NONDUMP; |
f84df2a6f exec: Ensure mm->... |
1336 1337 1338 1339 1340 1341 1342 1343 1344 1345 1346 1347 |
/* Ensure mm->user_ns contains the executable */ user_ns = old = bprm->mm->user_ns; while ((user_ns != &init_user_ns) && !privileged_wrt_inode_uidgid(user_ns, inode)) user_ns = user_ns->parent; if (old != user_ns) { bprm->mm->user_ns = get_user_ns(user_ns); put_user_ns(old); } } |
1b5d783c9 consolidate BINPR... |
1348 1349 |
} EXPORT_SYMBOL(would_dump); |
221af7f87 Split 'flush_old_... |
1350 1351 |
void setup_new_exec(struct linux_binprm * bprm) { |
df9e4d2c4 exec: Move most o... |
1352 1353 |
/* Setup things that can depend upon the personality */ struct task_struct *me = current; |
1da177e4c Linux-2.6.12-rc2 |
1354 |
|
df9e4d2c4 exec: Move most o... |
1355 |
arch_pick_mmap_layout(me->mm, &bprm->rlim_stack); |
d6e711448 [PATCH] setuid co... |
1356 |
|
e9ea1e7f5 x86/arch_prctl: A... |
1357 |
arch_setup_new_exec(); |
1da177e4c Linux-2.6.12-rc2 |
1358 |
|
0551fbd29 [PATCH] Add mm->t... |
1359 1360 1361 1362 |
/* Set the new mm task size. We have to do that late because it may * depend on TIF_32BIT which is only updated in flush_thread() on * some architectures like powerpc */ |
df9e4d2c4 exec: Move most o... |
1363 |
me->mm->task_size = TASK_SIZE; |
ab7709b55 exec: Transform e... |
1364 |
up_write(&me->signal->exec_update_lock); |
7d503feba exec: In setup_ne... |
1365 |
mutex_unlock(&me->signal->cred_guard_mutex); |
1da177e4c Linux-2.6.12-rc2 |
1366 |
} |
221af7f87 Split 'flush_old_... |
1367 |
EXPORT_SYMBOL(setup_new_exec); |
1da177e4c Linux-2.6.12-rc2 |
1368 |
|
b83838313 exec: introduce f... |
1369 1370 1371 |
/* Runs immediately before start_thread() takes over. */ void finalize_exec(struct linux_binprm *bprm) { |
c31dbb146 exec: pin stack l... |
1372 1373 1374 1375 |
/* Store any stack rlimit changes before starting thread. */ task_lock(current->group_leader); current->signal->rlim[RLIMIT_STACK] = bprm->rlim_stack; task_unlock(current->group_leader); |
b83838313 exec: introduce f... |
1376 1377 |
} EXPORT_SYMBOL(finalize_exec); |
a6f76f23d CRED: Make execve... |
1378 |
/* |
a2a8474c3 exec: do not slee... |
1379 |
* Prepare credentials and lock ->cred_guard_mutex. |
96ecee29b exec: Merge insta... |
1380 |
* setup_new_exec() commits the new creds and drops the lock. |
a2a8474c3 exec: do not slee... |
1381 1382 1383 |
* Or, if exec fails before, free_bprm() should release ->cred and * and unlock. */ |
4addd2640 exec: make prepar... |
1384 |
static int prepare_bprm_creds(struct linux_binprm *bprm) |
a2a8474c3 exec: do not slee... |
1385 |
{ |
9b1bf12d5 signals: move cre... |
1386 |
if (mutex_lock_interruptible(¤t->signal->cred_guard_mutex)) |
a2a8474c3 exec: do not slee... |
1387 1388 1389 1390 1391 |
return -ERESTARTNOINTR; bprm->cred = prepare_exec_creds(); if (likely(bprm->cred)) return 0; |
9b1bf12d5 signals: move cre... |
1392 |
mutex_unlock(¤t->signal->cred_guard_mutex); |
a2a8474c3 exec: do not slee... |
1393 1394 |
return -ENOMEM; } |
c4ad8f98b execve: use 'stru... |
1395 |
static void free_bprm(struct linux_binprm *bprm) |
a2a8474c3 exec: do not slee... |
1396 |
{ |
f18ac551e exec: Move bprm_m... |
1397 1398 1399 1400 |
if (bprm->mm) { acct_arg_size(bprm, 0); mmput(bprm->mm); } |
a2a8474c3 exec: do not slee... |
1401 1402 |
free_arg_pages(bprm); if (bprm->cred) { |
9b1bf12d5 signals: move cre... |
1403 |
mutex_unlock(¤t->signal->cred_guard_mutex); |
a2a8474c3 exec: do not slee... |
1404 1405 |
abort_creds(bprm->cred); } |
63e46b95e exec: move the fi... |
1406 1407 1408 1409 |
if (bprm->file) { allow_write_access(bprm->file); fput(bprm->file); } |
b8a61c9e7 exec: Generic exe... |
1410 1411 |
if (bprm->executable) fput(bprm->executable); |
b66c59840 exec: do not leav... |
1412 1413 1414 |
/* If a binfmt changed the interp, free it. */ if (bprm->interp != bprm->filename) kfree(bprm->interp); |
60d9ad1d1 exec: Move initia... |
1415 |
kfree(bprm->fdpath); |
a2a8474c3 exec: do not slee... |
1416 1417 |
kfree(bprm); } |
60d9ad1d1 exec: Move initia... |
1418 |
static struct linux_binprm *alloc_bprm(int fd, struct filename *filename) |
0a8f36eb4 exec: Factor out ... |
1419 1420 |
{ struct linux_binprm *bprm = kzalloc(sizeof(*bprm), GFP_KERNEL); |
60d9ad1d1 exec: Move initia... |
1421 |
int retval = -ENOMEM; |
0a8f36eb4 exec: Factor out ... |
1422 |
if (!bprm) |
60d9ad1d1 exec: Move initia... |
1423 1424 1425 1426 1427 1428 1429 1430 1431 1432 1433 1434 1435 1436 1437 1438 |
goto out; if (fd == AT_FDCWD || filename->name[0] == '/') { bprm->filename = filename->name; } else { if (filename->name[0] == '\0') bprm->fdpath = kasprintf(GFP_KERNEL, "/dev/fd/%d", fd); else bprm->fdpath = kasprintf(GFP_KERNEL, "/dev/fd/%d/%s", fd, filename->name); if (!bprm->fdpath) goto out_free; bprm->filename = bprm->fdpath; } bprm->interp = bprm->filename; |
f18ac551e exec: Move bprm_m... |
1439 1440 1441 1442 |
retval = bprm_mm_init(bprm); if (retval) goto out_free; |
0a8f36eb4 exec: Factor out ... |
1443 |
return bprm; |
60d9ad1d1 exec: Move initia... |
1444 1445 1446 1447 1448 |
out_free: free_bprm(bprm); out: return ERR_PTR(retval); |
0a8f36eb4 exec: Factor out ... |
1449 |
} |
c2315c187 exec: load_script... |
1450 |
int bprm_change_interp(const char *interp, struct linux_binprm *bprm) |
b66c59840 exec: do not leav... |
1451 1452 1453 1454 1455 1456 1457 1458 1459 1460 |
{ /* If a binfmt changed the interp, free it first. */ if (bprm->interp != bprm->filename) kfree(bprm->interp); bprm->interp = kstrdup(interp, GFP_KERNEL); if (!bprm->interp) return -ENOMEM; return 0; } EXPORT_SYMBOL(bprm_change_interp); |
a2a8474c3 exec: do not slee... |
1461 |
/* |
a6f76f23d CRED: Make execve... |
1462 |
* determine how safe it is to execute the proposed program |
9b1bf12d5 signals: move cre... |
1463 |
* - the caller must hold ->cred_guard_mutex to protect against |
c2e1f2e30 seccomp: implemen... |
1464 |
* PTRACE_ATTACH or seccomp thread-sync |
a6f76f23d CRED: Make execve... |
1465 |
*/ |
9e00cdb09 exec:check_unsafe... |
1466 |
static void check_unsafe_exec(struct linux_binprm *bprm) |
a6f76f23d CRED: Make execve... |
1467 |
{ |
0bf2f3aec CRED: Fix SUID ex... |
1468 |
struct task_struct *p = current, *t; |
f1191b50e check_unsafe_exec... |
1469 |
unsigned n_fs; |
a6f76f23d CRED: Make execve... |
1470 |
|
9227dd2a8 exec: Remove LSM_... |
1471 1472 |
if (p->ptrace) bprm->unsafe |= LSM_UNSAFE_PTRACE; |
a6f76f23d CRED: Make execve... |
1473 |
|
259e5e6c7 Add PR_{GET,SET}_... |
1474 1475 1476 1477 |
/* * This isn't strictly necessary, but it makes it harder for LSMs to * mess up. */ |
1d4457f99 sched: move no_ne... |
1478 |
if (task_no_new_privs(current)) |
259e5e6c7 Add PR_{GET,SET}_... |
1479 |
bprm->unsafe |= LSM_UNSAFE_NO_NEW_PRIVS; |
83f62a2ea exec:check_unsafe... |
1480 |
t = p; |
0bf2f3aec CRED: Fix SUID ex... |
1481 |
n_fs = 1; |
2a4419b5b fs: fs_struct rwl... |
1482 |
spin_lock(&p->fs->lock); |
437f7fdb6 check_unsafe_exec... |
1483 |
rcu_read_lock(); |
83f62a2ea exec:check_unsafe... |
1484 |
while_each_thread(p, t) { |
0bf2f3aec CRED: Fix SUID ex... |
1485 1486 |
if (t->fs == p->fs) n_fs++; |
0bf2f3aec CRED: Fix SUID ex... |
1487 |
} |
437f7fdb6 check_unsafe_exec... |
1488 |
rcu_read_unlock(); |
0bf2f3aec CRED: Fix SUID ex... |
1489 |
|
9e00cdb09 exec:check_unsafe... |
1490 |
if (p->fs->users > n_fs) |
a6f76f23d CRED: Make execve... |
1491 |
bprm->unsafe |= LSM_UNSAFE_SHARE; |
9e00cdb09 exec:check_unsafe... |
1492 1493 |
else p->fs->in_exec = 1; |
2a4419b5b fs: fs_struct rwl... |
1494 |
spin_unlock(&p->fs->lock); |
a6f76f23d CRED: Make execve... |
1495 |
} |
56305aa9b exec: Compute fil... |
1496 |
static void bprm_fill_uid(struct linux_binprm *bprm, struct file *file) |
8b01fc86b fs: take i_mutex ... |
1497 |
{ |
56305aa9b exec: Compute fil... |
1498 |
/* Handle suid and sgid on files */ |
8b01fc86b fs: take i_mutex ... |
1499 1500 1501 1502 |
struct inode *inode; unsigned int mode; kuid_t uid; kgid_t gid; |
56305aa9b exec: Compute fil... |
1503 |
if (!mnt_may_suid(file->f_path.mnt)) |
8b01fc86b fs: take i_mutex ... |
1504 1505 1506 1507 |
return; if (task_no_new_privs(current)) return; |
56305aa9b exec: Compute fil... |
1508 |
inode = file->f_path.dentry->d_inode; |
8b01fc86b fs: take i_mutex ... |
1509 1510 1511 1512 1513 |
mode = READ_ONCE(inode->i_mode); if (!(mode & (S_ISUID|S_ISGID))) return; /* Be careful if suid/sgid is set */ |
5955102c9 wrappers for ->i_... |
1514 |
inode_lock(inode); |
8b01fc86b fs: take i_mutex ... |
1515 1516 1517 1518 1519 |
/* reload atomically mode/uid/gid now that lock held */ mode = inode->i_mode; uid = inode->i_uid; gid = inode->i_gid; |
5955102c9 wrappers for ->i_... |
1520 |
inode_unlock(inode); |
8b01fc86b fs: take i_mutex ... |
1521 1522 1523 1524 1525 1526 1527 1528 1529 1530 1531 1532 1533 1534 1535 1536 |
/* We ignore suid/sgid if there are no mappings for them in the ns */ if (!kuid_has_mapping(bprm->cred->user_ns, uid) || !kgid_has_mapping(bprm->cred->user_ns, gid)) return; if (mode & S_ISUID) { bprm->per_clear |= PER_CLEAR_ON_SETID; bprm->cred->euid = uid; } if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) { bprm->per_clear |= PER_CLEAR_ON_SETID; bprm->cred->egid = gid; } } |
9e00cdb09 exec:check_unsafe... |
1537 |
/* |
56305aa9b exec: Compute fil... |
1538 1539 1540 1541 1542 1543 1544 1545 1546 1547 1548 1549 |
* Compute brpm->cred based upon the final binary. */ static int bprm_creds_from_file(struct linux_binprm *bprm) { /* Compute creds based on which file? */ struct file *file = bprm->execfd_creds ? bprm->executable : bprm->file; bprm_fill_uid(bprm, file); return security_bprm_creds_from_file(bprm, file); } /* |
9e00cdb09 exec:check_unsafe... |
1550 |
* Fill the binprm structure from the inode. |
56305aa9b exec: Compute fil... |
1551 |
* Read the first BINPRM_BUF_SIZE bytes |
a6f76f23d CRED: Make execve... |
1552 1553 |
* * This may be called multiple times for binary chains (scripts for example). |
1da177e4c Linux-2.6.12-rc2 |
1554 |
*/ |
8b72ca900 exec: Move the ca... |
1555 |
static int prepare_binprm(struct linux_binprm *bprm) |
1da177e4c Linux-2.6.12-rc2 |
1556 |
{ |
bdd1d2d3d fs: fix kernel_re... |
1557 |
loff_t pos = 0; |
1da177e4c Linux-2.6.12-rc2 |
1558 |
|
a6f76f23d CRED: Make execve... |
1559 |
memset(bprm->buf, 0, BINPRM_BUF_SIZE); |
bdd1d2d3d fs: fix kernel_re... |
1560 |
return kernel_read(bprm->file, bprm->buf, BINPRM_BUF_SIZE, &pos); |
1da177e4c Linux-2.6.12-rc2 |
1561 |
} |
4fc75ff48 exec: fix remove_... |
1562 1563 1564 1565 1566 |
/* * Arguments are '\0' separated strings found at the location bprm->p * points to; chop off the first by relocating brpm->p to right after * the first '\0' encountered. */ |
b6a2fea39 mm: variable leng... |
1567 |
int remove_arg_zero(struct linux_binprm *bprm) |
1da177e4c Linux-2.6.12-rc2 |
1568 |
{ |
b6a2fea39 mm: variable leng... |
1569 1570 1571 1572 |
int ret = 0; unsigned long offset; char *kaddr; struct page *page; |
4fc75ff48 exec: fix remove_... |
1573 |
|
b6a2fea39 mm: variable leng... |
1574 1575 |
if (!bprm->argc) return 0; |
1da177e4c Linux-2.6.12-rc2 |
1576 |
|
b6a2fea39 mm: variable leng... |
1577 1578 1579 1580 1581 1582 1583 |
do { offset = bprm->p & ~PAGE_MASK; page = get_arg_page(bprm, bprm->p, 0); if (!page) { ret = -EFAULT; goto out; } |
e8e3c3d66 fs: remove the se... |
1584 |
kaddr = kmap_atomic(page); |
4fc75ff48 exec: fix remove_... |
1585 |
|
b6a2fea39 mm: variable leng... |
1586 1587 1588 |
for (; offset < PAGE_SIZE && kaddr[offset]; offset++, bprm->p++) ; |
4fc75ff48 exec: fix remove_... |
1589 |
|
e8e3c3d66 fs: remove the se... |
1590 |
kunmap_atomic(kaddr); |
b6a2fea39 mm: variable leng... |
1591 |
put_arg_page(page); |
b6a2fea39 mm: variable leng... |
1592 |
} while (offset == PAGE_SIZE); |
4fc75ff48 exec: fix remove_... |
1593 |
|
b6a2fea39 mm: variable leng... |
1594 1595 1596 |
bprm->p++; bprm->argc--; ret = 0; |
4fc75ff48 exec: fix remove_... |
1597 |
|
b6a2fea39 mm: variable leng... |
1598 1599 |
out: return ret; |
1da177e4c Linux-2.6.12-rc2 |
1600 |
} |
1da177e4c Linux-2.6.12-rc2 |
1601 |
EXPORT_SYMBOL(remove_arg_zero); |
cb7b6b1cb exec: cleanup the... |
1602 1603 |
#define printable(c) (((c)=='\t') || ((c)==' ') || (0x20<=(c) && (c)<=0x7e)) |
1da177e4c Linux-2.6.12-rc2 |
1604 1605 1606 |
/* * cycle the list of binary formats handler, until one recognizes the image */ |
bc2bf338d exec: Remove recu... |
1607 |
static int search_binary_handler(struct linux_binprm *bprm) |
1da177e4c Linux-2.6.12-rc2 |
1608 |
{ |
cb7b6b1cb exec: cleanup the... |
1609 |
bool need_retry = IS_ENABLED(CONFIG_MODULES); |
1da177e4c Linux-2.6.12-rc2 |
1610 |
struct linux_binfmt *fmt; |
cb7b6b1cb exec: cleanup the... |
1611 |
int retval; |
1da177e4c Linux-2.6.12-rc2 |
1612 |
|
8b72ca900 exec: Move the ca... |
1613 1614 1615 |
retval = prepare_binprm(bprm); if (retval < 0) return retval; |
d74026986 exec: use -ELOOP ... |
1616 |
|
1da177e4c Linux-2.6.12-rc2 |
1617 1618 1619 |
retval = security_bprm_check(bprm); if (retval) return retval; |
1da177e4c Linux-2.6.12-rc2 |
1620 |
retval = -ENOENT; |
cb7b6b1cb exec: cleanup the... |
1621 1622 1623 1624 1625 1626 |
retry: read_lock(&binfmt_lock); list_for_each_entry(fmt, &formats, lh) { if (!try_module_get(fmt->module)) continue; read_unlock(&binfmt_lock); |
d53ddd018 fs/exec.c: move -... |
1627 |
|
cb7b6b1cb exec: cleanup the... |
1628 |
retval = fmt->load_binary(bprm); |
d53ddd018 fs/exec.c: move -... |
1629 |
|
19d860a14 handle suicide on... |
1630 1631 |
read_lock(&binfmt_lock); put_binfmt(fmt); |
bc2bf338d exec: Remove recu... |
1632 |
if (bprm->point_of_no_return || (retval != -ENOEXEC)) { |
19d860a14 handle suicide on... |
1633 |
read_unlock(&binfmt_lock); |
cb7b6b1cb exec: cleanup the... |
1634 |
return retval; |
1da177e4c Linux-2.6.12-rc2 |
1635 |
} |
1da177e4c Linux-2.6.12-rc2 |
1636 |
} |
cb7b6b1cb exec: cleanup the... |
1637 |
read_unlock(&binfmt_lock); |
19d860a14 handle suicide on... |
1638 |
if (need_retry) { |
cb7b6b1cb exec: cleanup the... |
1639 1640 1641 |
if (printable(bprm->buf[0]) && printable(bprm->buf[1]) && printable(bprm->buf[2]) && printable(bprm->buf[3])) return retval; |
4e0621a07 exec: don't retry... |
1642 1643 |
if (request_module("binfmt-%04x", *(ushort *)(bprm->buf + 2)) < 0) return retval; |
cb7b6b1cb exec: cleanup the... |
1644 1645 1646 |
need_retry = false; goto retry; } |
1da177e4c Linux-2.6.12-rc2 |
1647 1648 |
return retval; } |
1da177e4c Linux-2.6.12-rc2 |
1649 |
|
5d1baf3b6 exec: introduce e... |
1650 1651 1652 |
static int exec_binprm(struct linux_binprm *bprm) { pid_t old_pid, old_vpid; |
bc2bf338d exec: Remove recu... |
1653 |
int ret, depth; |
5d1baf3b6 exec: introduce e... |
1654 1655 1656 1657 1658 1659 |
/* Need to fetch pid before load_binary changes it */ old_pid = current->pid; rcu_read_lock(); old_vpid = task_pid_nr_ns(current, task_active_pid_ns(current->parent)); rcu_read_unlock(); |
bc2bf338d exec: Remove recu... |
1660 1661 1662 1663 1664 1665 1666 1667 1668 1669 1670 1671 1672 1673 1674 1675 1676 1677 1678 1679 1680 1681 1682 1683 1684 |
/* This allows 4 levels of binfmt rewrites before failing hard. */ for (depth = 0;; depth++) { struct file *exec; if (depth > 5) return -ELOOP; ret = search_binary_handler(bprm); if (ret < 0) return ret; if (!bprm->interpreter) break; exec = bprm->file; bprm->file = bprm->interpreter; bprm->interpreter = NULL; allow_write_access(exec); if (unlikely(bprm->have_execfd)) { if (bprm->executable) { fput(exec); return -ENOEXEC; } bprm->executable = exec; } else fput(exec); |
5d1baf3b6 exec: introduce e... |
1685 |
} |
bc2bf338d exec: Remove recu... |
1686 1687 1688 1689 1690 |
audit_bprm(bprm); trace_sched_process_exec(current, old_pid, bprm); ptrace_event(PTRACE_EVENT_EXEC, old_vpid); proc_exec_connector(current); return 0; |
5d1baf3b6 exec: introduce e... |
1691 |
} |
1da177e4c Linux-2.6.12-rc2 |
1692 1693 1694 |
/* * sys_execve() executes a new program. */ |
0c9cdff05 exec: Factor bprm... |
1695 1696 |
static int bprm_execve(struct linux_binprm *bprm, int fd, struct filename *filename, int flags) |
1da177e4c Linux-2.6.12-rc2 |
1697 |
{ |
25cf336de exec: Remove do_e... |
1698 |
struct file *file; |
3b1253880 [PATCH] sanitize ... |
1699 |
struct files_struct *displaced; |
1da177e4c Linux-2.6.12-rc2 |
1700 |
int retval; |
0f2122045 io_uring: don't r... |
1701 1702 1703 1704 1705 |
/* * Cancel any io_uring activity across execve */ io_uring_task_cancel(); |
72fa59970 move RLIMIT_NPROC... |
1706 |
|
0a8f36eb4 exec: Factor out ... |
1707 1708 |
retval = unshare_files(&displaced); if (retval) |
0c9cdff05 exec: Factor bprm... |
1709 |
return retval; |
1da177e4c Linux-2.6.12-rc2 |
1710 |
|
a2a8474c3 exec: do not slee... |
1711 1712 |
retval = prepare_bprm_creds(bprm); if (retval) |
0a8f36eb4 exec: Factor out ... |
1713 |
goto out_files; |
498052bba New locking/refco... |
1714 |
|
9e00cdb09 exec:check_unsafe... |
1715 |
check_unsafe_exec(bprm); |
a2a8474c3 exec: do not slee... |
1716 |
current->in_execve = 1; |
a6f76f23d CRED: Make execve... |
1717 |
|
25cf336de exec: Remove do_e... |
1718 |
file = do_open_execat(fd, filename, flags); |
1da177e4c Linux-2.6.12-rc2 |
1719 1720 |
retval = PTR_ERR(file); if (IS_ERR(file)) |
498052bba New locking/refco... |
1721 |
goto out_unmark; |
1da177e4c Linux-2.6.12-rc2 |
1722 1723 |
sched_exec(); |
1da177e4c Linux-2.6.12-rc2 |
1724 |
bprm->file = file; |
60d9ad1d1 exec: Move initia... |
1725 1726 1727 1728 1729 1730 1731 1732 |
/* * Record that a name derived from an O_CLOEXEC fd will be * inaccessible after exec. Relies on having exclusive access to * current->files (due to unshare_files above). */ if (bprm->fdpath && close_on_exec(fd, rcu_dereference_raw(current->files->fdt))) bprm->interp_flags |= BINPRM_FLAGS_PATH_INACCESSIBLE; |
1da177e4c Linux-2.6.12-rc2 |
1733 |
|
b8bff5992 exec: Factor secu... |
1734 1735 1736 |
/* Set the unchanging part of bprm->cred */ retval = security_bprm_creds_for_exec(bprm); if (retval) |
1da177e4c Linux-2.6.12-rc2 |
1737 |
goto out; |
5d1baf3b6 exec: introduce e... |
1738 |
retval = exec_binprm(bprm); |
a6f76f23d CRED: Make execve... |
1739 1740 |
if (retval < 0) goto out; |
1da177e4c Linux-2.6.12-rc2 |
1741 |
|
a6f76f23d CRED: Make execve... |
1742 |
/* execve succeeded */ |
498052bba New locking/refco... |
1743 |
current->fs->in_exec = 0; |
f9ce1f1cd Add in_execve fla... |
1744 |
current->in_execve = 0; |
d7822b1e2 rseq: Introduce r... |
1745 |
rseq_execve(current); |
a6f76f23d CRED: Make execve... |
1746 |
acct_update_integrals(current); |
16d51a590 sched/fair: Don't... |
1747 |
task_numa_free(current, false); |
a6f76f23d CRED: Make execve... |
1748 1749 1750 |
if (displaced) put_files_struct(displaced); return retval; |
1da177e4c Linux-2.6.12-rc2 |
1751 |
|
a6f76f23d CRED: Make execve... |
1752 |
out: |
8890b2934 exec: Move handli... |
1753 1754 1755 1756 1757 1758 1759 1760 |
/* * If past the point of no return ensure the the code never * returns to the userspace process. Use an existing fatal * signal if present otherwise terminate the process with * SIGSEGV. */ if (bprm->point_of_no_return && !fatal_signal_pending(current)) force_sigsegv(SIGSEGV); |
1da177e4c Linux-2.6.12-rc2 |
1761 |
|
498052bba New locking/refco... |
1762 |
out_unmark: |
9e00cdb09 exec:check_unsafe... |
1763 |
current->fs->in_exec = 0; |
f9ce1f1cd Add in_execve fla... |
1764 |
current->in_execve = 0; |
a6f76f23d CRED: Make execve... |
1765 |
|
0a8f36eb4 exec: Factor out ... |
1766 1767 1768 |
out_files: if (displaced) reset_files_struct(displaced); |
0c9cdff05 exec: Factor bprm... |
1769 1770 1771 1772 1773 1774 1775 1776 1777 1778 1779 1780 1781 1782 1783 1784 1785 1786 1787 1788 1789 1790 1791 1792 1793 1794 1795 1796 1797 1798 1799 1800 1801 1802 1803 1804 |
return retval; } static int do_execveat_common(int fd, struct filename *filename, struct user_arg_ptr argv, struct user_arg_ptr envp, int flags) { struct linux_binprm *bprm; int retval; if (IS_ERR(filename)) return PTR_ERR(filename); /* * We move the actual failure in case of RLIMIT_NPROC excess from * set*uid() to execve() because too many poorly written programs * don't check setuid() return code. Here we additionally recheck * whether NPROC limit is still exceeded. */ if ((current->flags & PF_NPROC_EXCEEDED) && atomic_read(¤t_user()->processes) > rlimit(RLIMIT_NPROC)) { retval = -EAGAIN; goto out_ret; } /* We're below the limit (still or again), so we don't want to make * further execve() calls fail. */ current->flags &= ~PF_NPROC_EXCEEDED; bprm = alloc_bprm(fd, filename); if (IS_ERR(bprm)) { retval = PTR_ERR(bprm); goto out_ret; } |
d8b9cd549 exec: Factor bprm... |
1805 1806 1807 1808 1809 1810 1811 1812 1813 1814 1815 |
retval = count(argv, MAX_ARG_STRINGS); if (retval < 0) goto out_free; bprm->argc = retval; retval = count(envp, MAX_ARG_STRINGS); if (retval < 0) goto out_free; bprm->envc = retval; retval = bprm_stack_limits(bprm); |
0c9cdff05 exec: Factor bprm... |
1816 1817 1818 1819 1820 1821 1822 1823 1824 1825 1826 1827 1828 1829 1830 1831 1832 |
if (retval < 0) goto out_free; retval = copy_string_kernel(bprm->filename, bprm); if (retval < 0) goto out_free; bprm->exec = bprm->p; retval = copy_strings(bprm->envc, envp, bprm); if (retval < 0) goto out_free; retval = copy_strings(bprm->argc, argv, bprm); if (retval < 0) goto out_free; retval = bprm_execve(bprm, fd, filename, flags); |
a6f76f23d CRED: Make execve... |
1833 |
out_free: |
08a6fac1c [PATCH] get rid o... |
1834 |
free_bprm(bprm); |
1da177e4c Linux-2.6.12-rc2 |
1835 1836 |
out_ret: |
25cf336de exec: Remove do_e... |
1837 |
putname(filename); |
1da177e4c Linux-2.6.12-rc2 |
1838 1839 |
return retval; } |
be619f7f0 exec: Implement k... |
1840 1841 1842 1843 1844 1845 1846 1847 1848 1849 1850 1851 1852 1853 1854 1855 1856 1857 1858 1859 1860 1861 1862 1863 1864 1865 1866 1867 1868 1869 1870 1871 1872 1873 1874 1875 1876 1877 1878 1879 1880 1881 1882 1883 1884 1885 1886 1887 1888 1889 1890 1891 1892 1893 |
int kernel_execve(const char *kernel_filename, const char *const *argv, const char *const *envp) { struct filename *filename; struct linux_binprm *bprm; int fd = AT_FDCWD; int retval; filename = getname_kernel(kernel_filename); if (IS_ERR(filename)) return PTR_ERR(filename); bprm = alloc_bprm(fd, filename); if (IS_ERR(bprm)) { retval = PTR_ERR(bprm); goto out_ret; } retval = count_strings_kernel(argv); if (retval < 0) goto out_free; bprm->argc = retval; retval = count_strings_kernel(envp); if (retval < 0) goto out_free; bprm->envc = retval; retval = bprm_stack_limits(bprm); if (retval < 0) goto out_free; retval = copy_string_kernel(bprm->filename, bprm); if (retval < 0) goto out_free; bprm->exec = bprm->p; retval = copy_strings_kernel(bprm->envc, envp, bprm); if (retval < 0) goto out_free; retval = copy_strings_kernel(bprm->argc, argv, bprm); if (retval < 0) goto out_free; retval = bprm_execve(bprm, fd, filename, 0); out_free: free_bprm(bprm); out_ret: putname(filename); return retval; } static int do_execve(struct filename *filename, |
ba2d01629 exec: introduce s... |
1894 |
const char __user *const __user *__argv, |
da3d4c5fa get rid of pt_reg... |
1895 |
const char __user *const __user *__envp) |
ba2d01629 exec: introduce s... |
1896 |
{ |
0e028465d exec: unify do_ex... |
1897 1898 |
struct user_arg_ptr argv = { .ptr.native = __argv }; struct user_arg_ptr envp = { .ptr.native = __envp }; |
51f39a1f0 syscalls: impleme... |
1899 1900 |
return do_execveat_common(AT_FDCWD, filename, argv, envp, 0); } |
be619f7f0 exec: Implement k... |
1901 |
static int do_execveat(int fd, struct filename *filename, |
51f39a1f0 syscalls: impleme... |
1902 1903 1904 1905 1906 1907 1908 1909 |
const char __user *const __user *__argv, const char __user *const __user *__envp, int flags) { struct user_arg_ptr argv = { .ptr.native = __argv }; struct user_arg_ptr envp = { .ptr.native = __envp }; return do_execveat_common(fd, filename, argv, envp, flags); |
0e028465d exec: unify do_ex... |
1910 1911 1912 |
} #ifdef CONFIG_COMPAT |
c4ad8f98b execve: use 'stru... |
1913 |
static int compat_do_execve(struct filename *filename, |
38b983b34 generic sys_execve() |
1914 |
const compat_uptr_t __user *__argv, |
d03d26e58 make compat_do_ex... |
1915 |
const compat_uptr_t __user *__envp) |
0e028465d exec: unify do_ex... |
1916 1917 1918 1919 1920 1921 1922 1923 1924 |
{ struct user_arg_ptr argv = { .is_compat = true, .ptr.compat = __argv, }; struct user_arg_ptr envp = { .is_compat = true, .ptr.compat = __envp, }; |
51f39a1f0 syscalls: impleme... |
1925 1926 1927 1928 1929 1930 1931 1932 1933 1934 1935 1936 1937 1938 1939 1940 1941 |
return do_execveat_common(AT_FDCWD, filename, argv, envp, 0); } static int compat_do_execveat(int fd, struct filename *filename, const compat_uptr_t __user *__argv, const compat_uptr_t __user *__envp, int flags) { struct user_arg_ptr argv = { .is_compat = true, .ptr.compat = __argv, }; struct user_arg_ptr envp = { .is_compat = true, .ptr.compat = __envp, }; return do_execveat_common(fd, filename, argv, envp, flags); |
ba2d01629 exec: introduce s... |
1942 |
} |
0e028465d exec: unify do_ex... |
1943 |
#endif |
ba2d01629 exec: introduce s... |
1944 |
|
964ee7df9 exec: fix set_bin... |
1945 |
void set_binfmt(struct linux_binfmt *new) |
1da177e4c Linux-2.6.12-rc2 |
1946 |
{ |
801460d0c task_struct clean... |
1947 1948 1949 1950 |
struct mm_struct *mm = current->mm; if (mm->binfmt) module_put(mm->binfmt->module); |
1da177e4c Linux-2.6.12-rc2 |
1951 |
|
801460d0c task_struct clean... |
1952 |
mm->binfmt = new; |
964ee7df9 exec: fix set_bin... |
1953 1954 |
if (new) __module_get(new->module); |
1da177e4c Linux-2.6.12-rc2 |
1955 |
} |
1da177e4c Linux-2.6.12-rc2 |
1956 |
EXPORT_SYMBOL(set_binfmt); |
6c5d52382 coredump masking:... |
1957 |
/* |
7288e1187 coredump: kill MM... |
1958 |
* set_dumpable stores three-value SUID_DUMP_* into mm->flags. |
6c5d52382 coredump masking:... |
1959 1960 1961 |
*/ void set_dumpable(struct mm_struct *mm, int value) { |
7288e1187 coredump: kill MM... |
1962 1963 |
if (WARN_ON((unsigned)value > SUID_DUMP_ROOT)) return; |
26e152252 fs/exec.c: replac... |
1964 |
set_mask_bits(&mm->flags, MMF_DUMPABLE_MASK, value); |
6c5d52382 coredump masking:... |
1965 |
} |
6c5d52382 coredump masking:... |
1966 |
|
38b983b34 generic sys_execve() |
1967 1968 1969 1970 1971 |
SYSCALL_DEFINE3(execve, const char __user *, filename, const char __user *const __user *, argv, const char __user *const __user *, envp) { |
c4ad8f98b execve: use 'stru... |
1972 |
return do_execve(getname(filename), argv, envp); |
38b983b34 generic sys_execve() |
1973 |
} |
51f39a1f0 syscalls: impleme... |
1974 1975 1976 1977 1978 1979 1980 1981 1982 1983 1984 1985 1986 |
SYSCALL_DEFINE5(execveat, int, fd, const char __user *, filename, const char __user *const __user *, argv, const char __user *const __user *, envp, int, flags) { int lookup_flags = (flags & AT_EMPTY_PATH) ? LOOKUP_EMPTY : 0; return do_execveat(fd, getname_flags(filename, lookup_flags, NULL), argv, envp, flags); } |
38b983b34 generic sys_execve() |
1987 |
#ifdef CONFIG_COMPAT |
625b1d7e8 fs/compat: conver... |
1988 1989 1990 |
COMPAT_SYSCALL_DEFINE3(execve, const char __user *, filename, const compat_uptr_t __user *, argv, const compat_uptr_t __user *, envp) |
38b983b34 generic sys_execve() |
1991 |
{ |
c4ad8f98b execve: use 'stru... |
1992 |
return compat_do_execve(getname(filename), argv, envp); |
38b983b34 generic sys_execve() |
1993 |
} |
51f39a1f0 syscalls: impleme... |
1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 |
COMPAT_SYSCALL_DEFINE5(execveat, int, fd, const char __user *, filename, const compat_uptr_t __user *, argv, const compat_uptr_t __user *, envp, int, flags) { int lookup_flags = (flags & AT_EMPTY_PATH) ? LOOKUP_EMPTY : 0; return compat_do_execveat(fd, getname_flags(filename, lookup_flags, NULL), argv, envp, flags); } |
38b983b34 generic sys_execve() |
2007 |
#endif |