Blame view
fs/exec.c
45 KB
1da177e4c Linux-2.6.12-rc2 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
/* * linux/fs/exec.c * * Copyright (C) 1991, 1992 Linus Torvalds */ /* * #!-checking implemented by tytso. */ /* * Demand-loading implemented 01.12.91 - no need to read anything but * the header into memory. The inode of the executable is put into * "current->executable", and page faults do the actual loading. Clean. * * Once more I can proudly say that linux stood up to being changed: it * was less than 2 hours work to get demand-loading completely implemented. * * Demand loading changed July 1993 by Eric Youngdale. Use mmap instead, * current->executable is only used by the procfs. This allows a dispatch * table to check for several different types of binary formats. We keep * trying until we recognize the file or we run out of supported binary |
c1df5a637 fs: exec: apply C... |
22 |
* formats. |
1da177e4c Linux-2.6.12-rc2 |
23 |
*/ |
1da177e4c Linux-2.6.12-rc2 |
24 25 |
#include <linux/slab.h> #include <linux/file.h> |
9f3acc314 [PATCH] split lin... |
26 |
#include <linux/fdtable.h> |
ba92a43db exec: remove some... |
27 |
#include <linux/mm.h> |
615d6e875 mm: per-thread vm... |
28 |
#include <linux/vmacache.h> |
1da177e4c Linux-2.6.12-rc2 |
29 30 |
#include <linux/stat.h> #include <linux/fcntl.h> |
ba92a43db exec: remove some... |
31 |
#include <linux/swap.h> |
74aadce98 core_pattern: all... |
32 |
#include <linux/string.h> |
1da177e4c Linux-2.6.12-rc2 |
33 |
#include <linux/init.h> |
ca5b172bd exec: include pag... |
34 |
#include <linux/pagemap.h> |
cdd6c482c perf: Do the big ... |
35 |
#include <linux/perf_event.h> |
1da177e4c Linux-2.6.12-rc2 |
36 37 38 39 40 |
#include <linux/highmem.h> #include <linux/spinlock.h> #include <linux/key.h> #include <linux/personality.h> #include <linux/binfmts.h> |
1da177e4c Linux-2.6.12-rc2 |
41 |
#include <linux/utsname.h> |
84d737866 [PATCH] add child... |
42 |
#include <linux/pid_namespace.h> |
1da177e4c Linux-2.6.12-rc2 |
43 44 |
#include <linux/module.h> #include <linux/namei.h> |
1da177e4c Linux-2.6.12-rc2 |
45 46 47 |
#include <linux/mount.h> #include <linux/security.h> #include <linux/syscalls.h> |
8f0ab5147 [PATCH] csa: conv... |
48 |
#include <linux/tsacct_kern.h> |
9f46080c4 [PATCH] Process E... |
49 |
#include <linux/cn_proc.h> |
473ae30bc [PATCH] execve ar... |
50 |
#include <linux/audit.h> |
6341c393f tracehook: exec |
51 |
#include <linux/tracehook.h> |
5f4123be3 remove CONFIG_KMO... |
52 |
#include <linux/kmod.h> |
6110e3abb sys_execve and sy... |
53 |
#include <linux/fsnotify.h> |
5ad4e53bd Get rid of indire... |
54 |
#include <linux/fs_struct.h> |
61be228a0 exec: allow do_co... |
55 |
#include <linux/pipe_fs_i.h> |
3d5992d2a oom: add per-mm o... |
56 |
#include <linux/oom.h> |
0e028465d exec: unify do_ex... |
57 |
#include <linux/compat.h> |
b44a7dfc6 vfs: define a gen... |
58 |
#include <linux/vmalloc.h> |
1da177e4c Linux-2.6.12-rc2 |
59 60 61 |
#include <asm/uaccess.h> #include <asm/mmu_context.h> |
b6a2fea39 mm: variable leng... |
62 |
#include <asm/tlb.h> |
43d2b1132 tracepoint: add t... |
63 64 |
#include <trace/events/task.h> |
a6f76f23d CRED: Make execve... |
65 |
#include "internal.h" |
1da177e4c Linux-2.6.12-rc2 |
66 |
|
4ff16c25e tracepoint, vfs, ... |
67 |
#include <trace/events/sched.h> |
d6e711448 [PATCH] setuid co... |
68 |
int suid_dumpable = 0; |
e4dc1b14d Use list_head in ... |
69 |
static LIST_HEAD(formats); |
1da177e4c Linux-2.6.12-rc2 |
70 |
static DEFINE_RWLOCK(binfmt_lock); |
8fc3dc5a3 __register_binfmt... |
71 |
void __register_binfmt(struct linux_binfmt * fmt, int insert) |
1da177e4c Linux-2.6.12-rc2 |
72 |
{ |
8fc3dc5a3 __register_binfmt... |
73 |
BUG_ON(!fmt); |
92eaa565a exec: kill ->load... |
74 75 |
if (WARN_ON(!fmt->load_binary)) return; |
1da177e4c Linux-2.6.12-rc2 |
76 |
write_lock(&binfmt_lock); |
74641f584 alpha: binfmt_aou... |
77 78 |
insert ? list_add(&fmt->lh, &formats) : list_add_tail(&fmt->lh, &formats); |
1da177e4c Linux-2.6.12-rc2 |
79 |
write_unlock(&binfmt_lock); |
1da177e4c Linux-2.6.12-rc2 |
80 |
} |
74641f584 alpha: binfmt_aou... |
81 |
EXPORT_SYMBOL(__register_binfmt); |
1da177e4c Linux-2.6.12-rc2 |
82 |
|
f6b450d48 Make unregister_b... |
83 |
void unregister_binfmt(struct linux_binfmt * fmt) |
1da177e4c Linux-2.6.12-rc2 |
84 |
{ |
1da177e4c Linux-2.6.12-rc2 |
85 |
write_lock(&binfmt_lock); |
e4dc1b14d Use list_head in ... |
86 |
list_del(&fmt->lh); |
1da177e4c Linux-2.6.12-rc2 |
87 |
write_unlock(&binfmt_lock); |
1da177e4c Linux-2.6.12-rc2 |
88 89 90 91 92 93 94 95 |
} EXPORT_SYMBOL(unregister_binfmt); static inline void put_binfmt(struct linux_binfmt * fmt) { module_put(fmt->module); } |
90f8572b0 vfs: Commit to ne... |
96 97 98 99 100 |
bool path_noexec(const struct path *path) { return (path->mnt->mnt_flags & MNT_NOEXEC) || (path->mnt->mnt_sb->s_iflags & SB_I_NOEXEC); } |
69369a700 fs, kernel: permi... |
101 |
#ifdef CONFIG_USELIB |
1da177e4c Linux-2.6.12-rc2 |
102 103 104 105 106 107 |
/* * Note that a shared library must be both readable and executable due to * security reasons. * * Also note that we take the address to load from from the file itself. */ |
1e7bfb213 [CVE-2009-0029] S... |
108 |
SYSCALL_DEFINE1(uselib, const char __user *, library) |
1da177e4c Linux-2.6.12-rc2 |
109 |
{ |
72c2d5319 file->f_op is nev... |
110 |
struct linux_binfmt *fmt; |
964bd1836 [PATCH] get rid o... |
111 |
struct file *file; |
91a27b2a7 vfs: define struc... |
112 |
struct filename *tmp = getname(library); |
964bd1836 [PATCH] get rid o... |
113 |
int error = PTR_ERR(tmp); |
47c805dc2 switch do_filp_op... |
114 115 |
static const struct open_flags uselib_flags = { .open_flag = O_LARGEFILE | O_RDONLY | __FMODE_EXEC, |
62fb4a155 don't carry MAY_O... |
116 |
.acc_mode = MAY_READ | MAY_EXEC, |
f9652e10c allow build_open_... |
117 118 |
.intent = LOOKUP_OPEN, .lookup_flags = LOOKUP_FOLLOW, |
47c805dc2 switch do_filp_op... |
119 |
}; |
964bd1836 [PATCH] get rid o... |
120 |
|
6e8341a11 Switch open_exec(... |
121 122 |
if (IS_ERR(tmp)) goto out; |
f9652e10c allow build_open_... |
123 |
file = do_filp_open(AT_FDCWD, tmp, &uselib_flags); |
6e8341a11 Switch open_exec(... |
124 125 126 |
putname(tmp); error = PTR_ERR(file); if (IS_ERR(file)) |
1da177e4c Linux-2.6.12-rc2 |
127 128 129 |
goto out; error = -EINVAL; |
496ad9aa8 new helper: file_... |
130 |
if (!S_ISREG(file_inode(file)->i_mode)) |
1da177e4c Linux-2.6.12-rc2 |
131 |
goto exit; |
30524472c [PATCH] take noex... |
132 |
error = -EACCES; |
90f8572b0 vfs: Commit to ne... |
133 |
if (path_noexec(&file->f_path)) |
6146f0d5e integrity: IMA hooks |
134 |
goto exit; |
1da177e4c Linux-2.6.12-rc2 |
135 |
|
2a12a9d78 fsnotify: pass a ... |
136 |
fsnotify_open(file); |
6110e3abb sys_execve and sy... |
137 |
|
1da177e4c Linux-2.6.12-rc2 |
138 |
error = -ENOEXEC; |
1da177e4c Linux-2.6.12-rc2 |
139 |
|
72c2d5319 file->f_op is nev... |
140 141 142 143 144 145 |
read_lock(&binfmt_lock); list_for_each_entry(fmt, &formats, lh) { if (!fmt->load_shlib) continue; if (!try_module_get(fmt->module)) continue; |
1da177e4c Linux-2.6.12-rc2 |
146 |
read_unlock(&binfmt_lock); |
72c2d5319 file->f_op is nev... |
147 148 149 150 151 |
error = fmt->load_shlib(file); read_lock(&binfmt_lock); put_binfmt(fmt); if (error != -ENOEXEC) break; |
1da177e4c Linux-2.6.12-rc2 |
152 |
} |
72c2d5319 file->f_op is nev... |
153 |
read_unlock(&binfmt_lock); |
6e8341a11 Switch open_exec(... |
154 |
exit: |
1da177e4c Linux-2.6.12-rc2 |
155 156 157 |
fput(file); out: return error; |
1da177e4c Linux-2.6.12-rc2 |
158 |
} |
69369a700 fs, kernel: permi... |
159 |
#endif /* #ifdef CONFIG_USELIB */ |
1da177e4c Linux-2.6.12-rc2 |
160 |
|
b6a2fea39 mm: variable leng... |
161 |
#ifdef CONFIG_MMU |
ae6b585ee exec: document ac... |
162 163 164 165 166 167 |
/* * The nascent bprm->mm is not visible until exec_mmap() but it can * use a lot of memory, account these pages in current->mm temporary * for oom_badness()->get_mm_rss(). Once exec succeeds or fails, we * change the counter back via acct_arg_size(0). */ |
0e028465d exec: unify do_ex... |
168 |
static void acct_arg_size(struct linux_binprm *bprm, unsigned long pages) |
3c77f8457 exec: make argv/e... |
169 170 171 172 173 174 175 176 |
{ struct mm_struct *mm = current->mm; long diff = (long)(pages - bprm->vma_pages); if (!mm || !diff) return; bprm->vma_pages = pages; |
3c77f8457 exec: make argv/e... |
177 |
add_mm_counter(mm, MM_ANONPAGES, diff); |
3c77f8457 exec: make argv/e... |
178 |
} |
0e028465d exec: unify do_ex... |
179 |
static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, |
b6a2fea39 mm: variable leng... |
180 181 182 183 |
int write) { struct page *page; int ret; |
9beae1ea8 mm: replace get_u... |
184 |
unsigned int gup_flags = FOLL_FORCE; |
b6a2fea39 mm: variable leng... |
185 186 187 |
#ifdef CONFIG_STACK_GROWSUP if (write) { |
d05f3169c mm: make expand_d... |
188 |
ret = expand_downwards(bprm->vma, pos); |
b6a2fea39 mm: variable leng... |
189 190 191 192 |
if (ret < 0) return NULL; } #endif |
9beae1ea8 mm: replace get_u... |
193 194 195 |
if (write) gup_flags |= FOLL_WRITE; |
1e9877902 mm/gup: Introduce... |
196 197 198 199 |
/* * We are doing an exec(). 'current' is the process * doing the exec and bprm->mm is the new process's mm. */ |
9beae1ea8 mm: replace get_u... |
200 201 |
ret = get_user_pages_remote(current, bprm->mm, pos, 1, gup_flags, &page, NULL); |
b6a2fea39 mm: variable leng... |
202 203 204 205 |
if (ret <= 0) return NULL; if (write) { |
b6a2fea39 mm: variable leng... |
206 |
unsigned long size = bprm->vma->vm_end - bprm->vma->vm_start; |
f31c4f65d exec: Limit arg s... |
207 |
unsigned long ptr_size, limit; |
a64e715fc Allow ARG_MAX exe... |
208 |
|
3d6848e49 fs/exec.c: accoun... |
209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 |
/* * Since the stack will hold pointers to the strings, we * must account for them as well. * * The size calculation is the entire vma while each arg page is * built, so each time we get here it's calculating how far it * is currently (rather than each call being just the newly * added size from the arg page). As a result, we need to * always add the entire size of the pointers, so that on the * last call to get_arg_page() we'll actually have the entire * correct size. */ ptr_size = (bprm->argc + bprm->envc) * sizeof(void *); if (ptr_size > ULONG_MAX - size) goto fail; size += ptr_size; |
3c77f8457 exec: make argv/e... |
225 |
acct_arg_size(bprm, size / PAGE_SIZE); |
a64e715fc Allow ARG_MAX exe... |
226 227 228 229 230 231 |
/* * We've historically supported up to 32 pages (ARG_MAX) * of argument strings even with small stacks */ if (size <= ARG_MAX) return page; |
b6a2fea39 mm: variable leng... |
232 233 |
/* |
f31c4f65d exec: Limit arg s... |
234 235 |
* Limit to 1/4 of the max stack size or 3/4 of _STK_LIM * (whichever is smaller) for the argv+env strings. |
b6a2fea39 mm: variable leng... |
236 237 238 239 240 |
* This ensures that: * - the remaining binfmt code will not run out of stack space, * - the program will have a reasonable amount of stack left * to work from. */ |
f31c4f65d exec: Limit arg s... |
241 242 243 |
limit = _STK_LIM / 4 * 3; limit = min(limit, rlimit(RLIMIT_STACK) / 4); if (size > limit) |
3d6848e49 fs/exec.c: accoun... |
244 |
goto fail; |
b6a2fea39 mm: variable leng... |
245 246 247 |
} return page; |
3d6848e49 fs/exec.c: accoun... |
248 249 250 251 |
fail: put_page(page); return NULL; |
b6a2fea39 mm: variable leng... |
252 253 254 255 256 257 |
} static void put_arg_page(struct page *page) { put_page(page); } |
b6a2fea39 mm: variable leng... |
258 259 260 261 262 263 264 265 266 267 268 269 |
static void free_arg_pages(struct linux_binprm *bprm) { } static void flush_arg_page(struct linux_binprm *bprm, unsigned long pos, struct page *page) { flush_cache_page(bprm->vma, pos, page_to_pfn(page)); } static int __bprm_mm_init(struct linux_binprm *bprm) { |
eaccbfa56 fs/exec.c:__bprm_... |
270 |
int err; |
b6a2fea39 mm: variable leng... |
271 272 273 274 275 |
struct vm_area_struct *vma = NULL; struct mm_struct *mm = bprm->mm; bprm->vma = vma = kmem_cache_zalloc(vm_area_cachep, GFP_KERNEL); if (!vma) |
eaccbfa56 fs/exec.c:__bprm_... |
276 |
return -ENOMEM; |
b6a2fea39 mm: variable leng... |
277 |
|
f268dfe90 exec: make exec p... |
278 279 280 281 |
if (down_write_killable(&mm->mmap_sem)) { err = -EINTR; goto err_free; } |
b6a2fea39 mm: variable leng... |
282 283 284 285 286 287 288 289 |
vma->vm_mm = mm; /* * Place the stack at the largest stack address the architecture * supports. Later, we'll move this to an appropriate place. We don't * use STACK_TOP because that can depend on attributes which aren't * configured yet. */ |
aacb3d17a fs/exec.c: use BU... |
290 |
BUILD_BUG_ON(VM_STACK_FLAGS & VM_STACK_INCOMPLETE_SETUP); |
b6a2fea39 mm: variable leng... |
291 292 |
vma->vm_end = STACK_TOP_MAX; vma->vm_start = vma->vm_end - PAGE_SIZE; |
d9104d1ca mm: track vma cha... |
293 |
vma->vm_flags = VM_SOFTDIRTY | VM_STACK_FLAGS | VM_STACK_INCOMPLETE_SETUP; |
3ed75eb8f setup vma->vm_pag... |
294 |
vma->vm_page_prot = vm_get_page_prot(vma->vm_flags); |
5beb49305 mm: change anon_v... |
295 |
INIT_LIST_HEAD(&vma->anon_vma_chain); |
462e635e5 install_special_m... |
296 |
|
b6a2fea39 mm: variable leng... |
297 |
err = insert_vm_struct(mm, vma); |
eaccbfa56 fs/exec.c:__bprm_... |
298 |
if (err) |
b6a2fea39 mm: variable leng... |
299 |
goto err; |
b6a2fea39 mm: variable leng... |
300 301 |
mm->stack_vm = mm->total_vm = 1; |
fe3d197f8 x86, mpx: On-dema... |
302 |
arch_bprm_mm_init(mm, vma); |
b6a2fea39 mm: variable leng... |
303 |
up_write(&mm->mmap_sem); |
b6a2fea39 mm: variable leng... |
304 |
bprm->p = vma->vm_end - sizeof(void *); |
b6a2fea39 mm: variable leng... |
305 |
return 0; |
b6a2fea39 mm: variable leng... |
306 |
err: |
eaccbfa56 fs/exec.c:__bprm_... |
307 |
up_write(&mm->mmap_sem); |
f268dfe90 exec: make exec p... |
308 |
err_free: |
eaccbfa56 fs/exec.c:__bprm_... |
309 310 |
bprm->vma = NULL; kmem_cache_free(vm_area_cachep, vma); |
b6a2fea39 mm: variable leng... |
311 312 313 314 315 316 317 318 319 |
return err; } static bool valid_arg_len(struct linux_binprm *bprm, long len) { return len <= MAX_ARG_STRLEN; } #else |
0e028465d exec: unify do_ex... |
320 |
static inline void acct_arg_size(struct linux_binprm *bprm, unsigned long pages) |
3c77f8457 exec: make argv/e... |
321 322 |
{ } |
0e028465d exec: unify do_ex... |
323 |
static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, |
b6a2fea39 mm: variable leng... |
324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 |
int write) { struct page *page; page = bprm->page[pos / PAGE_SIZE]; if (!page && write) { page = alloc_page(GFP_HIGHUSER|__GFP_ZERO); if (!page) return NULL; bprm->page[pos / PAGE_SIZE] = page; } return page; } static void put_arg_page(struct page *page) { } static void free_arg_page(struct linux_binprm *bprm, int i) { if (bprm->page[i]) { __free_page(bprm->page[i]); bprm->page[i] = NULL; } } static void free_arg_pages(struct linux_binprm *bprm) { int i; for (i = 0; i < MAX_ARG_PAGES; i++) free_arg_page(bprm, i); } static void flush_arg_page(struct linux_binprm *bprm, unsigned long pos, struct page *page) { } static int __bprm_mm_init(struct linux_binprm *bprm) { bprm->p = PAGE_SIZE * MAX_ARG_PAGES - sizeof(void *); return 0; } static bool valid_arg_len(struct linux_binprm *bprm, long len) { return len <= bprm->p; } #endif /* CONFIG_MMU */ /* * Create a new mm_struct and populate it with a temporary stack * vm_area_struct. We don't have enough context at this point to set the stack * flags, permissions, and offset, so we use temporary values. We'll update * them later in setup_arg_pages(). */ |
9cc64ceaa fs/exec.c: make b... |
383 |
static int bprm_mm_init(struct linux_binprm *bprm) |
b6a2fea39 mm: variable leng... |
384 385 386 387 388 389 390 391 |
{ int err; struct mm_struct *mm = NULL; bprm->mm = mm = mm_alloc(); err = -ENOMEM; if (!mm) goto err; |
b6a2fea39 mm: variable leng... |
392 393 394 395 396 397 398 399 400 401 402 403 404 405 |
err = __bprm_mm_init(bprm); if (err) goto err; return 0; err: if (mm) { bprm->mm = NULL; mmdrop(mm); } return err; } |
ba2d01629 exec: introduce s... |
406 |
struct user_arg_ptr { |
0e028465d exec: unify do_ex... |
407 408 409 410 411 412 |
#ifdef CONFIG_COMPAT bool is_compat; #endif union { const char __user *const __user *native; #ifdef CONFIG_COMPAT |
38b983b34 generic sys_execve() |
413 |
const compat_uptr_t __user *compat; |
0e028465d exec: unify do_ex... |
414 415 |
#endif } ptr; |
ba2d01629 exec: introduce s... |
416 417 418 |
}; static const char __user *get_user_arg_ptr(struct user_arg_ptr argv, int nr) |
1d1dbf813 exec: introduce g... |
419 |
{ |
0e028465d exec: unify do_ex... |
420 421 422 423 424 425 426 427 |
const char __user *native; #ifdef CONFIG_COMPAT if (unlikely(argv.is_compat)) { compat_uptr_t compat; if (get_user(compat, argv.ptr.compat + nr)) return ERR_PTR(-EFAULT); |
1d1dbf813 exec: introduce g... |
428 |
|
0e028465d exec: unify do_ex... |
429 430 431 432 433 |
return compat_ptr(compat); } #endif if (get_user(native, argv.ptr.native + nr)) |
1d1dbf813 exec: introduce g... |
434 |
return ERR_PTR(-EFAULT); |
0e028465d exec: unify do_ex... |
435 |
return native; |
1d1dbf813 exec: introduce g... |
436 |
} |
1da177e4c Linux-2.6.12-rc2 |
437 438 439 |
/* * count() counts the number of strings in array ARGV. */ |
ba2d01629 exec: introduce s... |
440 |
static int count(struct user_arg_ptr argv, int max) |
1da177e4c Linux-2.6.12-rc2 |
441 442 |
{ int i = 0; |
0e028465d exec: unify do_ex... |
443 |
if (argv.ptr.native != NULL) { |
1da177e4c Linux-2.6.12-rc2 |
444 |
for (;;) { |
1d1dbf813 exec: introduce g... |
445 |
const char __user *p = get_user_arg_ptr(argv, i); |
1da177e4c Linux-2.6.12-rc2 |
446 |
|
1da177e4c Linux-2.6.12-rc2 |
447 448 |
if (!p) break; |
1d1dbf813 exec: introduce g... |
449 450 451 |
if (IS_ERR(p)) return -EFAULT; |
6d92d4f6a fs/exec.c: work a... |
452 |
if (i >= max) |
1da177e4c Linux-2.6.12-rc2 |
453 |
return -E2BIG; |
6d92d4f6a fs/exec.c: work a... |
454 |
++i; |
9aea5a65a execve: make resp... |
455 456 457 |
if (fatal_signal_pending(current)) return -ERESTARTNOHAND; |
1da177e4c Linux-2.6.12-rc2 |
458 459 460 461 462 463 464 |
cond_resched(); } } return i; } /* |
b6a2fea39 mm: variable leng... |
465 466 467 |
* 'copy_strings()' copies argument/environment strings from the old * processes's memory to the new process's stack. The call to get_user_pages() * ensures the destination page is created and not swapped out. |
1da177e4c Linux-2.6.12-rc2 |
468 |
*/ |
ba2d01629 exec: introduce s... |
469 |
static int copy_strings(int argc, struct user_arg_ptr argv, |
75c96f858 [PATCH] make some... |
470 |
struct linux_binprm *bprm) |
1da177e4c Linux-2.6.12-rc2 |
471 472 473 |
{ struct page *kmapped_page = NULL; char *kaddr = NULL; |
b6a2fea39 mm: variable leng... |
474 |
unsigned long kpos = 0; |
1da177e4c Linux-2.6.12-rc2 |
475 476 477 |
int ret; while (argc-- > 0) { |
d7627467b Make do_execve() ... |
478 |
const char __user *str; |
1da177e4c Linux-2.6.12-rc2 |
479 480 |
int len; unsigned long pos; |
1d1dbf813 exec: introduce g... |
481 482 483 |
ret = -EFAULT; str = get_user_arg_ptr(argv, argc); if (IS_ERR(str)) |
1da177e4c Linux-2.6.12-rc2 |
484 |
goto out; |
1da177e4c Linux-2.6.12-rc2 |
485 |
|
1d1dbf813 exec: introduce g... |
486 487 488 489 490 491 |
len = strnlen_user(str, MAX_ARG_STRLEN); if (!len) goto out; ret = -E2BIG; if (!valid_arg_len(bprm, len)) |
1da177e4c Linux-2.6.12-rc2 |
492 |
goto out; |
1da177e4c Linux-2.6.12-rc2 |
493 |
|
b6a2fea39 mm: variable leng... |
494 |
/* We're going to work our way backwords. */ |
1da177e4c Linux-2.6.12-rc2 |
495 |
pos = bprm->p; |
b6a2fea39 mm: variable leng... |
496 497 |
str += len; bprm->p -= len; |
1da177e4c Linux-2.6.12-rc2 |
498 499 |
while (len > 0) { |
1da177e4c Linux-2.6.12-rc2 |
500 |
int offset, bytes_to_copy; |
1da177e4c Linux-2.6.12-rc2 |
501 |
|
9aea5a65a execve: make resp... |
502 503 504 505 |
if (fatal_signal_pending(current)) { ret = -ERESTARTNOHAND; goto out; } |
7993bc1f4 execve: improve i... |
506 |
cond_resched(); |
1da177e4c Linux-2.6.12-rc2 |
507 |
offset = pos % PAGE_SIZE; |
b6a2fea39 mm: variable leng... |
508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 |
if (offset == 0) offset = PAGE_SIZE; bytes_to_copy = offset; if (bytes_to_copy > len) bytes_to_copy = len; offset -= bytes_to_copy; pos -= bytes_to_copy; str -= bytes_to_copy; len -= bytes_to_copy; if (!kmapped_page || kpos != (pos & PAGE_MASK)) { struct page *page; page = get_arg_page(bprm, pos, 1); |
1da177e4c Linux-2.6.12-rc2 |
524 |
if (!page) { |
b6a2fea39 mm: variable leng... |
525 |
ret = -E2BIG; |
1da177e4c Linux-2.6.12-rc2 |
526 527 |
goto out; } |
1da177e4c Linux-2.6.12-rc2 |
528 |
|
b6a2fea39 mm: variable leng... |
529 530 |
if (kmapped_page) { flush_kernel_dcache_page(kmapped_page); |
1da177e4c Linux-2.6.12-rc2 |
531 |
kunmap(kmapped_page); |
b6a2fea39 mm: variable leng... |
532 533 |
put_arg_page(kmapped_page); } |
1da177e4c Linux-2.6.12-rc2 |
534 535 |
kmapped_page = page; kaddr = kmap(kmapped_page); |
b6a2fea39 mm: variable leng... |
536 537 |
kpos = pos & PAGE_MASK; flush_arg_page(bprm, kpos, kmapped_page); |
1da177e4c Linux-2.6.12-rc2 |
538 |
} |
b6a2fea39 mm: variable leng... |
539 |
if (copy_from_user(kaddr+offset, str, bytes_to_copy)) { |
1da177e4c Linux-2.6.12-rc2 |
540 541 542 |
ret = -EFAULT; goto out; } |
1da177e4c Linux-2.6.12-rc2 |
543 544 545 546 |
} } ret = 0; out: |
b6a2fea39 mm: variable leng... |
547 548 |
if (kmapped_page) { flush_kernel_dcache_page(kmapped_page); |
1da177e4c Linux-2.6.12-rc2 |
549 |
kunmap(kmapped_page); |
b6a2fea39 mm: variable leng... |
550 551 |
put_arg_page(kmapped_page); } |
1da177e4c Linux-2.6.12-rc2 |
552 553 554 555 556 557 |
return ret; } /* * Like copy_strings, but get argv and its values from kernel memory. */ |
ba2d01629 exec: introduce s... |
558 |
int copy_strings_kernel(int argc, const char *const *__argv, |
d7627467b Make do_execve() ... |
559 |
struct linux_binprm *bprm) |
1da177e4c Linux-2.6.12-rc2 |
560 561 562 |
{ int r; mm_segment_t oldfs = get_fs(); |
ba2d01629 exec: introduce s... |
563 |
struct user_arg_ptr argv = { |
0e028465d exec: unify do_ex... |
564 |
.ptr.native = (const char __user *const __user *)__argv, |
ba2d01629 exec: introduce s... |
565 |
}; |
1da177e4c Linux-2.6.12-rc2 |
566 |
set_fs(KERNEL_DS); |
ba2d01629 exec: introduce s... |
567 |
r = copy_strings(argc, argv, bprm); |
1da177e4c Linux-2.6.12-rc2 |
568 |
set_fs(oldfs); |
ba2d01629 exec: introduce s... |
569 |
|
1da177e4c Linux-2.6.12-rc2 |
570 571 |
return r; } |
1da177e4c Linux-2.6.12-rc2 |
572 573 574 |
EXPORT_SYMBOL(copy_strings_kernel); #ifdef CONFIG_MMU |
b6a2fea39 mm: variable leng... |
575 |
|
1da177e4c Linux-2.6.12-rc2 |
576 |
/* |
b6a2fea39 mm: variable leng... |
577 578 579 |
* During bprm_mm_init(), we create a temporary stack at STACK_TOP_MAX. Once * the binfmt code determines where the new stack should reside, we shift it to * its final location. The process proceeds as follows: |
1da177e4c Linux-2.6.12-rc2 |
580 |
* |
b6a2fea39 mm: variable leng... |
581 582 583 584 585 586 |
* 1) Use shift to calculate the new vma endpoints. * 2) Extend vma to cover both the old and new ranges. This ensures the * arguments passed to subsequent functions are consistent. * 3) Move vma's page tables to the new range. * 4) Free up any cleared pgd range. * 5) Shrink the vma to cover only the new range. |
1da177e4c Linux-2.6.12-rc2 |
587 |
*/ |
b6a2fea39 mm: variable leng... |
588 |
static int shift_arg_pages(struct vm_area_struct *vma, unsigned long shift) |
1da177e4c Linux-2.6.12-rc2 |
589 590 |
{ struct mm_struct *mm = vma->vm_mm; |
b6a2fea39 mm: variable leng... |
591 592 593 594 595 |
unsigned long old_start = vma->vm_start; unsigned long old_end = vma->vm_end; unsigned long length = old_end - old_start; unsigned long new_start = old_start - shift; unsigned long new_end = old_end - shift; |
d16dfc550 mm: mmu_gather re... |
596 |
struct mmu_gather tlb; |
1da177e4c Linux-2.6.12-rc2 |
597 |
|
b6a2fea39 mm: variable leng... |
598 |
BUG_ON(new_start > new_end); |
1da177e4c Linux-2.6.12-rc2 |
599 |
|
b6a2fea39 mm: variable leng... |
600 601 602 603 604 605 606 607 608 609 |
/* * ensure there are no vmas between where we want to go * and where we are */ if (vma != find_vma(mm, new_start)) return -EFAULT; /* * cover the whole range: [new_start, old_end) */ |
5beb49305 mm: change anon_v... |
610 611 |
if (vma_adjust(vma, new_start, old_end, vma->vm_pgoff, NULL)) return -ENOMEM; |
b6a2fea39 mm: variable leng... |
612 613 614 615 616 617 |
/* * move the page tables downwards, on failure we rely on * process cleanup to remove whatever mess we made. */ if (length != move_page_tables(vma, old_start, |
38a76013a mm: avoid taking ... |
618 |
vma, new_start, length, false)) |
b6a2fea39 mm: variable leng... |
619 620 621 |
return -ENOMEM; lru_add_drain(); |
2b047252d Fix TLB gather vi... |
622 |
tlb_gather_mmu(&tlb, mm, old_start, old_end); |
b6a2fea39 mm: variable leng... |
623 624 625 626 |
if (new_end > old_start) { /* * when the old and new regions overlap clear from new_end. */ |
d16dfc550 mm: mmu_gather re... |
627 |
free_pgd_range(&tlb, new_end, old_end, new_end, |
6ee8630e0 mm: allow arch co... |
628 |
vma->vm_next ? vma->vm_next->vm_start : USER_PGTABLES_CEILING); |
b6a2fea39 mm: variable leng... |
629 630 631 632 633 634 635 |
} else { /* * otherwise, clean from old_start; this is done to not touch * the address space in [new_end, old_start) some architectures * have constraints on va-space that make this illegal (IA64) - * for the others its just a little faster. */ |
d16dfc550 mm: mmu_gather re... |
636 |
free_pgd_range(&tlb, old_start, old_end, new_end, |
6ee8630e0 mm: allow arch co... |
637 |
vma->vm_next ? vma->vm_next->vm_start : USER_PGTABLES_CEILING); |
1da177e4c Linux-2.6.12-rc2 |
638 |
} |
2b047252d Fix TLB gather vi... |
639 |
tlb_finish_mmu(&tlb, old_start, old_end); |
b6a2fea39 mm: variable leng... |
640 641 |
/* |
5beb49305 mm: change anon_v... |
642 |
* Shrink the vma to just the new range. Always succeeds. |
b6a2fea39 mm: variable leng... |
643 644 645 646 |
*/ vma_adjust(vma, new_start, new_end, vma->vm_pgoff, NULL); return 0; |
1da177e4c Linux-2.6.12-rc2 |
647 |
} |
b6a2fea39 mm: variable leng... |
648 649 650 651 |
/* * Finalizes the stack vm_area_struct. The flags and permissions are updated, * the stack is optionally relocated, and some extra space is added. */ |
1da177e4c Linux-2.6.12-rc2 |
652 653 654 655 |
int setup_arg_pages(struct linux_binprm *bprm, unsigned long stack_top, int executable_stack) { |
b6a2fea39 mm: variable leng... |
656 657 |
unsigned long ret; unsigned long stack_shift; |
1da177e4c Linux-2.6.12-rc2 |
658 |
struct mm_struct *mm = current->mm; |
b6a2fea39 mm: variable leng... |
659 660 661 662 |
struct vm_area_struct *vma = bprm->vma; struct vm_area_struct *prev = NULL; unsigned long vm_flags; unsigned long stack_base; |
803bf5ec2 fs/exec.c: restri... |
663 664 665 |
unsigned long stack_size; unsigned long stack_expand; unsigned long rlim_stack; |
1da177e4c Linux-2.6.12-rc2 |
666 667 |
#ifdef CONFIG_STACK_GROWSUP |
d71f290b4 metag: Reduce max... |
668 |
/* Limit stack size */ |
d554ed895 fs: use rlimit he... |
669 |
stack_base = rlimit_max(RLIMIT_STACK); |
d71f290b4 metag: Reduce max... |
670 671 |
if (stack_base > STACK_SIZE_MAX) stack_base = STACK_SIZE_MAX; |
1da177e4c Linux-2.6.12-rc2 |
672 |
|
d045c77c1 parisc,metag: Fix... |
673 674 |
/* Add space for stack randomization. */ stack_base += (STACK_RND_MASK << PAGE_SHIFT); |
b6a2fea39 mm: variable leng... |
675 676 677 |
/* Make sure we didn't let the argument array grow too large. */ if (vma->vm_end - vma->vm_start > stack_base) return -ENOMEM; |
1da177e4c Linux-2.6.12-rc2 |
678 |
|
b6a2fea39 mm: variable leng... |
679 |
stack_base = PAGE_ALIGN(stack_top - stack_base); |
1da177e4c Linux-2.6.12-rc2 |
680 |
|
b6a2fea39 mm: variable leng... |
681 682 683 |
stack_shift = vma->vm_start - stack_base; mm->arg_start = bprm->p - stack_shift; bprm->p = vma->vm_end - stack_shift; |
1da177e4c Linux-2.6.12-rc2 |
684 |
#else |
b6a2fea39 mm: variable leng... |
685 686 |
stack_top = arch_align_stack(stack_top); stack_top = PAGE_ALIGN(stack_top); |
1b528181b setup_arg_pages: ... |
687 688 689 690 |
if (unlikely(stack_top < mmap_min_addr) || unlikely(vma->vm_end - vma->vm_start >= stack_top - mmap_min_addr)) return -ENOMEM; |
b6a2fea39 mm: variable leng... |
691 692 693 |
stack_shift = vma->vm_end - stack_top; bprm->p -= stack_shift; |
1da177e4c Linux-2.6.12-rc2 |
694 |
mm->arg_start = bprm->p; |
1da177e4c Linux-2.6.12-rc2 |
695 |
#endif |
1da177e4c Linux-2.6.12-rc2 |
696 |
if (bprm->loader) |
b6a2fea39 mm: variable leng... |
697 698 |
bprm->loader -= stack_shift; bprm->exec -= stack_shift; |
1da177e4c Linux-2.6.12-rc2 |
699 |
|
f268dfe90 exec: make exec p... |
700 701 |
if (down_write_killable(&mm->mmap_sem)) return -EINTR; |
96a8e13ed exec: fix stack e... |
702 |
vm_flags = VM_STACK_FLAGS; |
b6a2fea39 mm: variable leng... |
703 704 705 706 707 708 709 710 711 712 713 |
/* * Adjust stack execute permissions; explicitly enable for * EXSTACK_ENABLE_X, disable for EXSTACK_DISABLE_X and leave alone * (arch default) otherwise. */ if (unlikely(executable_stack == EXSTACK_ENABLE_X)) vm_flags |= VM_EXEC; else if (executable_stack == EXSTACK_DISABLE_X) vm_flags &= ~VM_EXEC; vm_flags |= mm->def_flags; |
a8bef8ff6 mm: migration: av... |
714 |
vm_flags |= VM_STACK_INCOMPLETE_SETUP; |
b6a2fea39 mm: variable leng... |
715 716 717 718 719 720 721 722 723 724 |
ret = mprotect_fixup(vma, &prev, vma->vm_start, vma->vm_end, vm_flags); if (ret) goto out_unlock; BUG_ON(prev != vma); /* Move stack pages down in memory. */ if (stack_shift) { ret = shift_arg_pages(vma, stack_shift); |
fc63cf237 exec: setup_arg_p... |
725 726 |
if (ret) goto out_unlock; |
1da177e4c Linux-2.6.12-rc2 |
727 |
} |
a8bef8ff6 mm: migration: av... |
728 729 |
/* mprotect_fixup is overkill to remove the temporary stack flags */ vma->vm_flags &= ~VM_STACK_INCOMPLETE_SETUP; |
5ef097dd7 exec: create init... |
730 |
stack_expand = 131072UL; /* randomly 32*4k (or 2*64k) pages */ |
803bf5ec2 fs/exec.c: restri... |
731 732 733 734 735 736 |
stack_size = vma->vm_end - vma->vm_start; /* * Align this down to a page boundary as expand_stack * will align it up. */ rlim_stack = rlimit(RLIMIT_STACK) & PAGE_MASK; |
b6a2fea39 mm: variable leng... |
737 |
#ifdef CONFIG_STACK_GROWSUP |
803bf5ec2 fs/exec.c: restri... |
738 739 740 741 |
if (stack_size + stack_expand > rlim_stack) stack_base = vma->vm_start + rlim_stack; else stack_base = vma->vm_end + stack_expand; |
b6a2fea39 mm: variable leng... |
742 |
#else |
803bf5ec2 fs/exec.c: restri... |
743 744 745 746 |
if (stack_size + stack_expand > rlim_stack) stack_base = vma->vm_end - rlim_stack; else stack_base = vma->vm_start - stack_expand; |
b6a2fea39 mm: variable leng... |
747 |
#endif |
3af9e8592 perf: Add non-exe... |
748 |
current->mm->start_stack = bprm->p; |
b6a2fea39 mm: variable leng... |
749 750 751 752 753 |
ret = expand_stack(vma, stack_base); if (ret) ret = -EFAULT; out_unlock: |
1da177e4c Linux-2.6.12-rc2 |
754 |
up_write(&mm->mmap_sem); |
fc63cf237 exec: setup_arg_p... |
755 |
return ret; |
1da177e4c Linux-2.6.12-rc2 |
756 |
} |
1da177e4c Linux-2.6.12-rc2 |
757 |
EXPORT_SYMBOL(setup_arg_pages); |
7e7ec6a93 elf_fdpic_transfe... |
758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 |
#else /* * Transfer the program arguments and environment from the holding pages * onto the stack. The provided stack pointer is adjusted accordingly. */ int transfer_args_to_stack(struct linux_binprm *bprm, unsigned long *sp_location) { unsigned long index, stop, sp; int ret = 0; stop = bprm->p >> PAGE_SHIFT; sp = *sp_location; for (index = MAX_ARG_PAGES - 1; index >= stop; index--) { unsigned int offset = index == stop ? bprm->p & ~PAGE_MASK : 0; char *src = kmap(bprm->page[index]) + offset; sp -= PAGE_SIZE - offset; if (copy_to_user((void *) sp, src, PAGE_SIZE - offset) != 0) ret = -EFAULT; kunmap(bprm->page[index]); if (ret) goto out; } *sp_location = sp; out: return ret; } EXPORT_SYMBOL(transfer_args_to_stack); |
1da177e4c Linux-2.6.12-rc2 |
790 |
#endif /* CONFIG_MMU */ |
51f39a1f0 syscalls: impleme... |
791 |
static struct file *do_open_execat(int fd, struct filename *name, int flags) |
1da177e4c Linux-2.6.12-rc2 |
792 |
{ |
1da177e4c Linux-2.6.12-rc2 |
793 |
struct file *file; |
e56b6a5dd Re: [PATCH 3/6] v... |
794 |
int err; |
51f39a1f0 syscalls: impleme... |
795 |
struct open_flags open_exec_flags = { |
47c805dc2 switch do_filp_op... |
796 |
.open_flag = O_LARGEFILE | O_RDONLY | __FMODE_EXEC, |
62fb4a155 don't carry MAY_O... |
797 |
.acc_mode = MAY_EXEC, |
f9652e10c allow build_open_... |
798 799 |
.intent = LOOKUP_OPEN, .lookup_flags = LOOKUP_FOLLOW, |
47c805dc2 switch do_filp_op... |
800 |
}; |
1da177e4c Linux-2.6.12-rc2 |
801 |
|
51f39a1f0 syscalls: impleme... |
802 803 804 805 806 807 808 809 |
if ((flags & ~(AT_SYMLINK_NOFOLLOW | AT_EMPTY_PATH)) != 0) return ERR_PTR(-EINVAL); if (flags & AT_SYMLINK_NOFOLLOW) open_exec_flags.lookup_flags &= ~LOOKUP_FOLLOW; if (flags & AT_EMPTY_PATH) open_exec_flags.lookup_flags |= LOOKUP_EMPTY; file = do_filp_open(fd, name, &open_exec_flags); |
6e8341a11 Switch open_exec(... |
810 |
if (IS_ERR(file)) |
e56b6a5dd Re: [PATCH 3/6] v... |
811 812 813 |
goto out; err = -EACCES; |
496ad9aa8 new helper: file_... |
814 |
if (!S_ISREG(file_inode(file)->i_mode)) |
6e8341a11 Switch open_exec(... |
815 |
goto exit; |
e56b6a5dd Re: [PATCH 3/6] v... |
816 |
|
90f8572b0 vfs: Commit to ne... |
817 |
if (path_noexec(&file->f_path)) |
6e8341a11 Switch open_exec(... |
818 |
goto exit; |
e56b6a5dd Re: [PATCH 3/6] v... |
819 820 |
err = deny_write_access(file); |
6e8341a11 Switch open_exec(... |
821 822 |
if (err) goto exit; |
1da177e4c Linux-2.6.12-rc2 |
823 |
|
51f39a1f0 syscalls: impleme... |
824 825 |
if (name->name[0] != '\0') fsnotify_open(file); |
6e8341a11 Switch open_exec(... |
826 |
out: |
e56b6a5dd Re: [PATCH 3/6] v... |
827 |
return file; |
6e8341a11 Switch open_exec(... |
828 829 |
exit: fput(file); |
e56b6a5dd Re: [PATCH 3/6] v... |
830 831 |
return ERR_PTR(err); } |
c4ad8f98b execve: use 'stru... |
832 833 834 |
struct file *open_exec(const char *name) { |
516891041 fs: create proper... |
835 836 837 838 839 840 841 842 |
struct filename *filename = getname_kernel(name); struct file *f = ERR_CAST(filename); if (!IS_ERR(filename)) { f = do_open_execat(AT_FDCWD, filename, 0); putname(filename); } return f; |
c4ad8f98b execve: use 'stru... |
843 |
} |
1da177e4c Linux-2.6.12-rc2 |
844 |
EXPORT_SYMBOL(open_exec); |
6777d773a kernel_read: rede... |
845 846 |
int kernel_read(struct file *file, loff_t offset, char *addr, unsigned long count) |
1da177e4c Linux-2.6.12-rc2 |
847 848 849 850 851 852 853 854 855 856 857 858 859 860 |
{ mm_segment_t old_fs; loff_t pos = offset; int result; old_fs = get_fs(); set_fs(get_ds()); /* The cast to a user pointer is valid due to the set_fs() */ result = vfs_read(file, (void __user *)addr, count, &pos); set_fs(old_fs); return result; } EXPORT_SYMBOL(kernel_read); |
b44a7dfc6 vfs: define a gen... |
861 |
int kernel_read_file(struct file *file, void **buf, loff_t *size, |
bc8ca5b92 vfs: define kerne... |
862 |
loff_t max_size, enum kernel_read_file_id id) |
b44a7dfc6 vfs: define a gen... |
863 864 865 866 867 868 869 |
{ loff_t i_size, pos; ssize_t bytes = 0; int ret; if (!S_ISREG(file_inode(file)->i_mode) || max_size < 0) return -EINVAL; |
39eeb4fb9 security: define ... |
870 871 872 |
ret = security_kernel_read_file(file, id); if (ret) return ret; |
39d637af5 vfs: forbid write... |
873 874 875 |
ret = deny_write_access(file); if (ret) return ret; |
b44a7dfc6 vfs: define a gen... |
876 |
i_size = i_size_read(file_inode(file)); |
39d637af5 vfs: forbid write... |
877 878 879 880 881 882 883 884 |
if (max_size > 0 && i_size > max_size) { ret = -EFBIG; goto out; } if (i_size <= 0) { ret = -EINVAL; goto out; } |
b44a7dfc6 vfs: define a gen... |
885 |
|
a098ecd2f firmware: support... |
886 887 |
if (id != READING_FIRMWARE_PREALLOC_BUFFER) *buf = vmalloc(i_size); |
39d637af5 vfs: forbid write... |
888 889 890 891 |
if (!*buf) { ret = -ENOMEM; goto out; } |
b44a7dfc6 vfs: define a gen... |
892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 |
pos = 0; while (pos < i_size) { bytes = kernel_read(file, pos, (char *)(*buf) + pos, i_size - pos); if (bytes < 0) { ret = bytes; goto out; } if (bytes == 0) break; pos += bytes; } if (pos != i_size) { ret = -EIO; |
39d637af5 vfs: forbid write... |
909 |
goto out_free; |
b44a7dfc6 vfs: define a gen... |
910 |
} |
bc8ca5b92 vfs: define kerne... |
911 |
ret = security_kernel_post_read_file(file, *buf, i_size, id); |
b44a7dfc6 vfs: define a gen... |
912 913 |
if (!ret) *size = pos; |
39d637af5 vfs: forbid write... |
914 |
out_free: |
b44a7dfc6 vfs: define a gen... |
915 |
if (ret < 0) { |
a098ecd2f firmware: support... |
916 917 918 919 |
if (id != READING_FIRMWARE_PREALLOC_BUFFER) { vfree(*buf); *buf = NULL; } |
b44a7dfc6 vfs: define a gen... |
920 |
} |
39d637af5 vfs: forbid write... |
921 922 923 |
out: allow_write_access(file); |
b44a7dfc6 vfs: define a gen... |
924 925 926 |
return ret; } EXPORT_SYMBOL_GPL(kernel_read_file); |
09596b94f vfs: define kerne... |
927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 |
int kernel_read_file_from_path(char *path, void **buf, loff_t *size, loff_t max_size, enum kernel_read_file_id id) { struct file *file; int ret; if (!path || !*path) return -EINVAL; file = filp_open(path, O_RDONLY, 0); if (IS_ERR(file)) return PTR_ERR(file); ret = kernel_read_file(file, buf, size, max_size, id); fput(file); return ret; } EXPORT_SYMBOL_GPL(kernel_read_file_from_path); |
b844f0ecb vfs: define kerne... |
945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 |
int kernel_read_file_from_fd(int fd, void **buf, loff_t *size, loff_t max_size, enum kernel_read_file_id id) { struct fd f = fdget(fd); int ret = -EBADF; if (!f.file) goto out; ret = kernel_read_file(f.file, buf, size, max_size, id); out: fdput(f); return ret; } EXPORT_SYMBOL_GPL(kernel_read_file_from_fd); |
3dc20cb28 new helper: read_... |
960 961 |
ssize_t read_code(struct file *file, unsigned long addr, loff_t pos, size_t len) { |
ec6955798 read_code(): go t... |
962 |
ssize_t res = vfs_read(file, (void __user *)addr, len, &pos); |
3dc20cb28 new helper: read_... |
963 964 965 966 967 |
if (res > 0) flush_icache_range(addr, addr + len); return res; } EXPORT_SYMBOL(read_code); |
1da177e4c Linux-2.6.12-rc2 |
968 969 970 |
static int exec_mmap(struct mm_struct *mm) { struct task_struct *tsk; |
615d6e875 mm: per-thread vm... |
971 |
struct mm_struct *old_mm, *active_mm; |
1da177e4c Linux-2.6.12-rc2 |
972 973 974 975 976 977 978 |
/* Notify parent that we're no longer interested in the old VM */ tsk = current; old_mm = current->mm; mm_release(tsk, old_mm); if (old_mm) { |
4fe7efdbd mm: correctly syn... |
979 |
sync_mm_rss(old_mm); |
1da177e4c Linux-2.6.12-rc2 |
980 981 982 983 |
/* * Make sure that if there is a core dump in progress * for the old mm, we get out and die instead of going * through with the exec. We must hold mmap_sem around |
999d9fc16 coredump: move mm... |
984 |
* checking core_state and changing tsk->mm. |
1da177e4c Linux-2.6.12-rc2 |
985 986 |
*/ down_read(&old_mm->mmap_sem); |
999d9fc16 coredump: move mm... |
987 |
if (unlikely(old_mm->core_state)) { |
1da177e4c Linux-2.6.12-rc2 |
988 989 990 991 992 993 994 995 996 |
up_read(&old_mm->mmap_sem); return -EINTR; } } task_lock(tsk); active_mm = tsk->active_mm; tsk->mm = mm; tsk->active_mm = mm; activate_mm(active_mm, mm); |
615d6e875 mm: per-thread vm... |
997 998 |
tsk->mm->vmacache_seqnum = 0; vmacache_flush(tsk); |
1da177e4c Linux-2.6.12-rc2 |
999 |
task_unlock(tsk); |
1da177e4c Linux-2.6.12-rc2 |
1000 1001 |
if (old_mm) { up_read(&old_mm->mmap_sem); |
7dddb12c6 BUG_ON() Conversi... |
1002 |
BUG_ON(active_mm != old_mm); |
701085b21 exec: move de_thr... |
1003 |
setmax_mm_hiwater_rss(&tsk->signal->maxrss, old_mm); |
31a78f23b mm owner: fix rac... |
1004 |
mm_update_next_owner(old_mm); |
1da177e4c Linux-2.6.12-rc2 |
1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 |
mmput(old_mm); return 0; } mmdrop(active_mm); return 0; } /* * This function makes sure the current process has its own signal table, * so that flush_signal_handlers can later reset the handlers without * disturbing other processes. (Other processes might share the signal * table via the CLONE_SIGHAND option to clone().) */ |
858119e15 [PATCH] Unlinline... |
1018 |
static int de_thread(struct task_struct *tsk) |
1da177e4c Linux-2.6.12-rc2 |
1019 1020 |
{ struct signal_struct *sig = tsk->signal; |
b2c903b87 exec: simplify th... |
1021 |
struct sighand_struct *oldsighand = tsk->sighand; |
1da177e4c Linux-2.6.12-rc2 |
1022 |
spinlock_t *lock = &oldsighand->siglock; |
1da177e4c Linux-2.6.12-rc2 |
1023 |
|
aafe6c2a2 [PATCH] de_thread... |
1024 |
if (thread_group_empty(tsk)) |
1da177e4c Linux-2.6.12-rc2 |
1025 1026 1027 1028 |
goto no_thread_group; /* * Kill all other threads in the thread group. |
1da177e4c Linux-2.6.12-rc2 |
1029 |
*/ |
1da177e4c Linux-2.6.12-rc2 |
1030 |
spin_lock_irq(lock); |
ed5d2cac1 exec: rework the ... |
1031 |
if (signal_group_exit(sig)) { |
1da177e4c Linux-2.6.12-rc2 |
1032 1033 1034 1035 1036 |
/* * Another group action in progress, just * return so that the signal is processed. */ spin_unlock_irq(lock); |
1da177e4c Linux-2.6.12-rc2 |
1037 1038 |
return -EAGAIN; } |
d344193a0 exit: avoid sig->... |
1039 |
|
ed5d2cac1 exec: rework the ... |
1040 |
sig->group_exit_task = tsk; |
d344193a0 exit: avoid sig->... |
1041 1042 1043 |
sig->notify_count = zap_other_threads(tsk); if (!thread_group_leader(tsk)) sig->notify_count--; |
1da177e4c Linux-2.6.12-rc2 |
1044 |
|
d344193a0 exit: avoid sig->... |
1045 |
while (sig->notify_count) { |
d5bbd43d5 exec: make de_thr... |
1046 |
__set_current_state(TASK_KILLABLE); |
1da177e4c Linux-2.6.12-rc2 |
1047 1048 |
spin_unlock_irq(lock); schedule(); |
d5bbd43d5 exec: make de_thr... |
1049 1050 |
if (unlikely(__fatal_signal_pending(tsk))) goto killed; |
1da177e4c Linux-2.6.12-rc2 |
1051 1052 |
spin_lock_irq(lock); } |
1da177e4c Linux-2.6.12-rc2 |
1053 1054 1055 1056 1057 1058 1059 |
spin_unlock_irq(lock); /* * At this point all other threads have exited, all we have to * do is to wait for the thread group leader to become inactive, * and to assume its PID: */ |
aafe6c2a2 [PATCH] de_thread... |
1060 |
if (!thread_group_leader(tsk)) { |
8187926bd posix-timers: sim... |
1061 |
struct task_struct *leader = tsk->group_leader; |
6db840fa7 exec: RT sub-thre... |
1062 |
|
6db840fa7 exec: RT sub-thre... |
1063 |
for (;;) { |
e56fb2874 exec: do not abus... |
1064 |
threadgroup_change_begin(tsk); |
6db840fa7 exec: RT sub-thre... |
1065 |
write_lock_irq(&tasklist_lock); |
dfcce791f fs/exec.c:de_thre... |
1066 1067 1068 1069 1070 |
/* * Do this under tasklist_lock to ensure that * exit_notify() can't miss ->group_exit_task */ sig->notify_count = -1; |
6db840fa7 exec: RT sub-thre... |
1071 1072 |
if (likely(leader->exit_state)) break; |
d5bbd43d5 exec: make de_thr... |
1073 |
__set_current_state(TASK_KILLABLE); |
6db840fa7 exec: RT sub-thre... |
1074 |
write_unlock_irq(&tasklist_lock); |
e56fb2874 exec: do not abus... |
1075 |
threadgroup_change_end(tsk); |
6db840fa7 exec: RT sub-thre... |
1076 |
schedule(); |
d5bbd43d5 exec: make de_thr... |
1077 1078 |
if (unlikely(__fatal_signal_pending(tsk))) goto killed; |
6db840fa7 exec: RT sub-thre... |
1079 |
} |
1da177e4c Linux-2.6.12-rc2 |
1080 |
|
f5e902817 [PATCH] process a... |
1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 |
/* * The only record we have of the real-time age of a * process, regardless of execs it's done, is start_time. * All the past CPU time is accumulated in signal_struct * from sister threads now dead. But in this non-leader * exec, nothing survives from the original leader thread, * whose birth marks the true age of this process now. * When we take on its identity by switching to its PID, we * also take its birthdate (always earlier than our own). */ |
aafe6c2a2 [PATCH] de_thread... |
1091 |
tsk->start_time = leader->start_time; |
266b7a021 fs/exec.c:de_thre... |
1092 |
tsk->real_start_time = leader->real_start_time; |
f5e902817 [PATCH] process a... |
1093 |
|
bac0abd61 Isolate some expl... |
1094 1095 |
BUG_ON(!same_thread_group(leader, tsk)); BUG_ON(has_group_leader_pid(tsk)); |
1da177e4c Linux-2.6.12-rc2 |
1096 1097 1098 1099 1100 1101 |
/* * An exec() starts a new thread group with the * TGID of the previous thread group. Rehash the * two threads with a switched PID, and release * the former thread group leader: */ |
d73d65293 [PATCH] pidhash: ... |
1102 1103 |
/* Become a process group leader with the old leader's pid. |
c18258c6f [PATCH] pid: Impl... |
1104 1105 |
* The old leader becomes a thread of the this thread group. * Note: The old leader also uses this pid until release_task |
d73d65293 [PATCH] pidhash: ... |
1106 1107 |
* is called. Odd but simple and correct. */ |
aafe6c2a2 [PATCH] de_thread... |
1108 |
tsk->pid = leader->pid; |
3f4185483 fs/exec.c:de_thre... |
1109 |
change_pid(tsk, PIDTYPE_PID, task_pid(leader)); |
aafe6c2a2 [PATCH] de_thread... |
1110 1111 |
transfer_pid(leader, tsk, PIDTYPE_PGID); transfer_pid(leader, tsk, PIDTYPE_SID); |
9cd80bbb0 do_wait() optimiz... |
1112 |
|
aafe6c2a2 [PATCH] de_thread... |
1113 |
list_replace_rcu(&leader->tasks, &tsk->tasks); |
9cd80bbb0 do_wait() optimiz... |
1114 |
list_replace_init(&leader->sibling, &tsk->sibling); |
1da177e4c Linux-2.6.12-rc2 |
1115 |
|
aafe6c2a2 [PATCH] de_thread... |
1116 1117 |
tsk->group_leader = tsk; leader->group_leader = tsk; |
de12a7878 [PATCH] de_thread... |
1118 |
|
aafe6c2a2 [PATCH] de_thread... |
1119 |
tsk->exit_signal = SIGCHLD; |
087806b12 redefine thread_g... |
1120 |
leader->exit_signal = -1; |
962b564cf [PATCH] fix do_wa... |
1121 1122 1123 |
BUG_ON(leader->exit_state != EXIT_ZOMBIE); leader->exit_state = EXIT_DEAD; |
eac1b5e57 ptrace: do_wait(t... |
1124 1125 1126 1127 1128 1129 1130 1131 |
/* * We are going to release_task()->ptrace_unlink() silently, * the tracer can sleep in do_wait(). EXIT_DEAD guarantees * the tracer wont't block again waiting for this thread. */ if (unlikely(leader->ptrace)) __wake_up_parent(leader, leader->parent); |
1da177e4c Linux-2.6.12-rc2 |
1132 |
write_unlock_irq(&tasklist_lock); |
e56fb2874 exec: do not abus... |
1133 |
threadgroup_change_end(tsk); |
8187926bd posix-timers: sim... |
1134 1135 |
release_task(leader); |
ed5d2cac1 exec: rework the ... |
1136 |
} |
1da177e4c Linux-2.6.12-rc2 |
1137 |
|
6db840fa7 exec: RT sub-thre... |
1138 1139 |
sig->group_exit_task = NULL; sig->notify_count = 0; |
1da177e4c Linux-2.6.12-rc2 |
1140 1141 |
no_thread_group: |
e63682534 exit_signal: simp... |
1142 1143 |
/* we have changed execution domain */ tsk->exit_signal = SIGCHLD; |
1da177e4c Linux-2.6.12-rc2 |
1144 |
exit_itimers(sig); |
cbaffba12 posix timers: dis... |
1145 |
flush_itimer_signals(); |
329f7dba5 [PATCH] fix de_th... |
1146 |
|
b2c903b87 exec: simplify th... |
1147 1148 |
if (atomic_read(&oldsighand->count) != 1) { struct sighand_struct *newsighand; |
1da177e4c Linux-2.6.12-rc2 |
1149 |
/* |
b2c903b87 exec: simplify th... |
1150 1151 |
* This ->sighand is shared with the CLONE_SIGHAND * but not CLONE_THREAD task, switch to the new one. |
1da177e4c Linux-2.6.12-rc2 |
1152 |
*/ |
b2c903b87 exec: simplify th... |
1153 1154 1155 |
newsighand = kmem_cache_alloc(sighand_cachep, GFP_KERNEL); if (!newsighand) return -ENOMEM; |
1da177e4c Linux-2.6.12-rc2 |
1156 1157 1158 1159 1160 1161 |
atomic_set(&newsighand->count, 1); memcpy(newsighand->action, oldsighand->action, sizeof(newsighand->action)); write_lock_irq(&tasklist_lock); spin_lock(&oldsighand->siglock); |
aafe6c2a2 [PATCH] de_thread... |
1162 |
rcu_assign_pointer(tsk->sighand, newsighand); |
1da177e4c Linux-2.6.12-rc2 |
1163 1164 |
spin_unlock(&oldsighand->siglock); write_unlock_irq(&tasklist_lock); |
fba2afaae signal/timer/even... |
1165 |
__cleanup_sighand(oldsighand); |
1da177e4c Linux-2.6.12-rc2 |
1166 |
} |
aafe6c2a2 [PATCH] de_thread... |
1167 |
BUG_ON(!thread_group_leader(tsk)); |
1da177e4c Linux-2.6.12-rc2 |
1168 |
return 0; |
d5bbd43d5 exec: make de_thr... |
1169 1170 1171 1172 1173 1174 1175 1176 |
killed: /* protects against exit_notify() and __exit_signal() */ read_lock(&tasklist_lock); sig->group_exit_task = NULL; sig->notify_count = 0; read_unlock(&tasklist_lock); return -EAGAIN; |
1da177e4c Linux-2.6.12-rc2 |
1177 |
} |
0840a90d9 exec: simplify ->... |
1178 |
|
59714d65d get_task_comm(): ... |
1179 |
char *get_task_comm(char *buf, struct task_struct *tsk) |
1da177e4c Linux-2.6.12-rc2 |
1180 1181 1182 1183 1184 |
{ /* buf must be at least sizeof(tsk->comm) in size */ task_lock(tsk); strncpy(buf, tsk->comm, sizeof(tsk->comm)); task_unlock(tsk); |
59714d65d get_task_comm(): ... |
1185 |
return buf; |
1da177e4c Linux-2.6.12-rc2 |
1186 |
} |
7d74f492e export kernel cal... |
1187 |
EXPORT_SYMBOL_GPL(get_task_comm); |
1da177e4c Linux-2.6.12-rc2 |
1188 |
|
6a6d27de3 take close-on-exe... |
1189 1190 1191 1192 |
/* * These functions flushes out all traces of the currently running executable * so that a new one can be started */ |
82b897782 perf: Differentia... |
1193 |
void __set_task_comm(struct task_struct *tsk, const char *buf, bool exec) |
1da177e4c Linux-2.6.12-rc2 |
1194 1195 |
{ task_lock(tsk); |
43d2b1132 tracepoint: add t... |
1196 |
trace_task_rename(tsk, buf); |
1da177e4c Linux-2.6.12-rc2 |
1197 1198 |
strlcpy(tsk->comm, buf, sizeof(tsk->comm)); task_unlock(tsk); |
82b897782 perf: Differentia... |
1199 |
perf_event_comm(tsk, exec); |
1da177e4c Linux-2.6.12-rc2 |
1200 1201 1202 1203 |
} int flush_old_exec(struct linux_binprm * bprm) { |
221af7f87 Split 'flush_old_... |
1204 |
int retval; |
1da177e4c Linux-2.6.12-rc2 |
1205 1206 1207 1208 1209 1210 1211 1212 |
/* * Make sure we have a private signal table and that * we are unassociated from the previous thread group. */ retval = de_thread(current); if (retval) goto out; |
6e399cd14 prctl: avoid usin... |
1213 1214 1215 1216 1217 |
/* * Must be called _before_ exec_mmap() as bprm->mm is * not visibile until then. This also enables the update * to be lockless. */ |
925d1c401 procfs task exe s... |
1218 |
set_mm_exe_file(bprm->mm, bprm->file); |
6e399cd14 prctl: avoid usin... |
1219 |
|
1da177e4c Linux-2.6.12-rc2 |
1220 |
/* |
1da177e4c Linux-2.6.12-rc2 |
1221 1222 |
* Release all of the old mmap stuff */ |
3c77f8457 exec: make argv/e... |
1223 |
acct_arg_size(bprm, 0); |
1da177e4c Linux-2.6.12-rc2 |
1224 1225 |
retval = exec_mmap(bprm->mm); if (retval) |
fd8328be8 [PATCH] sanitize ... |
1226 |
goto out; |
1da177e4c Linux-2.6.12-rc2 |
1227 1228 |
bprm->mm = NULL; /* We're using it now */ |
7ab02af42 Fix 'flush_old_ex... |
1229 |
|
dac853ae8 exec: delay addre... |
1230 |
set_fs(USER_DS); |
b88fae644 exec: avoid propa... |
1231 1232 |
current->flags &= ~(PF_RANDOMIZE | PF_FORKNOEXEC | PF_KTHREAD | PF_NOFREEZE | PF_NO_SETAFFINITY); |
7ab02af42 Fix 'flush_old_ex... |
1233 1234 |
flush_thread(); current->personality &= ~bprm->per_clear; |
c1df5a637 fs: exec: apply C... |
1235 1236 1237 1238 1239 1240 1241 |
/* * We have to apply CLOEXEC before we change whether the process is * dumpable (in setup_new_exec) to avoid a race with a process in userspace * trying to access the should-be-closed file descriptors of a process * undergoing exec(2). */ do_close_on_exec(current->files); |
221af7f87 Split 'flush_old_... |
1242 1243 1244 1245 1246 1247 |
return 0; out: return retval; } EXPORT_SYMBOL(flush_old_exec); |
1b5d783c9 consolidate BINPR... |
1248 1249 |
void would_dump(struct linux_binprm *bprm, struct file *file) { |
21245b863 exec: Ensure mm->... |
1250 1251 1252 |
struct inode *inode = file_inode(file); if (inode_permission(inode, MAY_READ) < 0) { struct user_namespace *old, *user_ns; |
1b5d783c9 consolidate BINPR... |
1253 |
bprm->interp_flags |= BINPRM_FLAGS_ENFORCE_NONDUMP; |
21245b863 exec: Ensure mm->... |
1254 1255 1256 1257 1258 1259 1260 1261 1262 1263 1264 1265 |
/* Ensure mm->user_ns contains the executable */ user_ns = old = bprm->mm->user_ns; while ((user_ns != &init_user_ns) && !privileged_wrt_inode_uidgid(user_ns, inode)) user_ns = user_ns->parent; if (old != user_ns) { bprm->mm->user_ns = get_user_ns(user_ns); put_user_ns(old); } } |
1b5d783c9 consolidate BINPR... |
1266 1267 |
} EXPORT_SYMBOL(would_dump); |
221af7f87 Split 'flush_old_... |
1268 1269 |
void setup_new_exec(struct linux_binprm * bprm) { |
221af7f87 Split 'flush_old_... |
1270 |
arch_pick_mmap_layout(current->mm); |
1da177e4c Linux-2.6.12-rc2 |
1271 1272 |
/* This is the point of no return */ |
1da177e4c Linux-2.6.12-rc2 |
1273 |
current->sas_ss_sp = current->sas_ss_size = 0; |
8e96e3b7b userns: Use uid_e... |
1274 |
if (uid_eq(current_euid(), current_uid()) && gid_eq(current_egid(), current_gid())) |
e579d2c25 coredump: remove ... |
1275 |
set_dumpable(current->mm, SUID_DUMP_USER); |
d6e711448 [PATCH] setuid co... |
1276 |
else |
6c5d52382 coredump masking:... |
1277 |
set_dumpable(current->mm, suid_dumpable); |
d6e711448 [PATCH] setuid co... |
1278 |
|
e041e328c perf: Fix perf_ev... |
1279 |
perf_event_exec(); |
82b897782 perf: Differentia... |
1280 |
__set_task_comm(current, kbasename(bprm->filename), true); |
1da177e4c Linux-2.6.12-rc2 |
1281 |
|
0551fbd29 [PATCH] Add mm->t... |
1282 1283 1284 1285 1286 |
/* Set the new mm task size. We have to do that late because it may * depend on TIF_32BIT which is only updated in flush_thread() on * some architectures like powerpc */ current->mm->task_size = TASK_SIZE; |
a6f76f23d CRED: Make execve... |
1287 |
/* install the new credentials */ |
8e96e3b7b userns: Use uid_e... |
1288 1289 |
if (!uid_eq(bprm->cred->uid, current_euid()) || !gid_eq(bprm->cred->gid, current_egid())) { |
d2d56c5f5 Reset current->pd... |
1290 |
current->pdeath_signal = 0; |
1b5d783c9 consolidate BINPR... |
1291 |
} else { |
1b5d783c9 consolidate BINPR... |
1292 1293 |
if (bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP) set_dumpable(current->mm, suid_dumpable); |
1da177e4c Linux-2.6.12-rc2 |
1294 1295 1296 1297 |
} /* An exec changes our domain. We are no longer part of the thread group */ |
1da177e4c Linux-2.6.12-rc2 |
1298 |
current->self_exec_id++; |
1da177e4c Linux-2.6.12-rc2 |
1299 |
flush_signal_handlers(current, 0); |
1da177e4c Linux-2.6.12-rc2 |
1300 |
} |
221af7f87 Split 'flush_old_... |
1301 |
EXPORT_SYMBOL(setup_new_exec); |
1da177e4c Linux-2.6.12-rc2 |
1302 |
|
a6f76f23d CRED: Make execve... |
1303 |
/* |
a2a8474c3 exec: do not slee... |
1304 1305 1306 1307 1308 1309 1310 |
* Prepare credentials and lock ->cred_guard_mutex. * install_exec_creds() commits the new creds and drops the lock. * Or, if exec fails before, free_bprm() should release ->cred and * and unlock. */ int prepare_bprm_creds(struct linux_binprm *bprm) { |
9b1bf12d5 signals: move cre... |
1311 |
if (mutex_lock_interruptible(¤t->signal->cred_guard_mutex)) |
a2a8474c3 exec: do not slee... |
1312 1313 1314 1315 1316 |
return -ERESTARTNOINTR; bprm->cred = prepare_exec_creds(); if (likely(bprm->cred)) return 0; |
9b1bf12d5 signals: move cre... |
1317 |
mutex_unlock(¤t->signal->cred_guard_mutex); |
a2a8474c3 exec: do not slee... |
1318 1319 |
return -ENOMEM; } |
c4ad8f98b execve: use 'stru... |
1320 |
static void free_bprm(struct linux_binprm *bprm) |
a2a8474c3 exec: do not slee... |
1321 1322 1323 |
{ free_arg_pages(bprm); if (bprm->cred) { |
9b1bf12d5 signals: move cre... |
1324 |
mutex_unlock(¤t->signal->cred_guard_mutex); |
a2a8474c3 exec: do not slee... |
1325 1326 |
abort_creds(bprm->cred); } |
63e46b95e exec: move the fi... |
1327 1328 1329 1330 |
if (bprm->file) { allow_write_access(bprm->file); fput(bprm->file); } |
b66c59840 exec: do not leav... |
1331 1332 1333 |
/* If a binfmt changed the interp, free it. */ if (bprm->interp != bprm->filename) kfree(bprm->interp); |
a2a8474c3 exec: do not slee... |
1334 1335 |
kfree(bprm); } |
b66c59840 exec: do not leav... |
1336 1337 1338 1339 1340 1341 1342 1343 1344 1345 1346 |
int bprm_change_interp(char *interp, struct linux_binprm *bprm) { /* If a binfmt changed the interp, free it first. */ if (bprm->interp != bprm->filename) kfree(bprm->interp); bprm->interp = kstrdup(interp, GFP_KERNEL); if (!bprm->interp) return -ENOMEM; return 0; } EXPORT_SYMBOL(bprm_change_interp); |
a2a8474c3 exec: do not slee... |
1347 |
/* |
a6f76f23d CRED: Make execve... |
1348 1349 1350 1351 1352 1353 1354 1355 |
* install the new credentials for this executable */ void install_exec_creds(struct linux_binprm *bprm) { security_bprm_committing_creds(bprm); commit_creds(bprm->cred); bprm->cred = NULL; |
2976b10f0 perf: Disable mon... |
1356 1357 1358 1359 1360 1361 1362 1363 1364 |
/* * Disable monitoring for regular users * when executing setuid binaries. Must * wait until new credentials are committed * by commit_creds() above */ if (get_dumpable(current->mm) != SUID_DUMP_USER) perf_event_exit_task(current); |
a2a8474c3 exec: do not slee... |
1365 1366 |
/* * cred_guard_mutex must be held at least to this point to prevent |
a6f76f23d CRED: Make execve... |
1367 |
* ptrace_attach() from altering our determination of the task's |
a2a8474c3 exec: do not slee... |
1368 1369 |
* credentials; any time after this it may be unlocked. */ |
a6f76f23d CRED: Make execve... |
1370 |
security_bprm_committed_creds(bprm); |
9b1bf12d5 signals: move cre... |
1371 |
mutex_unlock(¤t->signal->cred_guard_mutex); |
a6f76f23d CRED: Make execve... |
1372 1373 1374 1375 1376 |
} EXPORT_SYMBOL(install_exec_creds); /* * determine how safe it is to execute the proposed program |
9b1bf12d5 signals: move cre... |
1377 |
* - the caller must hold ->cred_guard_mutex to protect against |
c2e1f2e30 seccomp: implemen... |
1378 |
* PTRACE_ATTACH or seccomp thread-sync |
a6f76f23d CRED: Make execve... |
1379 |
*/ |
9e00cdb09 exec:check_unsafe... |
1380 |
static void check_unsafe_exec(struct linux_binprm *bprm) |
a6f76f23d CRED: Make execve... |
1381 |
{ |
0bf2f3aec CRED: Fix SUID ex... |
1382 |
struct task_struct *p = current, *t; |
f1191b50e check_unsafe_exec... |
1383 |
unsigned n_fs; |
a6f76f23d CRED: Make execve... |
1384 |
|
4b9d33e6d ptrace: kill clon... |
1385 |
if (p->ptrace) { |
e747b4ae3 ptrace: Capture t... |
1386 |
if (ptracer_capable(p, current_user_ns())) |
4b9d33e6d ptrace: kill clon... |
1387 1388 1389 1390 |
bprm->unsafe |= LSM_UNSAFE_PTRACE_CAP; else bprm->unsafe |= LSM_UNSAFE_PTRACE; } |
a6f76f23d CRED: Make execve... |
1391 |
|
259e5e6c7 Add PR_{GET,SET}_... |
1392 1393 1394 1395 |
/* * This isn't strictly necessary, but it makes it harder for LSMs to * mess up. */ |
1d4457f99 sched: move no_ne... |
1396 |
if (task_no_new_privs(current)) |
259e5e6c7 Add PR_{GET,SET}_... |
1397 |
bprm->unsafe |= LSM_UNSAFE_NO_NEW_PRIVS; |
83f62a2ea exec:check_unsafe... |
1398 |
t = p; |
0bf2f3aec CRED: Fix SUID ex... |
1399 |
n_fs = 1; |
2a4419b5b fs: fs_struct rwl... |
1400 |
spin_lock(&p->fs->lock); |
437f7fdb6 check_unsafe_exec... |
1401 |
rcu_read_lock(); |
83f62a2ea exec:check_unsafe... |
1402 |
while_each_thread(p, t) { |
0bf2f3aec CRED: Fix SUID ex... |
1403 1404 |
if (t->fs == p->fs) n_fs++; |
0bf2f3aec CRED: Fix SUID ex... |
1405 |
} |
437f7fdb6 check_unsafe_exec... |
1406 |
rcu_read_unlock(); |
0bf2f3aec CRED: Fix SUID ex... |
1407 |
|
9e00cdb09 exec:check_unsafe... |
1408 |
if (p->fs->users > n_fs) |
a6f76f23d CRED: Make execve... |
1409 |
bprm->unsafe |= LSM_UNSAFE_SHARE; |
9e00cdb09 exec:check_unsafe... |
1410 1411 |
else p->fs->in_exec = 1; |
2a4419b5b fs: fs_struct rwl... |
1412 |
spin_unlock(&p->fs->lock); |
a6f76f23d CRED: Make execve... |
1413 |
} |
8b01fc86b fs: take i_mutex ... |
1414 1415 1416 1417 1418 1419 |
static void bprm_fill_uid(struct linux_binprm *bprm) { struct inode *inode; unsigned int mode; kuid_t uid; kgid_t gid; |
cb6fd68fd exec: clarify rea... |
1420 1421 1422 1423 1424 1425 |
/* * Since this can be called multiple times (via prepare_binprm), * we must clear any previous work done when setting set[ug]id * bits from any earlier bprm->file uses (for example when run * first for a setuid script then again for its interpreter). */ |
8b01fc86b fs: take i_mutex ... |
1426 1427 |
bprm->cred->euid = current_euid(); bprm->cred->egid = current_egid(); |
380cf5ba6 fs: Treat foreign... |
1428 |
if (!mnt_may_suid(bprm->file->f_path.mnt)) |
8b01fc86b fs: take i_mutex ... |
1429 1430 1431 1432 1433 1434 1435 1436 1437 1438 1439 |
return; if (task_no_new_privs(current)) return; inode = file_inode(bprm->file); mode = READ_ONCE(inode->i_mode); if (!(mode & (S_ISUID|S_ISGID))) return; /* Be careful if suid/sgid is set */ |
5955102c9 wrappers for ->i_... |
1440 |
inode_lock(inode); |
8b01fc86b fs: take i_mutex ... |
1441 1442 1443 1444 1445 |
/* reload atomically mode/uid/gid now that lock held */ mode = inode->i_mode; uid = inode->i_uid; gid = inode->i_gid; |
5955102c9 wrappers for ->i_... |
1446 |
inode_unlock(inode); |
8b01fc86b fs: take i_mutex ... |
1447 1448 1449 1450 1451 1452 1453 1454 1455 1456 1457 1458 1459 1460 1461 1462 |
/* We ignore suid/sgid if there are no mappings for them in the ns */ if (!kuid_has_mapping(bprm->cred->user_ns, uid) || !kgid_has_mapping(bprm->cred->user_ns, gid)) return; if (mode & S_ISUID) { bprm->per_clear |= PER_CLEAR_ON_SETID; bprm->cred->euid = uid; } if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) { bprm->per_clear |= PER_CLEAR_ON_SETID; bprm->cred->egid = gid; } } |
9e00cdb09 exec:check_unsafe... |
1463 1464 |
/* * Fill the binprm structure from the inode. |
1da177e4c Linux-2.6.12-rc2 |
1465 |
* Check permissions, then read the first 128 (BINPRM_BUF_SIZE) bytes |
a6f76f23d CRED: Make execve... |
1466 1467 |
* * This may be called multiple times for binary chains (scripts for example). |
1da177e4c Linux-2.6.12-rc2 |
1468 1469 1470 |
*/ int prepare_binprm(struct linux_binprm *bprm) { |
1da177e4c Linux-2.6.12-rc2 |
1471 |
int retval; |
8b01fc86b fs: take i_mutex ... |
1472 |
bprm_fill_uid(bprm); |
1da177e4c Linux-2.6.12-rc2 |
1473 1474 |
/* fill in binprm security blob */ |
a6f76f23d CRED: Make execve... |
1475 |
retval = security_bprm_set_creds(bprm); |
1da177e4c Linux-2.6.12-rc2 |
1476 1477 |
if (retval) return retval; |
a6f76f23d CRED: Make execve... |
1478 |
bprm->cred_prepared = 1; |
1da177e4c Linux-2.6.12-rc2 |
1479 |
|
a6f76f23d CRED: Make execve... |
1480 1481 |
memset(bprm->buf, 0, BINPRM_BUF_SIZE); return kernel_read(bprm->file, 0, bprm->buf, BINPRM_BUF_SIZE); |
1da177e4c Linux-2.6.12-rc2 |
1482 1483 1484 |
} EXPORT_SYMBOL(prepare_binprm); |
4fc75ff48 exec: fix remove_... |
1485 1486 1487 1488 1489 |
/* * Arguments are '\0' separated strings found at the location bprm->p * points to; chop off the first by relocating brpm->p to right after * the first '\0' encountered. */ |
b6a2fea39 mm: variable leng... |
1490 |
int remove_arg_zero(struct linux_binprm *bprm) |
1da177e4c Linux-2.6.12-rc2 |
1491 |
{ |
b6a2fea39 mm: variable leng... |
1492 1493 1494 1495 |
int ret = 0; unsigned long offset; char *kaddr; struct page *page; |
4fc75ff48 exec: fix remove_... |
1496 |
|
b6a2fea39 mm: variable leng... |
1497 1498 |
if (!bprm->argc) return 0; |
1da177e4c Linux-2.6.12-rc2 |
1499 |
|
b6a2fea39 mm: variable leng... |
1500 1501 1502 1503 1504 1505 1506 |
do { offset = bprm->p & ~PAGE_MASK; page = get_arg_page(bprm, bprm->p, 0); if (!page) { ret = -EFAULT; goto out; } |
e8e3c3d66 fs: remove the se... |
1507 |
kaddr = kmap_atomic(page); |
4fc75ff48 exec: fix remove_... |
1508 |
|
b6a2fea39 mm: variable leng... |
1509 1510 1511 |
for (; offset < PAGE_SIZE && kaddr[offset]; offset++, bprm->p++) ; |
4fc75ff48 exec: fix remove_... |
1512 |
|
e8e3c3d66 fs: remove the se... |
1513 |
kunmap_atomic(kaddr); |
b6a2fea39 mm: variable leng... |
1514 |
put_arg_page(page); |
b6a2fea39 mm: variable leng... |
1515 |
} while (offset == PAGE_SIZE); |
4fc75ff48 exec: fix remove_... |
1516 |
|
b6a2fea39 mm: variable leng... |
1517 1518 1519 |
bprm->p++; bprm->argc--; ret = 0; |
4fc75ff48 exec: fix remove_... |
1520 |
|
b6a2fea39 mm: variable leng... |
1521 1522 |
out: return ret; |
1da177e4c Linux-2.6.12-rc2 |
1523 |
} |
1da177e4c Linux-2.6.12-rc2 |
1524 |
EXPORT_SYMBOL(remove_arg_zero); |
cb7b6b1cb exec: cleanup the... |
1525 1526 |
#define printable(c) (((c)=='\t') || ((c)==' ') || (0x20<=(c) && (c)<=0x7e)) |
1da177e4c Linux-2.6.12-rc2 |
1527 1528 1529 |
/* * cycle the list of binary formats handler, until one recognizes the image */ |
3c456bfc4 get rid of pt_reg... |
1530 |
int search_binary_handler(struct linux_binprm *bprm) |
1da177e4c Linux-2.6.12-rc2 |
1531 |
{ |
cb7b6b1cb exec: cleanup the... |
1532 |
bool need_retry = IS_ENABLED(CONFIG_MODULES); |
1da177e4c Linux-2.6.12-rc2 |
1533 |
struct linux_binfmt *fmt; |
cb7b6b1cb exec: cleanup the... |
1534 |
int retval; |
1da177e4c Linux-2.6.12-rc2 |
1535 |
|
d74026986 exec: use -ELOOP ... |
1536 |
/* This allows 4 levels of binfmt rewrites before failing hard. */ |
131b2f9f1 exec: kill "int d... |
1537 |
if (bprm->recursion_depth > 5) |
d74026986 exec: use -ELOOP ... |
1538 |
return -ELOOP; |
1da177e4c Linux-2.6.12-rc2 |
1539 1540 1541 |
retval = security_bprm_check(bprm); if (retval) return retval; |
1da177e4c Linux-2.6.12-rc2 |
1542 |
retval = -ENOENT; |
cb7b6b1cb exec: cleanup the... |
1543 1544 1545 1546 1547 1548 1549 1550 |
retry: read_lock(&binfmt_lock); list_for_each_entry(fmt, &formats, lh) { if (!try_module_get(fmt->module)) continue; read_unlock(&binfmt_lock); bprm->recursion_depth++; retval = fmt->load_binary(bprm); |
19d860a14 handle suicide on... |
1551 1552 |
read_lock(&binfmt_lock); put_binfmt(fmt); |
cb7b6b1cb exec: cleanup the... |
1553 |
bprm->recursion_depth--; |
19d860a14 handle suicide on... |
1554 1555 1556 1557 1558 1559 1560 1561 |
if (retval < 0 && !bprm->mm) { /* we got to flush_old_exec() and failed after it */ read_unlock(&binfmt_lock); force_sigsegv(SIGSEGV, current); return retval; } if (retval != -ENOEXEC || !bprm->file) { read_unlock(&binfmt_lock); |
cb7b6b1cb exec: cleanup the... |
1562 |
return retval; |
1da177e4c Linux-2.6.12-rc2 |
1563 |
} |
1da177e4c Linux-2.6.12-rc2 |
1564 |
} |
cb7b6b1cb exec: cleanup the... |
1565 |
read_unlock(&binfmt_lock); |
19d860a14 handle suicide on... |
1566 |
if (need_retry) { |
cb7b6b1cb exec: cleanup the... |
1567 1568 1569 |
if (printable(bprm->buf[0]) && printable(bprm->buf[1]) && printable(bprm->buf[2]) && printable(bprm->buf[3])) return retval; |
4e0621a07 exec: don't retry... |
1570 1571 |
if (request_module("binfmt-%04x", *(ushort *)(bprm->buf + 2)) < 0) return retval; |
cb7b6b1cb exec: cleanup the... |
1572 1573 1574 |
need_retry = false; goto retry; } |
1da177e4c Linux-2.6.12-rc2 |
1575 1576 |
return retval; } |
1da177e4c Linux-2.6.12-rc2 |
1577 |
EXPORT_SYMBOL(search_binary_handler); |
5d1baf3b6 exec: introduce e... |
1578 1579 1580 1581 1582 1583 1584 1585 1586 1587 1588 1589 1590 |
static int exec_binprm(struct linux_binprm *bprm) { pid_t old_pid, old_vpid; int ret; /* Need to fetch pid before load_binary changes it */ old_pid = current->pid; rcu_read_lock(); old_vpid = task_pid_nr_ns(current, task_active_pid_ns(current->parent)); rcu_read_unlock(); ret = search_binary_handler(bprm); if (ret >= 0) { |
3eaded86a Merge git://git.i... |
1591 |
audit_bprm(bprm); |
5d1baf3b6 exec: introduce e... |
1592 1593 |
trace_sched_process_exec(current, old_pid, bprm); ptrace_event(PTRACE_EVENT_EXEC, old_vpid); |
9beb266f2 exec: proc_exec_c... |
1594 |
proc_exec_connector(current); |
5d1baf3b6 exec: introduce e... |
1595 1596 1597 1598 |
} return ret; } |
1da177e4c Linux-2.6.12-rc2 |
1599 1600 1601 |
/* * sys_execve() executes a new program. */ |
51f39a1f0 syscalls: impleme... |
1602 1603 1604 1605 |
static int do_execveat_common(int fd, struct filename *filename, struct user_arg_ptr argv, struct user_arg_ptr envp, int flags) |
1da177e4c Linux-2.6.12-rc2 |
1606 |
{ |
51f39a1f0 syscalls: impleme... |
1607 |
char *pathbuf = NULL; |
1da177e4c Linux-2.6.12-rc2 |
1608 1609 |
struct linux_binprm *bprm; struct file *file; |
3b1253880 [PATCH] sanitize ... |
1610 |
struct files_struct *displaced; |
1da177e4c Linux-2.6.12-rc2 |
1611 |
int retval; |
72fa59970 move RLIMIT_NPROC... |
1612 |
|
c4ad8f98b execve: use 'stru... |
1613 1614 |
if (IS_ERR(filename)) return PTR_ERR(filename); |
72fa59970 move RLIMIT_NPROC... |
1615 1616 1617 1618 1619 1620 1621 |
/* * We move the actual failure in case of RLIMIT_NPROC excess from * set*uid() to execve() because too many poorly written programs * don't check setuid() return code. Here we additionally recheck * whether NPROC limit is still exceeded. */ if ((current->flags & PF_NPROC_EXCEEDED) && |
bd9d43f47 fs/exec.c: do_exe... |
1622 |
atomic_read(¤t_user()->processes) > rlimit(RLIMIT_NPROC)) { |
72fa59970 move RLIMIT_NPROC... |
1623 1624 1625 1626 1627 1628 1629 |
retval = -EAGAIN; goto out_ret; } /* We're below the limit (still or again), so we don't want to make * further execve() calls fail. */ current->flags &= ~PF_NPROC_EXCEEDED; |
1da177e4c Linux-2.6.12-rc2 |
1630 |
|
3b1253880 [PATCH] sanitize ... |
1631 |
retval = unshare_files(&displaced); |
fd8328be8 [PATCH] sanitize ... |
1632 1633 |
if (retval) goto out_ret; |
1da177e4c Linux-2.6.12-rc2 |
1634 |
retval = -ENOMEM; |
11b0b5abb [PATCH] use kzall... |
1635 |
bprm = kzalloc(sizeof(*bprm), GFP_KERNEL); |
1da177e4c Linux-2.6.12-rc2 |
1636 |
if (!bprm) |
fd8328be8 [PATCH] sanitize ... |
1637 |
goto out_files; |
1da177e4c Linux-2.6.12-rc2 |
1638 |
|
a2a8474c3 exec: do not slee... |
1639 1640 |
retval = prepare_bprm_creds(bprm); if (retval) |
a6f76f23d CRED: Make execve... |
1641 |
goto out_free; |
498052bba New locking/refco... |
1642 |
|
9e00cdb09 exec:check_unsafe... |
1643 |
check_unsafe_exec(bprm); |
a2a8474c3 exec: do not slee... |
1644 |
current->in_execve = 1; |
a6f76f23d CRED: Make execve... |
1645 |
|
51f39a1f0 syscalls: impleme... |
1646 |
file = do_open_execat(fd, filename, flags); |
1da177e4c Linux-2.6.12-rc2 |
1647 1648 |
retval = PTR_ERR(file); if (IS_ERR(file)) |
498052bba New locking/refco... |
1649 |
goto out_unmark; |
1da177e4c Linux-2.6.12-rc2 |
1650 1651 |
sched_exec(); |
1da177e4c Linux-2.6.12-rc2 |
1652 |
bprm->file = file; |
51f39a1f0 syscalls: impleme... |
1653 1654 1655 1656 1657 1658 1659 1660 1661 1662 1663 1664 1665 1666 1667 1668 1669 1670 1671 1672 1673 1674 |
if (fd == AT_FDCWD || filename->name[0] == '/') { bprm->filename = filename->name; } else { if (filename->name[0] == '\0') pathbuf = kasprintf(GFP_TEMPORARY, "/dev/fd/%d", fd); else pathbuf = kasprintf(GFP_TEMPORARY, "/dev/fd/%d/%s", fd, filename->name); if (!pathbuf) { retval = -ENOMEM; goto out_unmark; } /* * Record that a name derived from an O_CLOEXEC fd will be * inaccessible after exec. Relies on having exclusive access to * current->files (due to unshare_files above). */ if (close_on_exec(fd, rcu_dereference_raw(current->files->fdt))) bprm->interp_flags |= BINPRM_FLAGS_PATH_INACCESSIBLE; bprm->filename = pathbuf; } bprm->interp = bprm->filename; |
1da177e4c Linux-2.6.12-rc2 |
1675 |
|
b6a2fea39 mm: variable leng... |
1676 1677 |
retval = bprm_mm_init(bprm); if (retval) |
63e46b95e exec: move the fi... |
1678 |
goto out_unmark; |
1da177e4c Linux-2.6.12-rc2 |
1679 |
|
b6a2fea39 mm: variable leng... |
1680 |
bprm->argc = count(argv, MAX_ARG_STRINGS); |
1da177e4c Linux-2.6.12-rc2 |
1681 |
if ((retval = bprm->argc) < 0) |
a6f76f23d CRED: Make execve... |
1682 |
goto out; |
1da177e4c Linux-2.6.12-rc2 |
1683 |
|
b6a2fea39 mm: variable leng... |
1684 |
bprm->envc = count(envp, MAX_ARG_STRINGS); |
1da177e4c Linux-2.6.12-rc2 |
1685 |
if ((retval = bprm->envc) < 0) |
1da177e4c Linux-2.6.12-rc2 |
1686 1687 1688 1689 1690 1691 1692 1693 1694 1695 1696 1697 1698 1699 1700 1701 1702 1703 |
goto out; retval = prepare_binprm(bprm); if (retval < 0) goto out; retval = copy_strings_kernel(1, &bprm->filename, bprm); if (retval < 0) goto out; bprm->exec = bprm->p; retval = copy_strings(bprm->envc, envp, bprm); if (retval < 0) goto out; retval = copy_strings(bprm->argc, argv, bprm); if (retval < 0) goto out; |
21245b863 exec: Ensure mm->... |
1704 |
would_dump(bprm, bprm->file); |
5d1baf3b6 exec: introduce e... |
1705 |
retval = exec_binprm(bprm); |
a6f76f23d CRED: Make execve... |
1706 1707 |
if (retval < 0) goto out; |
1da177e4c Linux-2.6.12-rc2 |
1708 |
|
a6f76f23d CRED: Make execve... |
1709 |
/* execve succeeded */ |
498052bba New locking/refco... |
1710 |
current->fs->in_exec = 0; |
f9ce1f1cd Add in_execve fla... |
1711 |
current->in_execve = 0; |
a6f76f23d CRED: Make execve... |
1712 |
acct_update_integrals(current); |
82727018b sched/numa: Call ... |
1713 |
task_numa_free(current); |
a6f76f23d CRED: Make execve... |
1714 |
free_bprm(bprm); |
51f39a1f0 syscalls: impleme... |
1715 |
kfree(pathbuf); |
c4ad8f98b execve: use 'stru... |
1716 |
putname(filename); |
a6f76f23d CRED: Make execve... |
1717 1718 1719 |
if (displaced) put_files_struct(displaced); return retval; |
1da177e4c Linux-2.6.12-rc2 |
1720 |
|
a6f76f23d CRED: Make execve... |
1721 |
out: |
3c77f8457 exec: make argv/e... |
1722 1723 1724 1725 |
if (bprm->mm) { acct_arg_size(bprm, 0); mmput(bprm->mm); } |
1da177e4c Linux-2.6.12-rc2 |
1726 |
|
498052bba New locking/refco... |
1727 |
out_unmark: |
9e00cdb09 exec:check_unsafe... |
1728 |
current->fs->in_exec = 0; |
f9ce1f1cd Add in_execve fla... |
1729 |
current->in_execve = 0; |
a6f76f23d CRED: Make execve... |
1730 1731 |
out_free: |
08a6fac1c [PATCH] get rid o... |
1732 |
free_bprm(bprm); |
51f39a1f0 syscalls: impleme... |
1733 |
kfree(pathbuf); |
1da177e4c Linux-2.6.12-rc2 |
1734 |
|
fd8328be8 [PATCH] sanitize ... |
1735 |
out_files: |
3b1253880 [PATCH] sanitize ... |
1736 1737 |
if (displaced) reset_files_struct(displaced); |
1da177e4c Linux-2.6.12-rc2 |
1738 |
out_ret: |
c4ad8f98b execve: use 'stru... |
1739 |
putname(filename); |
1da177e4c Linux-2.6.12-rc2 |
1740 1741 |
return retval; } |
c4ad8f98b execve: use 'stru... |
1742 |
int do_execve(struct filename *filename, |
ba2d01629 exec: introduce s... |
1743 |
const char __user *const __user *__argv, |
da3d4c5fa get rid of pt_reg... |
1744 |
const char __user *const __user *__envp) |
ba2d01629 exec: introduce s... |
1745 |
{ |
0e028465d exec: unify do_ex... |
1746 1747 |
struct user_arg_ptr argv = { .ptr.native = __argv }; struct user_arg_ptr envp = { .ptr.native = __envp }; |
51f39a1f0 syscalls: impleme... |
1748 1749 1750 1751 1752 1753 1754 1755 1756 1757 1758 1759 |
return do_execveat_common(AT_FDCWD, filename, argv, envp, 0); } int do_execveat(int fd, struct filename *filename, const char __user *const __user *__argv, const char __user *const __user *__envp, int flags) { struct user_arg_ptr argv = { .ptr.native = __argv }; struct user_arg_ptr envp = { .ptr.native = __envp }; return do_execveat_common(fd, filename, argv, envp, flags); |
0e028465d exec: unify do_ex... |
1760 1761 1762 |
} #ifdef CONFIG_COMPAT |
c4ad8f98b execve: use 'stru... |
1763 |
static int compat_do_execve(struct filename *filename, |
38b983b34 generic sys_execve() |
1764 |
const compat_uptr_t __user *__argv, |
d03d26e58 make compat_do_ex... |
1765 |
const compat_uptr_t __user *__envp) |
0e028465d exec: unify do_ex... |
1766 1767 1768 1769 1770 1771 1772 1773 1774 |
{ struct user_arg_ptr argv = { .is_compat = true, .ptr.compat = __argv, }; struct user_arg_ptr envp = { .is_compat = true, .ptr.compat = __envp, }; |
51f39a1f0 syscalls: impleme... |
1775 1776 1777 1778 1779 1780 1781 1782 1783 1784 1785 1786 1787 1788 1789 1790 1791 |
return do_execveat_common(AT_FDCWD, filename, argv, envp, 0); } static int compat_do_execveat(int fd, struct filename *filename, const compat_uptr_t __user *__argv, const compat_uptr_t __user *__envp, int flags) { struct user_arg_ptr argv = { .is_compat = true, .ptr.compat = __argv, }; struct user_arg_ptr envp = { .is_compat = true, .ptr.compat = __envp, }; return do_execveat_common(fd, filename, argv, envp, flags); |
ba2d01629 exec: introduce s... |
1792 |
} |
0e028465d exec: unify do_ex... |
1793 |
#endif |
ba2d01629 exec: introduce s... |
1794 |
|
964ee7df9 exec: fix set_bin... |
1795 |
void set_binfmt(struct linux_binfmt *new) |
1da177e4c Linux-2.6.12-rc2 |
1796 |
{ |
801460d0c task_struct clean... |
1797 1798 1799 1800 |
struct mm_struct *mm = current->mm; if (mm->binfmt) module_put(mm->binfmt->module); |
1da177e4c Linux-2.6.12-rc2 |
1801 |
|
801460d0c task_struct clean... |
1802 |
mm->binfmt = new; |
964ee7df9 exec: fix set_bin... |
1803 1804 |
if (new) __module_get(new->module); |
1da177e4c Linux-2.6.12-rc2 |
1805 |
} |
1da177e4c Linux-2.6.12-rc2 |
1806 |
EXPORT_SYMBOL(set_binfmt); |
6c5d52382 coredump masking:... |
1807 |
/* |
7288e1187 coredump: kill MM... |
1808 |
* set_dumpable stores three-value SUID_DUMP_* into mm->flags. |
6c5d52382 coredump masking:... |
1809 1810 1811 |
*/ void set_dumpable(struct mm_struct *mm, int value) { |
abacd2fe3 coredump: set_dum... |
1812 |
unsigned long old, new; |
7288e1187 coredump: kill MM... |
1813 1814 |
if (WARN_ON((unsigned)value > SUID_DUMP_ROOT)) return; |
abacd2fe3 coredump: set_dum... |
1815 1816 |
do { old = ACCESS_ONCE(mm->flags); |
7288e1187 coredump: kill MM... |
1817 |
new = (old & ~MMF_DUMPABLE_MASK) | value; |
abacd2fe3 coredump: set_dum... |
1818 |
} while (cmpxchg(&mm->flags, old, new) != old); |
6c5d52382 coredump masking:... |
1819 |
} |
6c5d52382 coredump masking:... |
1820 |
|
38b983b34 generic sys_execve() |
1821 1822 1823 1824 1825 |
SYSCALL_DEFINE3(execve, const char __user *, filename, const char __user *const __user *, argv, const char __user *const __user *, envp) { |
c4ad8f98b execve: use 'stru... |
1826 |
return do_execve(getname(filename), argv, envp); |
38b983b34 generic sys_execve() |
1827 |
} |
51f39a1f0 syscalls: impleme... |
1828 1829 1830 1831 1832 1833 1834 1835 1836 1837 1838 1839 1840 |
SYSCALL_DEFINE5(execveat, int, fd, const char __user *, filename, const char __user *const __user *, argv, const char __user *const __user *, envp, int, flags) { int lookup_flags = (flags & AT_EMPTY_PATH) ? LOOKUP_EMPTY : 0; return do_execveat(fd, getname_flags(filename, lookup_flags, NULL), argv, envp, flags); } |
38b983b34 generic sys_execve() |
1841 |
#ifdef CONFIG_COMPAT |
625b1d7e8 fs/compat: conver... |
1842 1843 1844 |
COMPAT_SYSCALL_DEFINE3(execve, const char __user *, filename, const compat_uptr_t __user *, argv, const compat_uptr_t __user *, envp) |
38b983b34 generic sys_execve() |
1845 |
{ |
c4ad8f98b execve: use 'stru... |
1846 |
return compat_do_execve(getname(filename), argv, envp); |
38b983b34 generic sys_execve() |
1847 |
} |
51f39a1f0 syscalls: impleme... |
1848 1849 1850 1851 1852 1853 1854 1855 1856 1857 1858 1859 1860 |
COMPAT_SYSCALL_DEFINE5(execveat, int, fd, const char __user *, filename, const compat_uptr_t __user *, argv, const compat_uptr_t __user *, envp, int, flags) { int lookup_flags = (flags & AT_EMPTY_PATH) ? LOOKUP_EMPTY : 0; return compat_do_execveat(fd, getname_flags(filename, lookup_flags, NULL), argv, envp, flags); } |
38b983b34 generic sys_execve() |
1861 |
#endif |