aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorOleg Nesterov <oleg@redhat.com>2014-01-23 18:55:32 -0500
committerLinus Torvalds <torvalds@linux-foundation.org>2014-01-23 19:37:01 -0500
commit7288e1187ba935996232246916418c64bb88da30 (patch)
treeced1754f48f918acca47a0c4f4c3a5c8f35db39d
parentabacd2fe3ca10b3ade57f3634053241a660002c2 (diff)
coredump: kill MMF_DUMPABLE and MMF_DUMP_SECURELY
Nobody actually needs MMF_DUMPABLE/MMF_DUMP_SECURELY, they are only used to enforce the encoding of SUID_DUMP_* enum in mm->flags & MMF_DUMPABLE_MASK. Now that set_dumpable() updates both bits atomically we can kill them and simply store the value "as is" in 2 lower bits. Signed-off-by: Oleg Nesterov <oleg@redhat.com> Acked-by: Kees Cook <keescook@chromium.org> Cc: Alex Kelly <alex.page.kelly@gmail.com> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: Josh Triplett <josh@joshtriplett.org> Cc: Petr Matousek <pmatouse@redhat.com> Cc: Vasily Kulikov <segoon@openwall.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r--fs/exec.c21
-rw-r--r--include/linux/sched.h4
2 files changed, 7 insertions, 18 deletions
diff --git a/fs/exec.c b/fs/exec.c
index f039386499db..f798da06abac 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1613,33 +1613,24 @@ void set_binfmt(struct linux_binfmt *new)
1613EXPORT_SYMBOL(set_binfmt); 1613EXPORT_SYMBOL(set_binfmt);
1614 1614
1615/* 1615/*
1616 * set_dumpable converts traditional three-value dumpable to two flags and 1616 * set_dumpable stores three-value SUID_DUMP_* into mm->flags.
1617 * stores them into mm->flags.
1618 */ 1617 */
1619void set_dumpable(struct mm_struct *mm, int value) 1618void set_dumpable(struct mm_struct *mm, int value)
1620{ 1619{
1621 unsigned long old, new; 1620 unsigned long old, new;
1622 1621
1622 if (WARN_ON((unsigned)value > SUID_DUMP_ROOT))
1623 return;
1624
1623 do { 1625 do {
1624 old = ACCESS_ONCE(mm->flags); 1626 old = ACCESS_ONCE(mm->flags);
1625 new = old & ~MMF_DUMPABLE_MASK; 1627 new = (old & ~MMF_DUMPABLE_MASK) | value;
1626
1627 switch (value) {
1628 case SUID_DUMP_ROOT:
1629 new |= (1 << MMF_DUMP_SECURELY);
1630 case SUID_DUMP_USER:
1631 new |= (1<< MMF_DUMPABLE);
1632 }
1633
1634 } while (cmpxchg(&mm->flags, old, new) != old); 1628 } while (cmpxchg(&mm->flags, old, new) != old);
1635} 1629}
1636 1630
1637int __get_dumpable(unsigned long mm_flags) 1631int __get_dumpable(unsigned long mm_flags)
1638{ 1632{
1639 int ret; 1633 return mm_flags & MMF_DUMPABLE_MASK;
1640
1641 ret = mm_flags & MMF_DUMPABLE_MASK;
1642 return (ret > SUID_DUMP_USER) ? SUID_DUMP_ROOT : ret;
1643} 1634}
1644 1635
1645/* 1636/*
diff --git a/include/linux/sched.h b/include/linux/sched.h
index 485234d2fd42..124430ba569b 100644
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@@ -400,10 +400,8 @@ extern int get_dumpable(struct mm_struct *mm);
400#define SUID_DUMP_ROOT 2 /* Dump as root */ 400#define SUID_DUMP_ROOT 2 /* Dump as root */
401 401
402/* mm flags */ 402/* mm flags */
403/* dumpable bits */
404#define MMF_DUMPABLE 0 /* core dump is permitted */
405#define MMF_DUMP_SECURELY 1 /* core file is readable only by root */
406 403
404/* for SUID_DUMP_* above */
407#define MMF_DUMPABLE_BITS 2 405#define MMF_DUMPABLE_BITS 2
408#define MMF_DUMPABLE_MASK ((1 << MMF_DUMPABLE_BITS) - 1) 406#define MMF_DUMPABLE_MASK ((1 << MMF_DUMPABLE_BITS) - 1)
409 407