diff options
| author | Oleg Nesterov <oleg@redhat.com> | 2014-01-23 18:55:32 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2014-01-23 19:37:01 -0500 |
| commit | 7288e1187ba935996232246916418c64bb88da30 (patch) | |
| tree | ced1754f48f918acca47a0c4f4c3a5c8f35db39d /fs | |
| parent | abacd2fe3ca10b3ade57f3634053241a660002c2 (diff) | |
coredump: kill MMF_DUMPABLE and MMF_DUMP_SECURELY
Nobody actually needs MMF_DUMPABLE/MMF_DUMP_SECURELY, they are only used
to enforce the encoding of SUID_DUMP_* enum in mm->flags &
MMF_DUMPABLE_MASK.
Now that set_dumpable() updates both bits atomically we can kill them and
simply store the value "as is" in 2 lower bits.
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Kees Cook <keescook@chromium.org>
Cc: Alex Kelly <alex.page.kelly@gmail.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Josh Triplett <josh@joshtriplett.org>
Cc: Petr Matousek <pmatouse@redhat.com>
Cc: Vasily Kulikov <segoon@openwall.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs')
| -rw-r--r-- | fs/exec.c | 21 |
1 files changed, 6 insertions, 15 deletions
| @@ -1613,33 +1613,24 @@ void set_binfmt(struct linux_binfmt *new) | |||
| 1613 | EXPORT_SYMBOL(set_binfmt); | 1613 | EXPORT_SYMBOL(set_binfmt); |
| 1614 | 1614 | ||
| 1615 | /* | 1615 | /* |
| 1616 | * set_dumpable converts traditional three-value dumpable to two flags and | 1616 | * set_dumpable stores three-value SUID_DUMP_* into mm->flags. |
| 1617 | * stores them into mm->flags. | ||
| 1618 | */ | 1617 | */ |
| 1619 | void set_dumpable(struct mm_struct *mm, int value) | 1618 | void set_dumpable(struct mm_struct *mm, int value) |
| 1620 | { | 1619 | { |
| 1621 | unsigned long old, new; | 1620 | unsigned long old, new; |
| 1622 | 1621 | ||
| 1622 | if (WARN_ON((unsigned)value > SUID_DUMP_ROOT)) | ||
| 1623 | return; | ||
| 1624 | |||
| 1623 | do { | 1625 | do { |
| 1624 | old = ACCESS_ONCE(mm->flags); | 1626 | old = ACCESS_ONCE(mm->flags); |
| 1625 | new = old & ~MMF_DUMPABLE_MASK; | 1627 | new = (old & ~MMF_DUMPABLE_MASK) | value; |
| 1626 | |||
| 1627 | switch (value) { | ||
| 1628 | case SUID_DUMP_ROOT: | ||
| 1629 | new |= (1 << MMF_DUMP_SECURELY); | ||
| 1630 | case SUID_DUMP_USER: | ||
| 1631 | new |= (1<< MMF_DUMPABLE); | ||
| 1632 | } | ||
| 1633 | |||
| 1634 | } while (cmpxchg(&mm->flags, old, new) != old); | 1628 | } while (cmpxchg(&mm->flags, old, new) != old); |
| 1635 | } | 1629 | } |
| 1636 | 1630 | ||
| 1637 | int __get_dumpable(unsigned long mm_flags) | 1631 | int __get_dumpable(unsigned long mm_flags) |
| 1638 | { | 1632 | { |
| 1639 | int ret; | 1633 | return mm_flags & MMF_DUMPABLE_MASK; |
| 1640 | |||
| 1641 | ret = mm_flags & MMF_DUMPABLE_MASK; | ||
| 1642 | return (ret > SUID_DUMP_USER) ? SUID_DUMP_ROOT : ret; | ||
| 1643 | } | 1634 | } |
| 1644 | 1635 | ||
| 1645 | /* | 1636 | /* |