aboutsummaryrefslogtreecommitdiffstats
path: root/kernel
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2014-02-05 15:54:53 -0500
committerLinus Torvalds <torvalds@linux-foundation.org>2014-02-05 15:54:53 -0500
commitc4ad8f98bef77c7356aa6a9ad9188a6acc6b849d (patch)
tree16117463e3106b2be026afbe843019cf5d3c3270 /kernel
parent878a876b2e10888afe53766dcca33f723ae20edc (diff)
execve: use 'struct filename *' for executable name passing
This changes 'do_execve()' to get the executable name as a 'struct filename', and to free it when it is done. This is what the normal users want, and it simplifies and streamlines their error handling. The controlled lifetime of the executable name also fixes a use-after-free problem with the trace_sched_process_exec tracepoint: the lifetime of the passed-in string for kernel users was not at all obvious, and the user-mode helper code used UMH_WAIT_EXEC to serialize the pathname allocation lifetime with the execve() having finished, which in turn meant that the trace point that happened after mm_release() of the old process VM ended up using already free'd memory. To solve the kernel string lifetime issue, this simply introduces "getname_kernel()" that works like the normal user-space getname() function, except with the source coming from kernel memory. As Oleg points out, this also means that we could drop the tcomm[] array from 'struct linux_binprm', since the pathname lifetime now covers setup_new_exec(). That would be a separate cleanup. Reported-by: Igor Zhbanov <i.zhbanov@samsung.com> Tested-by: Steven Rostedt <rostedt@goodmis.org> Cc: Oleg Nesterov <oleg@redhat.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'kernel')
-rw-r--r--kernel/auditsc.c2
-rw-r--r--kernel/kmod.c2
2 files changed, 2 insertions, 2 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 10176cd5956a..7aef2f4b6c64 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -1719,7 +1719,7 @@ void audit_putname(struct filename *name)
1719 struct audit_context *context = current->audit_context; 1719 struct audit_context *context = current->audit_context;
1720 1720
1721 BUG_ON(!context); 1721 BUG_ON(!context);
1722 if (!context->in_syscall) { 1722 if (!name->aname || !context->in_syscall) {
1723#if AUDIT_DEBUG == 2 1723#if AUDIT_DEBUG == 2
1724 printk(KERN_ERR "%s:%d(:%d): final_putname(%p)\n", 1724 printk(KERN_ERR "%s:%d(:%d): final_putname(%p)\n",
1725 __FILE__, __LINE__, context->serial, name); 1725 __FILE__, __LINE__, context->serial, name);
diff --git a/kernel/kmod.c b/kernel/kmod.c
index b086006c59e7..6b375af4958d 100644
--- a/kernel/kmod.c
+++ b/kernel/kmod.c
@@ -239,7 +239,7 @@ static int ____call_usermodehelper(void *data)
239 239
240 commit_creds(new); 240 commit_creds(new);
241 241
242 retval = do_execve(sub_info->path, 242 retval = do_execve(getname_kernel(sub_info->path),
243 (const char __user *const __user *)sub_info->argv, 243 (const char __user *const __user *)sub_info->argv,
244 (const char __user *const __user *)sub_info->envp); 244 (const char __user *const __user *)sub_info->envp);
245 if (!retval) 245 if (!retval)