Remove execution domain support

All users of exec_domain are gone, now we can get rid of that abandoned feature. To not break existing userspace we keep a dummy /proc/execdomains file which will always contain "0-0 Linux [kernel]". Signed-off-by: Richard Weinberger <richard@nod.at>
author: Richard Weinberger <richard@nod.at> 2015-03-30 02:14:16 -0400
committer: Richard Weinberger <richard@nod.at> 2015-04-12 14:58:24 -0400
commit: 973f911f55a0e510dd6db8bbb29cd82ff138d3c0 (patch)
tree: 6827110eb50b3d20773d893298eaf751583c4b13 /kernel
parent: 3c7a49d0745a82845f017929eefa9ac1ad117355 (diff)
3 files changed, 1 insertions, 105 deletions
diff --git a/kernel/exec_domain.c b/kernel/exec_domain.c
index 83d4382f5699..b2fb57d6b9b2 100644
--- a/kernel/exec_domain.c
+++ b/kernel/exec_domain.c
@@ -20,13 +20,7 @@
 #include <linux/types.h>
 #include <linux/fs_struct.h>
 static void default_handler(int, struct pt_regs *);
-static struct exec_domain *exec_domains = &default_exec_domain;
-static DEFINE_RWLOCK(exec_domains_lock);
 static unsigned long ident_map[32] = {
        0,      1,      2,      3,      4,      5,      6,      7,
        8,      9,      10,     11,     12,     13,     14,     15,
@@ -55,94 +49,9 @@ default_handler(int segment, struct pt_regs *regp)
                send_sig(SIGSEGV, current, 1);
 }
-static struct exec_domain *
-lookup_exec_domain(unsigned int personality)
-{
-        unsigned int pers = personality(personality);
-        struct exec_domain *ep;
-        read_lock(&exec_domains_lock);
-        for (ep = exec_domains; ep; ep = ep->next) {
-                if (pers >= ep->pers_low && pers <= ep->pers_high)
-                        if (try_module_get(ep->module))
-                                goto out;
-        }
-#ifdef CONFIG_MODULES
-        read_unlock(&exec_domains_lock);
-        request_module("personality-%d", pers);
-        read_lock(&exec_domains_lock);
-        for (ep = exec_domains; ep; ep = ep->next) {
-                if (pers >= ep->pers_low && pers <= ep->pers_high)
-                        if (try_module_get(ep->module))
-                                goto out;
-        }
-#endif
-        ep = &default_exec_domain;
-out:
-        read_unlock(&exec_domains_lock);
-        return ep;
-}
-int
-register_exec_domain(struct exec_domain *ep)
-{
-        struct exec_domain      *tmp;
-        int                     err = -EBUSY;
-        if (ep == NULL)
-                return -EINVAL;
-        if (ep->next != NULL)
-                return -EBUSY;
-        write_lock(&exec_domains_lock);
-        for (tmp = exec_domains; tmp; tmp = tmp->next) {
-                if (tmp == ep)
-                        goto out;
-        }
-        ep->next = exec_domains;
-        exec_domains = ep;
-        err = 0;
-out:
-        write_unlock(&exec_domains_lock);
-        return err;
-}
-EXPORT_SYMBOL(register_exec_domain);
-int
-unregister_exec_domain(struct exec_domain *ep)
-{
-        struct exec_domain      **epp;
-        epp = &exec_domains;
-        write_lock(&exec_domains_lock);
-        for (epp = &exec_domains; *epp; epp = &(*epp)->next) {
-                if (ep == *epp)
-                        goto unregister;
-        }
-        write_unlock(&exec_domains_lock);
-        return -EINVAL;
-unregister:
-        *epp = ep->next;
-        ep->next = NULL;
-        write_unlock(&exec_domains_lock);
-        return 0;
-}
-EXPORT_SYMBOL(unregister_exec_domain);
 int __set_personality(unsigned int personality)
 {
-        struct exec_domain *oep = current_thread_info()->exec_domain;
-        current_thread_info()->exec_domain = lookup_exec_domain(personality);
        current->personality = personality;
-        module_put(oep->module);
        return 0;
 }
@@ -151,14 +60,7 @@ EXPORT_SYMBOL(__set_personality);
 #ifdef CONFIG_PROC_FS
 static int execdomains_proc_show(struct seq_file *m, void *v)
 {
-        struct exec_domain      *ep;
+        seq_puts(m, "0-0\tLinux           \t[kernel]\n");
-        read_lock(&exec_domains_lock);
-        for (ep = exec_domains; ep; ep = ep->next)
-                seq_printf(m, "%d-%d\t%-16s\t[%s]\n",
-                               ep->pers_low, ep->pers_high, ep->name,
-                               module_name(ep->module));
-        read_unlock(&exec_domains_lock);
        return 0;
 }
diff --git a/kernel/exit.c b/kernel/exit.c
index feff10bbb307..22fcc05dec40 100644
--- a/kernel/exit.c
+++ b/kernel/exit.c
@@ -756,8 +756,6 @@ void do_exit(long code)
        cgroup_exit(tsk);
-        module_put(task_thread_info(tsk)->exec_domain->module);
        /*
         * FIXME: do that only when needed, using sched_exit tracepoint
         */
diff --git a/kernel/fork.c b/kernel/fork.c
index cf65139615a0..f2c1e7352298 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -1279,9 +1279,6 @@ static struct task_struct *copy_process(unsigned long clone_flags,
        if (nr_threads >= max_threads)
                goto bad_fork_cleanup_count;
-        if (!try_module_get(task_thread_info(p)->exec_domain->module))
-                goto bad_fork_cleanup_count;
        delayacct_tsk_init(p);  /* Must remain after dup_task_struct() */
        p->flags &= ~(PF_SUPERPRIV | PF_WQ_WORKER);
        p->flags |= PF_FORKNOEXEC;
@@ -1590,7 +1587,6 @@ bad_fork_cleanup_threadgroup_lock:
        if (clone_flags & CLONE_THREAD)
                threadgroup_change_end(current);
        delayacct_tsk_free(p);
-        module_put(task_thread_info(p)->exec_domain->module);
 bad_fork_cleanup_count:
        atomic_dec(&p->cred->user->processes);
        exit_creds(p);
author	Richard Weinberger <richard@nod.at>	2015-03-30 02:14:16 -0400
committer	Richard Weinberger <richard@nod.at>	2015-04-12 14:58:24 -0400
commit	973f911f55a0e510dd6db8bbb29cd82ff138d3c0 (patch)
tree	6827110eb50b3d20773d893298eaf751583c4b13 /kernel
parent	3c7a49d0745a82845f017929eefa9ac1ad117355 (diff)

diff --git a/kernel/exec_domain.c b/kernel/exec_domain.c index 83d4382f5699..b2fb57d6b9b2 100644 --- a/kernel/exec_domain.c +++ b/kernel/exec_domain.c
@@ -20,13 +20,7 @@
20	#include <linux/types.h>	20	#include <linux/types.h>
21	#include <linux/fs_struct.h>	21	#include <linux/fs_struct.h>
22		22
23
24	static void default_handler(int, struct pt_regs *);	23	static void default_handler(int, struct pt_regs *);
25
26	static struct exec_domain *exec_domains = &default_exec_domain;
27	static DEFINE_RWLOCK(exec_domains_lock);
28
29
30	static unsigned long ident_map[32] = {	24	static unsigned long ident_map[32] = {
31	0, 1, 2, 3, 4, 5, 6, 7,	25	0, 1, 2, 3, 4, 5, 6, 7,
32	8, 9, 10, 11, 12, 13, 14, 15,	26	8, 9, 10, 11, 12, 13, 14, 15,
@@ -55,94 +49,9 @@ default_handler(int segment, struct pt_regs *regp)
55	send_sig(SIGSEGV, current, 1);	49	send_sig(SIGSEGV, current, 1);
56	}	50	}
57		51
58	static struct exec_domain *
59	lookup_exec_domain(unsigned int personality)
60	{
61	unsigned int pers = personality(personality);
62	struct exec_domain *ep;
63
64	read_lock(&exec_domains_lock);
65	for (ep = exec_domains; ep; ep = ep->next) {
66	if (pers >= ep->pers_low && pers <= ep->pers_high)
67	if (try_module_get(ep->module))
68	goto out;
69	}
70
71	#ifdef CONFIG_MODULES
72	read_unlock(&exec_domains_lock);
73	request_module("personality-%d", pers);
74	read_lock(&exec_domains_lock);
75
76	for (ep = exec_domains; ep; ep = ep->next) {
77	if (pers >= ep->pers_low && pers <= ep->pers_high)
78	if (try_module_get(ep->module))
79	goto out;
80	}
81	#endif
82
83	ep = &default_exec_domain;
84	out:
85	read_unlock(&exec_domains_lock);
86	return ep;
87	}
88
89	int
90	register_exec_domain(struct exec_domain *ep)
91	{
92	struct exec_domain *tmp;
93	int err = -EBUSY;
94
95	if (ep == NULL)
96	return -EINVAL;
97
98	if (ep->next != NULL)
99	return -EBUSY;
100
101	write_lock(&exec_domains_lock);
102	for (tmp = exec_domains; tmp; tmp = tmp->next) {
103	if (tmp == ep)
104	goto out;
105	}
106
107	ep->next = exec_domains;
108	exec_domains = ep;
109	err = 0;
110
111	out:
112	write_unlock(&exec_domains_lock);
113	return err;
114	}
115	EXPORT_SYMBOL(register_exec_domain);
116
117	int
118	unregister_exec_domain(struct exec_domain *ep)
119	{
120	struct exec_domain **epp;
121
122	epp = &exec_domains;
123	write_lock(&exec_domains_lock);
124	for (epp = &exec_domains; epp; epp = &(epp)->next) {
125	if (ep == *epp)
126	goto unregister;
127	}
128	write_unlock(&exec_domains_lock);
129	return -EINVAL;
130
131	unregister:
132	*epp = ep->next;
133	ep->next = NULL;
134	write_unlock(&exec_domains_lock);
135	return 0;
136	}
137	EXPORT_SYMBOL(unregister_exec_domain);
138
139	int __set_personality(unsigned int personality)	52	int __set_personality(unsigned int personality)
140	{	53	{
141	struct exec_domain *oep = current_thread_info()->exec_domain;
142
143	current_thread_info()->exec_domain = lookup_exec_domain(personality);
144	current->personality = personality;	54	current->personality = personality;
145	module_put(oep->module);
146		55
147	return 0;	56	return 0;
148	}	57	}
@@ -151,14 +60,7 @@ EXPORT_SYMBOL(__set_personality);
151	#ifdef CONFIG_PROC_FS	60	#ifdef CONFIG_PROC_FS
152	static int execdomains_proc_show(struct seq_file m, void v)	61	static int execdomains_proc_show(struct seq_file m, void v)
153	{	62	{
154	struct exec_domain *ep;	63	seq_puts(m, "0-0\tLinux \t[kernel]\n");
155
156	read_lock(&exec_domains_lock);
157	for (ep = exec_domains; ep; ep = ep->next)
158	seq_printf(m, "%d-%d\t%-16s\t[%s]\n",
159	ep->pers_low, ep->pers_high, ep->name,
160	module_name(ep->module));
161	read_unlock(&exec_domains_lock);
162	return 0;	64	return 0;
163	}	65	}
164		66


diff --git a/kernel/exit.c b/kernel/exit.c index feff10bbb307..22fcc05dec40 100644 --- a/kernel/exit.c +++ b/kernel/exit.c
@@ -756,8 +756,6 @@ void do_exit(long code)
756		756
757	cgroup_exit(tsk);	757	cgroup_exit(tsk);
758		758
759	module_put(task_thread_info(tsk)->exec_domain->module);
760
761	/*	759	/*
762	* FIXME: do that only when needed, using sched_exit tracepoint	760	* FIXME: do that only when needed, using sched_exit tracepoint
763	*/	761	*/


diff --git a/kernel/fork.c b/kernel/fork.c index cf65139615a0..f2c1e7352298 100644 --- a/kernel/fork.c +++ b/kernel/fork.c
@@ -1279,9 +1279,6 @@ static struct task_struct *copy_process(unsigned long clone_flags,
1279	if (nr_threads >= max_threads)	1279	if (nr_threads >= max_threads)
1280	goto bad_fork_cleanup_count;	1280	goto bad_fork_cleanup_count;
1281		1281
1282	if (!try_module_get(task_thread_info(p)->exec_domain->module))
1283	goto bad_fork_cleanup_count;
1284
1285	delayacct_tsk_init(p); /* Must remain after dup_task_struct() */	1282	delayacct_tsk_init(p); /* Must remain after dup_task_struct() */
1286	p->flags &= ~(PF_SUPERPRIV \| PF_WQ_WORKER);	1283	p->flags &= ~(PF_SUPERPRIV \| PF_WQ_WORKER);
1287	p->flags \|= PF_FORKNOEXEC;	1284	p->flags \|= PF_FORKNOEXEC;
@@ -1590,7 +1587,6 @@ bad_fork_cleanup_threadgroup_lock:
1590	if (clone_flags & CLONE_THREAD)	1587	if (clone_flags & CLONE_THREAD)
1591	threadgroup_change_end(current);	1588	threadgroup_change_end(current);
1592	delayacct_tsk_free(p);	1589	delayacct_tsk_free(p);
1593	module_put(task_thread_info(p)->exec_domain->module);
1594	bad_fork_cleanup_count:	1590	bad_fork_cleanup_count:
1595	atomic_dec(&p->cred->user->processes);	1591	atomic_dec(&p->cred->user->processes);
1596	exit_creds(p);	1592	exit_creds(p);