diff options
| -rw-r--r-- | include/linux/sched.h | 1 | ||||
| -rw-r--r-- | kernel/sys.c | 31 |
2 files changed, 20 insertions, 12 deletions
diff --git a/include/linux/sched.h b/include/linux/sched.h index 6029d8c54476..c688d4cc2e40 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h | |||
| @@ -439,6 +439,7 @@ extern int get_dumpable(struct mm_struct *mm); | |||
| 439 | /* leave room for more dump flags */ | 439 | /* leave room for more dump flags */ |
| 440 | #define MMF_VM_MERGEABLE 16 /* KSM may merge identical pages */ | 440 | #define MMF_VM_MERGEABLE 16 /* KSM may merge identical pages */ |
| 441 | #define MMF_VM_HUGEPAGE 17 /* set when VM_HUGEPAGE is set on vma */ | 441 | #define MMF_VM_HUGEPAGE 17 /* set when VM_HUGEPAGE is set on vma */ |
| 442 | #define MMF_EXE_FILE_CHANGED 18 /* see prctl_set_mm_exe_file() */ | ||
| 442 | 443 | ||
| 443 | #define MMF_INIT_MASK (MMF_DUMPABLE_MASK | MMF_DUMP_FILTER_MASK) | 444 | #define MMF_INIT_MASK (MMF_DUMPABLE_MASK | MMF_DUMP_FILTER_MASK) |
| 444 | 445 | ||
diff --git a/kernel/sys.c b/kernel/sys.c index 9ff89cb9657a..54f20fdee93c 100644 --- a/kernel/sys.c +++ b/kernel/sys.c | |||
| @@ -1796,17 +1796,11 @@ static bool vma_flags_mismatch(struct vm_area_struct *vma, | |||
| 1796 | 1796 | ||
| 1797 | static int prctl_set_mm_exe_file(struct mm_struct *mm, unsigned int fd) | 1797 | static int prctl_set_mm_exe_file(struct mm_struct *mm, unsigned int fd) |
| 1798 | { | 1798 | { |
| 1799 | struct vm_area_struct *vma; | ||
| 1799 | struct file *exe_file; | 1800 | struct file *exe_file; |
| 1800 | struct dentry *dentry; | 1801 | struct dentry *dentry; |
| 1801 | int err; | 1802 | int err; |
| 1802 | 1803 | ||
| 1803 | /* | ||
| 1804 | * Setting new mm::exe_file is only allowed when no VM_EXECUTABLE vma's | ||
| 1805 | * remain. So perform a quick test first. | ||
| 1806 | */ | ||
| 1807 | if (mm->num_exe_file_vmas) | ||
| 1808 | return -EBUSY; | ||
| 1809 | |||
| 1810 | exe_file = fget(fd); | 1804 | exe_file = fget(fd); |
| 1811 | if (!exe_file) | 1805 | if (!exe_file) |
| 1812 | return -EBADF; | 1806 | return -EBADF; |
| @@ -1827,17 +1821,30 @@ static int prctl_set_mm_exe_file(struct mm_struct *mm, unsigned int fd) | |||
| 1827 | if (err) | 1821 | if (err) |
| 1828 | goto exit; | 1822 | goto exit; |
| 1829 | 1823 | ||
| 1824 | down_write(&mm->mmap_sem); | ||
| 1825 | |||
| 1826 | /* | ||
| 1827 | * Forbid mm->exe_file change if there are mapped other files. | ||
| 1828 | */ | ||
| 1829 | err = -EBUSY; | ||
| 1830 | for (vma = mm->mmap; vma; vma = vma->vm_next) { | ||
| 1831 | if (vma->vm_file && !path_equal(&vma->vm_file->f_path, | ||
| 1832 | &exe_file->f_path)) | ||
| 1833 | goto exit_unlock; | ||
| 1834 | } | ||
| 1835 | |||
| 1830 | /* | 1836 | /* |
| 1831 | * The symlink can be changed only once, just to disallow arbitrary | 1837 | * The symlink can be changed only once, just to disallow arbitrary |
| 1832 | * transitions malicious software might bring in. This means one | 1838 | * transitions malicious software might bring in. This means one |
| 1833 | * could make a snapshot over all processes running and monitor | 1839 | * could make a snapshot over all processes running and monitor |
| 1834 | * /proc/pid/exe changes to notice unusual activity if needed. | 1840 | * /proc/pid/exe changes to notice unusual activity if needed. |
| 1835 | */ | 1841 | */ |
| 1836 | down_write(&mm->mmap_sem); | 1842 | err = -EPERM; |
| 1837 | if (likely(!mm->exe_file)) | 1843 | if (test_and_set_bit(MMF_EXE_FILE_CHANGED, &mm->flags)) |
| 1838 | set_mm_exe_file(mm, exe_file); | 1844 | goto exit_unlock; |
| 1839 | else | 1845 | |
| 1840 | err = -EBUSY; | 1846 | set_mm_exe_file(mm, exe_file); |
| 1847 | exit_unlock: | ||
| 1841 | up_write(&mm->mmap_sem); | 1848 | up_write(&mm->mmap_sem); |
| 1842 | 1849 | ||
| 1843 | exit: | 1850 | exit: |