aboutsummaryrefslogtreecommitdiffstats
path: root/fs/exec.c
diff options
context:
space:
mode:
Diffstat (limited to 'fs/exec.c')
-rw-r--r--fs/exec.c28
1 files changed, 22 insertions, 6 deletions
diff --git a/fs/exec.c b/fs/exec.c
index 97f9c225dd66..af1600cfa8c9 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1057,16 +1057,32 @@ EXPORT_SYMBOL(install_exec_creds);
1057 * - the caller must hold current->cred_exec_mutex to protect against 1057 * - the caller must hold current->cred_exec_mutex to protect against
1058 * PTRACE_ATTACH 1058 * PTRACE_ATTACH
1059 */ 1059 */
1060void check_unsafe_exec(struct linux_binprm *bprm) 1060void check_unsafe_exec(struct linux_binprm *bprm, struct files_struct *files)
1061{ 1061{
1062 struct task_struct *p = current; 1062 struct task_struct *p = current, *t;
1063 unsigned long flags;
1064 unsigned n_fs, n_files, n_sighand;
1063 1065
1064 bprm->unsafe = tracehook_unsafe_exec(p); 1066 bprm->unsafe = tracehook_unsafe_exec(p);
1065 1067
1066 if (atomic_read(&p->fs->count) > 1 || 1068 n_fs = 1;
1067 atomic_read(&p->files->count) > 1 || 1069 n_files = 1;
1068 atomic_read(&p->sighand->count) > 1) 1070 n_sighand = 1;
1071 lock_task_sighand(p, &flags);
1072 for (t = next_thread(p); t != p; t = next_thread(t)) {
1073 if (t->fs == p->fs)
1074 n_fs++;
1075 if (t->files == files)
1076 n_files++;
1077 n_sighand++;
1078 }
1079
1080 if (atomic_read(&p->fs->count) > n_fs ||
1081 atomic_read(&p->files->count) > n_files ||
1082 atomic_read(&p->sighand->count) > n_sighand)
1069 bprm->unsafe |= LSM_UNSAFE_SHARE; 1083 bprm->unsafe |= LSM_UNSAFE_SHARE;
1084
1085 unlock_task_sighand(p, &flags);
1070} 1086}
1071 1087
1072/* 1088/*
@@ -1281,7 +1297,7 @@ int do_execve(char * filename,
1281 bprm->cred = prepare_exec_creds(); 1297 bprm->cred = prepare_exec_creds();
1282 if (!bprm->cred) 1298 if (!bprm->cred)
1283 goto out_unlock; 1299 goto out_unlock;
1284 check_unsafe_exec(bprm); 1300 check_unsafe_exec(bprm, displaced);
1285 1301
1286 file = open_exec(filename); 1302 file = open_exec(filename);
1287 retval = PTR_ERR(file); 1303 retval = PTR_ERR(file);