diff options
Diffstat (limited to 'fs/exec.c')
| -rw-r--r-- | fs/exec.c | 40 |
1 files changed, 23 insertions, 17 deletions
| @@ -826,7 +826,9 @@ static int de_thread(struct task_struct *tsk) | |||
| 826 | attach_pid(tsk, PIDTYPE_PID, task_pid(leader)); | 826 | attach_pid(tsk, PIDTYPE_PID, task_pid(leader)); |
| 827 | transfer_pid(leader, tsk, PIDTYPE_PGID); | 827 | transfer_pid(leader, tsk, PIDTYPE_PGID); |
| 828 | transfer_pid(leader, tsk, PIDTYPE_SID); | 828 | transfer_pid(leader, tsk, PIDTYPE_SID); |
| 829 | |||
| 829 | list_replace_rcu(&leader->tasks, &tsk->tasks); | 830 | list_replace_rcu(&leader->tasks, &tsk->tasks); |
| 831 | list_replace_init(&leader->sibling, &tsk->sibling); | ||
| 830 | 832 | ||
| 831 | tsk->group_leader = tsk; | 833 | tsk->group_leader = tsk; |
| 832 | leader->group_leader = tsk; | 834 | leader->group_leader = tsk; |
| @@ -1761,17 +1763,20 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) | |||
| 1761 | struct mm_struct *mm = current->mm; | 1763 | struct mm_struct *mm = current->mm; |
| 1762 | struct linux_binfmt * binfmt; | 1764 | struct linux_binfmt * binfmt; |
| 1763 | struct inode * inode; | 1765 | struct inode * inode; |
| 1764 | struct file * file; | ||
| 1765 | const struct cred *old_cred; | 1766 | const struct cred *old_cred; |
| 1766 | struct cred *cred; | 1767 | struct cred *cred; |
| 1767 | int retval = 0; | 1768 | int retval = 0; |
| 1768 | int flag = 0; | 1769 | int flag = 0; |
| 1769 | int ispipe = 0; | 1770 | int ispipe = 0; |
| 1770 | unsigned long core_limit = current->signal->rlim[RLIMIT_CORE].rlim_cur; | ||
| 1771 | char **helper_argv = NULL; | 1771 | char **helper_argv = NULL; |
| 1772 | int helper_argc = 0; | 1772 | int helper_argc = 0; |
| 1773 | int dump_count = 0; | 1773 | int dump_count = 0; |
| 1774 | static atomic_t core_dump_count = ATOMIC_INIT(0); | 1774 | static atomic_t core_dump_count = ATOMIC_INIT(0); |
| 1775 | struct coredump_params cprm = { | ||
| 1776 | .signr = signr, | ||
| 1777 | .regs = regs, | ||
| 1778 | .limit = current->signal->rlim[RLIMIT_CORE].rlim_cur, | ||
| 1779 | }; | ||
| 1775 | 1780 | ||
| 1776 | audit_core_dumps(signr); | 1781 | audit_core_dumps(signr); |
| 1777 | 1782 | ||
| @@ -1827,15 +1832,15 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) | |||
| 1827 | ispipe = format_corename(corename, signr); | 1832 | ispipe = format_corename(corename, signr); |
| 1828 | unlock_kernel(); | 1833 | unlock_kernel(); |
| 1829 | 1834 | ||
| 1830 | if ((!ispipe) && (core_limit < binfmt->min_coredump)) | 1835 | if ((!ispipe) && (cprm.limit < binfmt->min_coredump)) |
| 1831 | goto fail_unlock; | 1836 | goto fail_unlock; |
| 1832 | 1837 | ||
| 1833 | if (ispipe) { | 1838 | if (ispipe) { |
| 1834 | if (core_limit == 0) { | 1839 | if (cprm.limit == 0) { |
| 1835 | /* | 1840 | /* |
| 1836 | * Normally core limits are irrelevant to pipes, since | 1841 | * Normally core limits are irrelevant to pipes, since |
| 1837 | * we're not writing to the file system, but we use | 1842 | * we're not writing to the file system, but we use |
| 1838 | * core_limit of 0 here as a speacial value. Any | 1843 | * cprm.limit of 0 here as a speacial value. Any |
| 1839 | * non-zero limit gets set to RLIM_INFINITY below, but | 1844 | * non-zero limit gets set to RLIM_INFINITY below, but |
| 1840 | * a limit of 0 skips the dump. This is a consistent | 1845 | * a limit of 0 skips the dump. This is a consistent |
| 1841 | * way to catch recursive crashes. We can still crash | 1846 | * way to catch recursive crashes. We can still crash |
| @@ -1868,25 +1873,25 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) | |||
| 1868 | goto fail_dropcount; | 1873 | goto fail_dropcount; |
| 1869 | } | 1874 | } |
| 1870 | 1875 | ||
| 1871 | core_limit = RLIM_INFINITY; | 1876 | cprm.limit = RLIM_INFINITY; |
| 1872 | 1877 | ||
| 1873 | /* SIGPIPE can happen, but it's just never processed */ | 1878 | /* SIGPIPE can happen, but it's just never processed */ |
| 1874 | if (call_usermodehelper_pipe(helper_argv[0], helper_argv, NULL, | 1879 | if (call_usermodehelper_pipe(helper_argv[0], helper_argv, NULL, |
| 1875 | &file)) { | 1880 | &cprm.file)) { |
| 1876 | printk(KERN_INFO "Core dump to %s pipe failed\n", | 1881 | printk(KERN_INFO "Core dump to %s pipe failed\n", |
| 1877 | corename); | 1882 | corename); |
| 1878 | goto fail_dropcount; | 1883 | goto fail_dropcount; |
| 1879 | } | 1884 | } |
| 1880 | } else | 1885 | } else |
| 1881 | file = filp_open(corename, | 1886 | cprm.file = filp_open(corename, |
| 1882 | O_CREAT | 2 | O_NOFOLLOW | O_LARGEFILE | flag, | 1887 | O_CREAT | 2 | O_NOFOLLOW | O_LARGEFILE | flag, |
| 1883 | 0600); | 1888 | 0600); |
| 1884 | if (IS_ERR(file)) | 1889 | if (IS_ERR(cprm.file)) |
| 1885 | goto fail_dropcount; | 1890 | goto fail_dropcount; |
| 1886 | inode = file->f_path.dentry->d_inode; | 1891 | inode = cprm.file->f_path.dentry->d_inode; |
| 1887 | if (inode->i_nlink > 1) | 1892 | if (inode->i_nlink > 1) |
| 1888 | goto close_fail; /* multiple links - don't dump */ | 1893 | goto close_fail; /* multiple links - don't dump */ |
| 1889 | if (!ispipe && d_unhashed(file->f_path.dentry)) | 1894 | if (!ispipe && d_unhashed(cprm.file->f_path.dentry)) |
| 1890 | goto close_fail; | 1895 | goto close_fail; |
| 1891 | 1896 | ||
| 1892 | /* AK: actually i see no reason to not allow this for named pipes etc., | 1897 | /* AK: actually i see no reason to not allow this for named pipes etc., |
| @@ -1899,21 +1904,22 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) | |||
| 1899 | */ | 1904 | */ |
| 1900 | if (inode->i_uid != current_fsuid()) | 1905 | if (inode->i_uid != current_fsuid()) |
| 1901 | goto close_fail; | 1906 | goto close_fail; |
| 1902 | if (!file->f_op) | 1907 | if (!cprm.file->f_op) |
| 1903 | goto close_fail; | 1908 | goto close_fail; |
| 1904 | if (!file->f_op->write) | 1909 | if (!cprm.file->f_op->write) |
| 1905 | goto close_fail; | 1910 | goto close_fail; |
| 1906 | if (!ispipe && do_truncate(file->f_path.dentry, 0, 0, file) != 0) | 1911 | if (!ispipe && |
| 1912 | do_truncate(cprm.file->f_path.dentry, 0, 0, cprm.file) != 0) | ||
| 1907 | goto close_fail; | 1913 | goto close_fail; |
| 1908 | 1914 | ||
| 1909 | retval = binfmt->core_dump(signr, regs, file, core_limit); | 1915 | retval = binfmt->core_dump(&cprm); |
| 1910 | 1916 | ||
| 1911 | if (retval) | 1917 | if (retval) |
| 1912 | current->signal->group_exit_code |= 0x80; | 1918 | current->signal->group_exit_code |= 0x80; |
| 1913 | close_fail: | 1919 | close_fail: |
| 1914 | if (ispipe && core_pipe_limit) | 1920 | if (ispipe && core_pipe_limit) |
| 1915 | wait_for_dump_helpers(file); | 1921 | wait_for_dump_helpers(cprm.file); |
| 1916 | filp_close(file, NULL); | 1922 | filp_close(cprm.file, NULL); |
| 1917 | fail_dropcount: | 1923 | fail_dropcount: |
| 1918 | if (dump_count) | 1924 | if (dump_count) |
| 1919 | atomic_dec(&core_dump_count); | 1925 | atomic_dec(&core_dump_count); |