diff options
Diffstat (limited to 'fs/exec.c')
| -rw-r--r-- | fs/exec.c | 168 |
1 files changed, 101 insertions, 67 deletions
| @@ -66,6 +66,12 @@ char core_pattern[CORENAME_MAX_SIZE] = "core"; | |||
| 66 | unsigned int core_pipe_limit; | 66 | unsigned int core_pipe_limit; |
| 67 | int suid_dumpable = 0; | 67 | int suid_dumpable = 0; |
| 68 | 68 | ||
| 69 | struct core_name { | ||
| 70 | char *corename; | ||
| 71 | int used, size; | ||
| 72 | }; | ||
| 73 | static atomic_t call_count = ATOMIC_INIT(1); | ||
| 74 | |||
| 69 | /* The maximal length of core_pattern is also specified in sysctl.c */ | 75 | /* The maximal length of core_pattern is also specified in sysctl.c */ |
| 70 | 76 | ||
| 71 | static LIST_HEAD(formats); | 77 | static LIST_HEAD(formats); |
| @@ -1003,7 +1009,7 @@ int flush_old_exec(struct linux_binprm * bprm) | |||
| 1003 | 1009 | ||
| 1004 | bprm->mm = NULL; /* We're using it now */ | 1010 | bprm->mm = NULL; /* We're using it now */ |
| 1005 | 1011 | ||
| 1006 | current->flags &= ~PF_RANDOMIZE; | 1012 | current->flags &= ~(PF_RANDOMIZE | PF_KTHREAD); |
| 1007 | flush_thread(); | 1013 | flush_thread(); |
| 1008 | current->personality &= ~bprm->per_clear; | 1014 | current->personality &= ~bprm->per_clear; |
| 1009 | 1015 | ||
| @@ -1083,14 +1089,14 @@ EXPORT_SYMBOL(setup_new_exec); | |||
| 1083 | */ | 1089 | */ |
| 1084 | int prepare_bprm_creds(struct linux_binprm *bprm) | 1090 | int prepare_bprm_creds(struct linux_binprm *bprm) |
| 1085 | { | 1091 | { |
| 1086 | if (mutex_lock_interruptible(¤t->cred_guard_mutex)) | 1092 | if (mutex_lock_interruptible(¤t->signal->cred_guard_mutex)) |
| 1087 | return -ERESTARTNOINTR; | 1093 | return -ERESTARTNOINTR; |
| 1088 | 1094 | ||
| 1089 | bprm->cred = prepare_exec_creds(); | 1095 | bprm->cred = prepare_exec_creds(); |
| 1090 | if (likely(bprm->cred)) | 1096 | if (likely(bprm->cred)) |
| 1091 | return 0; | 1097 | return 0; |
| 1092 | 1098 | ||
| 1093 | mutex_unlock(¤t->cred_guard_mutex); | 1099 | mutex_unlock(¤t->signal->cred_guard_mutex); |
| 1094 | return -ENOMEM; | 1100 | return -ENOMEM; |
| 1095 | } | 1101 | } |
| 1096 | 1102 | ||
| @@ -1098,7 +1104,7 @@ void free_bprm(struct linux_binprm *bprm) | |||
| 1098 | { | 1104 | { |
| 1099 | free_arg_pages(bprm); | 1105 | free_arg_pages(bprm); |
| 1100 | if (bprm->cred) { | 1106 | if (bprm->cred) { |
| 1101 | mutex_unlock(¤t->cred_guard_mutex); | 1107 | mutex_unlock(¤t->signal->cred_guard_mutex); |
| 1102 | abort_creds(bprm->cred); | 1108 | abort_creds(bprm->cred); |
| 1103 | } | 1109 | } |
| 1104 | kfree(bprm); | 1110 | kfree(bprm); |
| @@ -1119,13 +1125,13 @@ void install_exec_creds(struct linux_binprm *bprm) | |||
| 1119 | * credentials; any time after this it may be unlocked. | 1125 | * credentials; any time after this it may be unlocked. |
| 1120 | */ | 1126 | */ |
| 1121 | security_bprm_committed_creds(bprm); | 1127 | security_bprm_committed_creds(bprm); |
| 1122 | mutex_unlock(¤t->cred_guard_mutex); | 1128 | mutex_unlock(¤t->signal->cred_guard_mutex); |
| 1123 | } | 1129 | } |
| 1124 | EXPORT_SYMBOL(install_exec_creds); | 1130 | EXPORT_SYMBOL(install_exec_creds); |
| 1125 | 1131 | ||
| 1126 | /* | 1132 | /* |
| 1127 | * determine how safe it is to execute the proposed program | 1133 | * determine how safe it is to execute the proposed program |
| 1128 | * - the caller must hold current->cred_guard_mutex to protect against | 1134 | * - the caller must hold ->cred_guard_mutex to protect against |
| 1129 | * PTRACE_ATTACH | 1135 | * PTRACE_ATTACH |
| 1130 | */ | 1136 | */ |
| 1131 | int check_unsafe_exec(struct linux_binprm *bprm) | 1137 | int check_unsafe_exec(struct linux_binprm *bprm) |
| @@ -1406,7 +1412,6 @@ int do_execve(const char * filename, | |||
| 1406 | if (retval < 0) | 1412 | if (retval < 0) |
| 1407 | goto out; | 1413 | goto out; |
| 1408 | 1414 | ||
| 1409 | current->flags &= ~PF_KTHREAD; | ||
| 1410 | retval = search_binary_handler(bprm,regs); | 1415 | retval = search_binary_handler(bprm,regs); |
| 1411 | if (retval < 0) | 1416 | if (retval < 0) |
| 1412 | goto out; | 1417 | goto out; |
| @@ -1459,127 +1464,148 @@ void set_binfmt(struct linux_binfmt *new) | |||
| 1459 | 1464 | ||
| 1460 | EXPORT_SYMBOL(set_binfmt); | 1465 | EXPORT_SYMBOL(set_binfmt); |
| 1461 | 1466 | ||
| 1467 | static int expand_corename(struct core_name *cn) | ||
| 1468 | { | ||
| 1469 | char *old_corename = cn->corename; | ||
| 1470 | |||
| 1471 | cn->size = CORENAME_MAX_SIZE * atomic_inc_return(&call_count); | ||
| 1472 | cn->corename = krealloc(old_corename, cn->size, GFP_KERNEL); | ||
| 1473 | |||
| 1474 | if (!cn->corename) { | ||
| 1475 | kfree(old_corename); | ||
| 1476 | return -ENOMEM; | ||
| 1477 | } | ||
| 1478 | |||
| 1479 | return 0; | ||
| 1480 | } | ||
| 1481 | |||
| 1482 | static int cn_printf(struct core_name *cn, const char *fmt, ...) | ||
| 1483 | { | ||
| 1484 | char *cur; | ||
| 1485 | int need; | ||
| 1486 | int ret; | ||
| 1487 | va_list arg; | ||
| 1488 | |||
| 1489 | va_start(arg, fmt); | ||
| 1490 | need = vsnprintf(NULL, 0, fmt, arg); | ||
| 1491 | va_end(arg); | ||
| 1492 | |||
| 1493 | if (likely(need < cn->size - cn->used - 1)) | ||
| 1494 | goto out_printf; | ||
| 1495 | |||
| 1496 | ret = expand_corename(cn); | ||
| 1497 | if (ret) | ||
| 1498 | goto expand_fail; | ||
| 1499 | |||
| 1500 | out_printf: | ||
| 1501 | cur = cn->corename + cn->used; | ||
| 1502 | va_start(arg, fmt); | ||
| 1503 | vsnprintf(cur, need + 1, fmt, arg); | ||
| 1504 | va_end(arg); | ||
| 1505 | cn->used += need; | ||
| 1506 | return 0; | ||
| 1507 | |||
| 1508 | expand_fail: | ||
| 1509 | return ret; | ||
| 1510 | } | ||
| 1511 | |||
| 1462 | /* format_corename will inspect the pattern parameter, and output a | 1512 | /* format_corename will inspect the pattern parameter, and output a |
| 1463 | * name into corename, which must have space for at least | 1513 | * name into corename, which must have space for at least |
| 1464 | * CORENAME_MAX_SIZE bytes plus one byte for the zero terminator. | 1514 | * CORENAME_MAX_SIZE bytes plus one byte for the zero terminator. |
| 1465 | */ | 1515 | */ |
| 1466 | static int format_corename(char *corename, long signr) | 1516 | static int format_corename(struct core_name *cn, long signr) |
| 1467 | { | 1517 | { |
| 1468 | const struct cred *cred = current_cred(); | 1518 | const struct cred *cred = current_cred(); |
| 1469 | const char *pat_ptr = core_pattern; | 1519 | const char *pat_ptr = core_pattern; |
| 1470 | int ispipe = (*pat_ptr == '|'); | 1520 | int ispipe = (*pat_ptr == '|'); |
| 1471 | char *out_ptr = corename; | ||
| 1472 | char *const out_end = corename + CORENAME_MAX_SIZE; | ||
| 1473 | int rc; | ||
| 1474 | int pid_in_pattern = 0; | 1521 | int pid_in_pattern = 0; |
| 1522 | int err = 0; | ||
| 1523 | |||
| 1524 | cn->size = CORENAME_MAX_SIZE * atomic_read(&call_count); | ||
| 1525 | cn->corename = kmalloc(cn->size, GFP_KERNEL); | ||
| 1526 | cn->used = 0; | ||
| 1527 | |||
| 1528 | if (!cn->corename) | ||
| 1529 | return -ENOMEM; | ||
| 1475 | 1530 | ||
| 1476 | /* Repeat as long as we have more pattern to process and more output | 1531 | /* Repeat as long as we have more pattern to process and more output |
| 1477 | space */ | 1532 | space */ |
| 1478 | while (*pat_ptr) { | 1533 | while (*pat_ptr) { |
| 1479 | if (*pat_ptr != '%') { | 1534 | if (*pat_ptr != '%') { |
| 1480 | if (out_ptr == out_end) | 1535 | if (*pat_ptr == 0) |
| 1481 | goto out; | 1536 | goto out; |
| 1482 | *out_ptr++ = *pat_ptr++; | 1537 | err = cn_printf(cn, "%c", *pat_ptr++); |
| 1483 | } else { | 1538 | } else { |
| 1484 | switch (*++pat_ptr) { | 1539 | switch (*++pat_ptr) { |
| 1540 | /* single % at the end, drop that */ | ||
| 1485 | case 0: | 1541 | case 0: |
| 1486 | goto out; | 1542 | goto out; |
| 1487 | /* Double percent, output one percent */ | 1543 | /* Double percent, output one percent */ |
| 1488 | case '%': | 1544 | case '%': |
| 1489 | if (out_ptr == out_end) | 1545 | err = cn_printf(cn, "%c", '%'); |
| 1490 | goto out; | ||
| 1491 | *out_ptr++ = '%'; | ||
| 1492 | break; | 1546 | break; |
| 1493 | /* pid */ | 1547 | /* pid */ |
| 1494 | case 'p': | 1548 | case 'p': |
| 1495 | pid_in_pattern = 1; | 1549 | pid_in_pattern = 1; |
| 1496 | rc = snprintf(out_ptr, out_end - out_ptr, | 1550 | err = cn_printf(cn, "%d", |
| 1497 | "%d", task_tgid_vnr(current)); | 1551 | task_tgid_vnr(current)); |
| 1498 | if (rc > out_end - out_ptr) | ||
| 1499 | goto out; | ||
| 1500 | out_ptr += rc; | ||
| 1501 | break; | 1552 | break; |
| 1502 | /* uid */ | 1553 | /* uid */ |
| 1503 | case 'u': | 1554 | case 'u': |
| 1504 | rc = snprintf(out_ptr, out_end - out_ptr, | 1555 | err = cn_printf(cn, "%d", cred->uid); |
| 1505 | "%d", cred->uid); | ||
| 1506 | if (rc > out_end - out_ptr) | ||
| 1507 | goto out; | ||
| 1508 | out_ptr += rc; | ||
| 1509 | break; | 1556 | break; |
| 1510 | /* gid */ | 1557 | /* gid */ |
| 1511 | case 'g': | 1558 | case 'g': |
| 1512 | rc = snprintf(out_ptr, out_end - out_ptr, | 1559 | err = cn_printf(cn, "%d", cred->gid); |
| 1513 | "%d", cred->gid); | ||
| 1514 | if (rc > out_end - out_ptr) | ||
| 1515 | goto out; | ||
| 1516 | out_ptr += rc; | ||
| 1517 | break; | 1560 | break; |
| 1518 | /* signal that caused the coredump */ | 1561 | /* signal that caused the coredump */ |
| 1519 | case 's': | 1562 | case 's': |
| 1520 | rc = snprintf(out_ptr, out_end - out_ptr, | 1563 | err = cn_printf(cn, "%ld", signr); |
| 1521 | "%ld", signr); | ||
| 1522 | if (rc > out_end - out_ptr) | ||
| 1523 | goto out; | ||
| 1524 | out_ptr += rc; | ||
| 1525 | break; | 1564 | break; |
| 1526 | /* UNIX time of coredump */ | 1565 | /* UNIX time of coredump */ |
| 1527 | case 't': { | 1566 | case 't': { |
| 1528 | struct timeval tv; | 1567 | struct timeval tv; |
| 1529 | do_gettimeofday(&tv); | 1568 | do_gettimeofday(&tv); |
| 1530 | rc = snprintf(out_ptr, out_end - out_ptr, | 1569 | err = cn_printf(cn, "%lu", tv.tv_sec); |
| 1531 | "%lu", tv.tv_sec); | ||
| 1532 | if (rc > out_end - out_ptr) | ||
| 1533 | goto out; | ||
| 1534 | out_ptr += rc; | ||
| 1535 | break; | 1570 | break; |
| 1536 | } | 1571 | } |
| 1537 | /* hostname */ | 1572 | /* hostname */ |
| 1538 | case 'h': | 1573 | case 'h': |
| 1539 | down_read(&uts_sem); | 1574 | down_read(&uts_sem); |
| 1540 | rc = snprintf(out_ptr, out_end - out_ptr, | 1575 | err = cn_printf(cn, "%s", |
| 1541 | "%s", utsname()->nodename); | 1576 | utsname()->nodename); |
| 1542 | up_read(&uts_sem); | 1577 | up_read(&uts_sem); |
| 1543 | if (rc > out_end - out_ptr) | ||
| 1544 | goto out; | ||
| 1545 | out_ptr += rc; | ||
| 1546 | break; | 1578 | break; |
| 1547 | /* executable */ | 1579 | /* executable */ |
| 1548 | case 'e': | 1580 | case 'e': |
| 1549 | rc = snprintf(out_ptr, out_end - out_ptr, | 1581 | err = cn_printf(cn, "%s", current->comm); |
| 1550 | "%s", current->comm); | ||
| 1551 | if (rc > out_end - out_ptr) | ||
| 1552 | goto out; | ||
| 1553 | out_ptr += rc; | ||
| 1554 | break; | 1582 | break; |
| 1555 | /* core limit size */ | 1583 | /* core limit size */ |
| 1556 | case 'c': | 1584 | case 'c': |
| 1557 | rc = snprintf(out_ptr, out_end - out_ptr, | 1585 | err = cn_printf(cn, "%lu", |
| 1558 | "%lu", rlimit(RLIMIT_CORE)); | 1586 | rlimit(RLIMIT_CORE)); |
| 1559 | if (rc > out_end - out_ptr) | ||
| 1560 | goto out; | ||
| 1561 | out_ptr += rc; | ||
| 1562 | break; | 1587 | break; |
| 1563 | default: | 1588 | default: |
| 1564 | break; | 1589 | break; |
| 1565 | } | 1590 | } |
| 1566 | ++pat_ptr; | 1591 | ++pat_ptr; |
| 1567 | } | 1592 | } |
| 1593 | |||
| 1594 | if (err) | ||
| 1595 | return err; | ||
| 1568 | } | 1596 | } |
| 1597 | |||
| 1569 | /* Backward compatibility with core_uses_pid: | 1598 | /* Backward compatibility with core_uses_pid: |
| 1570 | * | 1599 | * |
| 1571 | * If core_pattern does not include a %p (as is the default) | 1600 | * If core_pattern does not include a %p (as is the default) |
| 1572 | * and core_uses_pid is set, then .%pid will be appended to | 1601 | * and core_uses_pid is set, then .%pid will be appended to |
| 1573 | * the filename. Do not do this for piped commands. */ | 1602 | * the filename. Do not do this for piped commands. */ |
| 1574 | if (!ispipe && !pid_in_pattern && core_uses_pid) { | 1603 | if (!ispipe && !pid_in_pattern && core_uses_pid) { |
| 1575 | rc = snprintf(out_ptr, out_end - out_ptr, | 1604 | err = cn_printf(cn, ".%d", task_tgid_vnr(current)); |
| 1576 | ".%d", task_tgid_vnr(current)); | 1605 | if (err) |
| 1577 | if (rc > out_end - out_ptr) | 1606 | return err; |
| 1578 | goto out; | ||
| 1579 | out_ptr += rc; | ||
| 1580 | } | 1607 | } |
| 1581 | out: | 1608 | out: |
| 1582 | *out_ptr = 0; | ||
| 1583 | return ispipe; | 1609 | return ispipe; |
| 1584 | } | 1610 | } |
| 1585 | 1611 | ||
| @@ -1856,7 +1882,7 @@ static int umh_pipe_setup(struct subprocess_info *info) | |||
| 1856 | void do_coredump(long signr, int exit_code, struct pt_regs *regs) | 1882 | void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
| 1857 | { | 1883 | { |
| 1858 | struct core_state core_state; | 1884 | struct core_state core_state; |
| 1859 | char corename[CORENAME_MAX_SIZE + 1]; | 1885 | struct core_name cn; |
| 1860 | struct mm_struct *mm = current->mm; | 1886 | struct mm_struct *mm = current->mm; |
| 1861 | struct linux_binfmt * binfmt; | 1887 | struct linux_binfmt * binfmt; |
| 1862 | const struct cred *old_cred; | 1888 | const struct cred *old_cred; |
| @@ -1911,7 +1937,13 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) | |||
| 1911 | */ | 1937 | */ |
| 1912 | clear_thread_flag(TIF_SIGPENDING); | 1938 | clear_thread_flag(TIF_SIGPENDING); |
| 1913 | 1939 | ||
| 1914 | ispipe = format_corename(corename, signr); | 1940 | ispipe = format_corename(&cn, signr); |
| 1941 | |||
| 1942 | if (ispipe == -ENOMEM) { | ||
| 1943 | printk(KERN_WARNING "format_corename failed\n"); | ||
| 1944 | printk(KERN_WARNING "Aborting core\n"); | ||
| 1945 | goto fail_corename; | ||
| 1946 | } | ||
| 1915 | 1947 | ||
| 1916 | if (ispipe) { | 1948 | if (ispipe) { |
| 1917 | int dump_count; | 1949 | int dump_count; |
| @@ -1948,7 +1980,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) | |||
| 1948 | goto fail_dropcount; | 1980 | goto fail_dropcount; |
| 1949 | } | 1981 | } |
| 1950 | 1982 | ||
| 1951 | helper_argv = argv_split(GFP_KERNEL, corename+1, NULL); | 1983 | helper_argv = argv_split(GFP_KERNEL, cn.corename+1, NULL); |
| 1952 | if (!helper_argv) { | 1984 | if (!helper_argv) { |
| 1953 | printk(KERN_WARNING "%s failed to allocate memory\n", | 1985 | printk(KERN_WARNING "%s failed to allocate memory\n", |
| 1954 | __func__); | 1986 | __func__); |
| @@ -1961,7 +1993,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) | |||
| 1961 | argv_free(helper_argv); | 1993 | argv_free(helper_argv); |
| 1962 | if (retval) { | 1994 | if (retval) { |
| 1963 | printk(KERN_INFO "Core dump to %s pipe failed\n", | 1995 | printk(KERN_INFO "Core dump to %s pipe failed\n", |
| 1964 | corename); | 1996 | cn.corename); |
| 1965 | goto close_fail; | 1997 | goto close_fail; |
| 1966 | } | 1998 | } |
| 1967 | } else { | 1999 | } else { |
| @@ -1970,7 +2002,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) | |||
| 1970 | if (cprm.limit < binfmt->min_coredump) | 2002 | if (cprm.limit < binfmt->min_coredump) |
| 1971 | goto fail_unlock; | 2003 | goto fail_unlock; |
| 1972 | 2004 | ||
| 1973 | cprm.file = filp_open(corename, | 2005 | cprm.file = filp_open(cn.corename, |
| 1974 | O_CREAT | 2 | O_NOFOLLOW | O_LARGEFILE | flag, | 2006 | O_CREAT | 2 | O_NOFOLLOW | O_LARGEFILE | flag, |
| 1975 | 0600); | 2007 | 0600); |
| 1976 | if (IS_ERR(cprm.file)) | 2008 | if (IS_ERR(cprm.file)) |
| @@ -2012,6 +2044,8 @@ fail_dropcount: | |||
| 2012 | if (ispipe) | 2044 | if (ispipe) |
| 2013 | atomic_dec(&core_dump_count); | 2045 | atomic_dec(&core_dump_count); |
| 2014 | fail_unlock: | 2046 | fail_unlock: |
| 2047 | kfree(cn.corename); | ||
| 2048 | fail_corename: | ||
| 2015 | coredump_finish(mm); | 2049 | coredump_finish(mm); |
| 2016 | revert_creds(old_cred); | 2050 | revert_creds(old_cred); |
| 2017 | fail_creds: | 2051 | fail_creds: |