diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2020-07-21 08:25:22 -0500 |
|---|---|---|
| committer | Eric W. Biederman <ebiederm@xmission.com> | 2020-07-21 08:26:44 -0500 |
| commit | 7fce69dff8db30cb93aace0bbebda09972027af7 (patch) | |
| tree | be0f257b8da82e9e2eb9bdaa2574a48221e7b516 /include | |
| parent | f06b71fe4d4cd0a4ad7e183b777564f696f6bb36 (diff) | |
| parent | be619f7f063a49c656f620a46af4f8ea3e759e91 (diff) | |
Implement kernel_execve
This set of changes implements kernel_execve to remove the need for
kernel threads to pass in pointers to in-kernel data structures
to functions that take __user pointers. Which is part of the
greater removal of set_fs work.
This set of changes makes do_execve static and so I have updated the
comments. This affects the comments in the x86 entry point code
and the comments in tomoyo. I believe I have updated them correctly.
If not please let me know.
I have moved the calls of copy_strings before the call of
security_bprm_creds_for_exec. Which might be of interest to the
security folks. I can't see that it matters but I have copied the
security folks just to be certain.
By moving the initialization of the new stack that copy_strings does
earlier it becomes possible to copy all of the parameters to exec before
anything else is done which makes it possible to have one function
kernel_execve that uncondtionally handles copying parameters from kernel
space, and another function do_execveat_common which handles copying
parameters from userspace.
This work was inspired by Christoph Hellwig's similar patchset, which my
earlier work to remove the file parameter to do_execveat_common
conflicted with.
https://lore.kernel.org/linux-fsdevel/20200627072704.2447163-1-hch@lst.de/
I figured that after causing all of that trouble for the set_fs work
the least I could do is implement the change myself.
The big practical change from Christoph's work is that he did not
separate out the copying of parameters from the rest of the work of
exec, which did not help the maintainability of the code.
Eric W. Biederman (7):
exec: Remove unnecessary spaces from binfmts.h
exec: Factor out alloc_bprm
exec: Move initialization of bprm->filename into alloc_bprm
exec: Move bprm_mm_init into alloc_bprm
exec: Factor bprm_execve out of do_execve_common
exec: Factor bprm_stack_limits out of prepare_arg_pages
exec: Implement kernel_execve
arch/x86/entry/entry_32.S | 2 +-
arch/x86/entry/entry_64.S | 2 +-
arch/x86/kernel/unwind_frame.c | 2 +-
fs/exec.c | 301 ++++++++++++++++++++++++++++-------------
include/linux/binfmts.h | 20 ++-
init/main.c | 4 +-
kernel/umh.c | 6 +-
security/tomoyo/common.h | 2 +-
security/tomoyo/domain.c | 4 +-
security/tomoyo/tomoyo.c | 4 +-
10 files changed, 224 insertions(+), 123 deletions(-)
Acked-by: Linus Torvalds <torvalds@linux-foundation.org>
Link: https://lkml.kernel.org/r/871rle8bw2.fsf@x220.int.ebiederm.org
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Diffstat (limited to 'include')
| -rw-r--r-- | include/linux/binfmts.h | 20 |
1 files changed, 8 insertions, 12 deletions
diff --git a/include/linux/binfmts.h b/include/linux/binfmts.h index 7c27d7b57871..0571701ab1c5 100644 --- a/include/linux/binfmts.h +++ b/include/linux/binfmts.h @@ -45,17 +45,18 @@ struct linux_binprm { #ifdef __alpha__ unsigned int taso:1; #endif - struct file * executable; /* Executable to pass to the interpreter */ - struct file * interpreter; - struct file * file; + struct file *executable; /* Executable to pass to the interpreter */ + struct file *interpreter; + struct file *file; struct cred *cred; /* new credentials */ int unsafe; /* how unsafe this exec is (mask of LSM_UNSAFE_*) */ unsigned int per_clear; /* bits to clear in current->personality */ int argc, envc; - const char * filename; /* Name of binary as seen by procps */ - const char * interp; /* Name of the binary really executed. Most + const char *filename; /* Name of binary as seen by procps */ + const char *interp; /* Name of the binary really executed. Most of the time same as filename, but could be different for binfmt_{misc,script} */ + const char *fdpath; /* generated filename for execveat */ unsigned interp_flags; int execfd; /* File descriptor of the executable */ unsigned long loader, exec; @@ -134,12 +135,7 @@ int copy_string_kernel(const char *arg, struct linux_binprm *bprm); extern void set_binfmt(struct linux_binfmt *new); extern ssize_t read_code(struct file *, unsigned long, loff_t, size_t); -extern int do_execve(struct filename *, - const char __user * const __user *, - const char __user * const __user *); -extern int do_execveat(int, struct filename *, - const char __user * const __user *, - const char __user * const __user *, - int); +int kernel_execve(const char *filename, + const char *const *argv, const char *const *envp); #endif /* _LINUX_BINFMTS_H */ |