summaryrefslogtreecommitdiff
path: root/include/linux/binfmts.h
diff options
context:
space:
mode:
Diffstat (limited to 'include/linux/binfmts.h')
-rw-r--r--include/linux/binfmts.h24
1 files changed, 19 insertions, 5 deletions
diff --git a/include/linux/binfmts.h b/include/linux/binfmts.h
index 3ae9013eeaaa..fb44d6180ca0 100644
--- a/include/linux/binfmts.h
+++ b/include/linux/binfmts.h
@@ -25,11 +25,25 @@ struct linux_binprm {
struct mm_struct *mm;
unsigned long p; /* current top of mem */
unsigned int
- cred_prepared:1,/* true if creds already prepared (multiple
- * preps happen for interpreters) */
- cap_effective:1;/* true if has elevated effective capabilities,
- * false if not; except for init which inherits
- * its parent's caps anyway */
+ /*
+ * True after the bprm_set_creds hook has been called once
+ * (multiple calls can be made via prepare_binprm() for
+ * binfmt_script/misc).
+ */
+ called_set_creds:1,
+ /*
+ * True if most recent call to the commoncaps bprm_set_creds
+ * hook (due to multiple prepare_binprm() calls from the
+ * binfmt_script/misc handlers) resulted in elevated
+ * privileges.
+ */
+ cap_elevated:1,
+ /*
+ * Set by bprm_set_creds hook to indicate a privilege-gaining
+ * exec has happened. Used to sanitize execution environment
+ * and to set AT_SECURE auxv for glibc.
+ */
+ secureexec:1;
#ifdef __alpha__
unsigned int taso:1;
#endif