Home » Mailing list archives » git-commits-head » 2009 » March » 29

compat_do_execve should unshare_files

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: Linux Kernel Mailing List
Subject: compat_do_execve should unshare_files
Date: Saturday, March 28, 2009 - 5:59 pm

Gitweb:     http://git.kernel.org/linus/53e9309e01277ec99c38e84e0ca16921287cf470
Commit:     53e9309e01277ec99c38e84e0ca16921287cf470
Parent:     07d43ba98621f08e252a48c96b258b4d572b0257
Author:     Hugh Dickins <hugh@veritas.com>
AuthorDate: Sat Mar 28 23:16:03 2009 +0000
Committer:  Linus Torvalds <torvalds@linux-foundation.org>
CommitDate: Sat Mar 28 17:30:00 2009 -0700

    compat_do_execve should unshare_files
    
    2.6.26's commit fd8328be874f4190a811c58cd4778ec2c74d2c05
    "sanitize handling of shared descriptor tables in failing execve()"
    moved the unshare_files() from flush_old_exec() and several binfmts
    to the head of do_execve(); but forgot to make the same change to
    compat_do_execve(), leaving a CLONE_FILES files_struct shared across
    exec from a 32-bit process on a 64-bit kernel.
    
    It's arguable whether the files_struct really ought to be unshared
    across exec; but 2.6.1 made that so to stop the loading binary's fd
    leaking into other threads, and a 32-bit process on a 64-bit kernel
    ought to behave in the same way as 32 on 32 and 64 on 64.
    
    Signed-off-by: Hugh Dickins <hugh@veritas.com>
    Cc: stable@kernel.org
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
---
 fs/compat.c |   12 +++++++++++-
 1 files changed, 11 insertions(+), 1 deletions(-)

diff --git a/fs/compat.c b/fs/compat.c
index 5e374aa..b543363 100644
--- a/fs/compat.c
+++ b/fs/compat.c
@@ -1420,12 +1420,17 @@ int compat_do_execve(char * filename,
 {
 	struct linux_binprm *bprm;
 	struct file *file;
+	struct files_struct *displaced;
 	int retval;
 
+	retval = unshare_files(&displaced);
+	if (retval)
+		goto out_ret;
+
 	retval = -ENOMEM;
 	bprm = kzalloc(sizeof(*bprm), GFP_KERNEL);
 	if (!bprm)
-		goto out_ret;
+		goto out_files;
 
 	retval = mutex_lock_interruptible(&current->cred_exec_mutex);
 	if (retval < 0)
@@ -1487,6 +1492,8 @@ int compat_do_execve(char * filename,
 	mutex_unlock(&current->cred_exec_mutex);
 	acct_update_integrals(current);
 	free_bprm(bprm);
+	if (displaced)
+		put_files_struct(displaced);
 	return retval;
 
 out:
@@ -1506,6 +1513,9 @@ out_unlock:
 out_free:
 	free_bprm(bprm);
 
+out_files:
+	if (displaced)
+		reset_files_struct(displaced);
 out_ret:
 	return retval;
 }
--
To unsubscribe from this list: send the line "unsubscribe git-commits-head" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
compat_do_execve should unshare_files, Linux Kernel Mailing ..., (Sat Mar 28, 5:59 pm)