Commit 7fc03505 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'execve-v6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux 

Pull execve updates from Kees Cook:
 "Most are small refactorings and bug fixes, but three things stand out:
  switching timens (which got reverted before) looks solid now,
  FOLL_FORCE has been removed (no failures seen yet across several weeks
  in -next), and some whitespace cleanups (which are long overdue).

   - Add timens support (when switching mm). This version has survived
     in -next for the entire cycle (Andrei Vagin)

   - Various small bug fixes, refactoring, and readability improvements
     (Bernd Edlinger, Rolf Eike Beer, Bo Liu, Li Zetao Liu Shixin)

   - Remove FOLL_FORCE for stack setup (Kees Cook)

   - Whitespace cleanups (Rolf Eike Beer, Kees Cook)"

* tag 'execve-v6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
  binfmt_misc: fix shift-out-of-bounds in check_special_flags
  binfmt: Fix error return code in load_elf_fdpic_binary()
  exec: Remove FOLL_FORCE for stack setup
  binfmt_elf: replace IS_ERR() with IS_ERR_VALUE()
  binfmt_elf: simplify error handling in load_elf_phdrs()
  binfmt_elf: fix documented return value for load_elf_phdrs()
  exec: simplify initial stack size expansion
  binfmt: Fix whitespace issues
  exec: Add comments on check_unsafe_exec() fs counting
  ELF uapi: add spaces before '{'
  selftests/timens: add a test for vfork+exit
  fs/exec: switch timens when a task gets a new mm
parents 667161ba 6a46bf55

fs/binfmt_elf.c

+13 −19
Original line number Diff line number Diff line
@@ -456,13 +456,13 @@ static unsigned long maximum_alignment(struct elf_phdr *cmds, int nr) 
 *

 * Loads ELF program headers from the binary file elf_file, which has the ELF

 * header pointed to by elf_ex, into a newly allocated array. The caller is

 * responsible for freeing the allocated data. Returns an ERR_PTR upon failure.

 * responsible for freeing the allocated data. Returns NULL upon failure.

 */

static struct elf_phdr *load_elf_phdrs(const struct elfhdr *elf_ex,

				       struct file *elf_file)

{

	struct elf_phdr *elf_phdata = NULL;

	int retval, err = -1;

	int retval = -1;

	unsigned int size;



	/*
@@ -484,15 +484,9 @@ static struct elf_phdr *load_elf_phdrs(const struct elfhdr *elf_ex, 


	/* Read in the program headers */

	retval = elf_read(elf_file, elf_phdata, size, elf_ex->e_phoff);

	if (retval < 0) {

		err = retval;

		goto out;

	}



	/* Success! */

	err = 0;

out:

	if (err) {

	if (retval) {

		kfree(elf_phdata);

		elf_phdata = NULL;

	}
@@ -1166,7 +1160,7 @@ static int load_elf_binary(struct linux_binprm *bprm) 
		error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt,

				elf_prot, elf_flags, total_size);

		if (BAD_ADDR(error)) {

			retval = IS_ERR((void *)error) ?

			retval = IS_ERR_VALUE(error) ?

				PTR_ERR((void*)error) : -EINVAL;

			goto out_free_dentry;

		}
@@ -1251,7 +1245,7 @@ static int load_elf_binary(struct linux_binprm *bprm) 
					    interpreter,

					    load_bias, interp_elf_phdata,

					    &arch_state);

		if (!IS_ERR((void *)elf_entry)) {

		if (!IS_ERR_VALUE(elf_entry)) {

			/*

			 * load_elf_interp() returns relocation

			 * adjustment
@@ -1260,7 +1254,7 @@ static int load_elf_binary(struct linux_binprm *bprm) 
			elf_entry += interp_elf_ex->e_entry;

		}

		if (BAD_ADDR(elf_entry)) {

			retval = IS_ERR((void *)elf_entry) ?

			retval = IS_ERR_VALUE(elf_entry) ?

					(int)elf_entry : -EINVAL;

			goto out_free_dentry;

		}

fs/binfmt_elf_fdpic.c

+4 −3
Original line number Diff line number Diff line
@@ -434,8 +434,9 @@ static int load_elf_fdpic_binary(struct linux_binprm *bprm) 
	current->mm->start_stack = current->mm->start_brk + stack_size;

#endif



	if (create_elf_fdpic_tables(bprm, current->mm,

				    &exec_params, &interp_params) < 0)

	retval = create_elf_fdpic_tables(bprm, current->mm, &exec_params,

					 &interp_params);

	if (retval < 0)

		goto error;



	kdebug("- start_code  %lx", current->mm->start_code);

fs/binfmt_misc.c

+4 −4
Original line number Diff line number Diff line
@@ -44,10 +44,10 @@ static LIST_HEAD(entries); 
static int enabled = 1;



enum {Enabled, Magic};

#define MISC_FMT_PRESERVE_ARGV0 (1 << 31)

#define MISC_FMT_OPEN_BINARY (1 << 30)

#define MISC_FMT_CREDENTIALS (1 << 29)

#define MISC_FMT_OPEN_FILE (1 << 28)

#define MISC_FMT_PRESERVE_ARGV0 (1UL << 31)

#define MISC_FMT_OPEN_BINARY (1UL << 30)

#define MISC_FMT_CREDENTIALS (1UL << 29)

#define MISC_FMT_OPEN_FILE (1UL << 28)



typedef struct {

	struct list_head list;

fs/exec.c

+24 −10
Original line number Diff line number Diff line
@@ -64,6 +64,7 @@ 
#include <linux/io_uring.h>

#include <linux/syscall_user_dispatch.h>

#include <linux/coredump.h>

#include <linux/time_namespace.h>



#include <linux/uaccess.h>

#include <asm/mmu_context.h>
@@ -199,7 +200,7 @@ static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, 
{

	struct page *page;

	int ret;

	unsigned int gup_flags = FOLL_FORCE;

	unsigned int gup_flags = 0;



#ifdef CONFIG_STACK_GROWSUP

	if (write) {
@@ -842,16 +843,13 @@ int setup_arg_pages(struct linux_binprm *bprm, 
	 * will align it up.

	 */

	rlim_stack = bprm->rlim_stack.rlim_cur & PAGE_MASK;



	stack_expand = min(rlim_stack, stack_size + stack_expand);



#ifdef CONFIG_STACK_GROWSUP

	if (stack_size + stack_expand > rlim_stack)

		stack_base = vma->vm_start + rlim_stack;

	else

		stack_base = vma->vm_end + stack_expand;

	stack_base = vma->vm_start + stack_expand;

#else

	if (stack_size + stack_expand > rlim_stack)

		stack_base = vma->vm_end - rlim_stack;

	else

		stack_base = vma->vm_start - stack_expand;

	stack_base = vma->vm_end - stack_expand;

#endif

	current->mm->start_stack = bprm->p;

	ret = expand_stack(vma, stack_base);
@@ -1297,6 +1295,10 @@ int begin_new_exec(struct linux_binprm * bprm) 


	bprm->mm = NULL;



	retval = exec_task_namespaces();

	if (retval)

		goto out_unlock;



#ifdef CONFIG_POSIX_TIMERS

	spin_lock_irq(&me->sighand->siglock);

	posix_cpu_timers_exit(me);
@@ -1568,6 +1570,12 @@ static void check_unsafe_exec(struct linux_binprm *bprm) 
	if (task_no_new_privs(current))

		bprm->unsafe |= LSM_UNSAFE_NO_NEW_PRIVS;



	/*

	 * If another task is sharing our fs, we cannot safely

	 * suid exec because the differently privileged task

	 * will be able to manipulate the current directory, etc.

	 * It would be nice to force an unshare instead...

	 */

	t = p;

	n_fs = 1;

	spin_lock(&p->fs->lock);
@@ -1748,6 +1756,7 @@ static int search_binary_handler(struct linux_binprm *bprm) 
	return retval;

}



/* binfmt handlers will call back into begin_new_exec() on success. */

static int exec_binprm(struct linux_binprm *bprm)

{

	pid_t old_pid, old_vpid;
@@ -1806,6 +1815,11 @@ static int bprm_execve(struct linux_binprm *bprm, 
	if (retval)

		return retval;



	/*

	 * Check for unsafe execution states before exec_binprm(), which

	 * will call back into begin_new_exec(), into bprm_creds_from_file(),

	 * where setuid-ness is evaluated.

	 */

	check_unsafe_exec(bprm);

	current->in_execve = 1;

include/linux/nsproxy.h

+1 −0
Original line number Diff line number Diff line
@@ -94,6 +94,7 @@ static inline struct cred *nsset_cred(struct nsset *set) 
int copy_namespaces(unsigned long flags, struct task_struct *tsk);

void exit_task_namespaces(struct task_struct *tsk);

void switch_task_namespaces(struct task_struct *tsk, struct nsproxy *new);

int exec_task_namespaces(void);

void free_nsproxy(struct nsproxy *ns);

int unshare_nsproxy_namespaces(unsigned long, struct nsproxy **,

	struct cred *, struct fs_struct *);