Lines Matching refs:bprm
78 static int bprm_creds_from_file(struct linux_binprm *bprm);
184 * The nascent bprm->mm is not visible until exec_mmap() but it can
189 static void acct_arg_size(struct linux_binprm *bprm, unsigned long pages)
192 long diff = (long)(pages - bprm->vma_pages);
197 bprm->vma_pages = pages;
201 static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos,
210 ret = expand_downwards(bprm->vma, pos);
221 * doing the exec and bprm->mm is the new process's mm.
223 ret = get_user_pages_remote(bprm->mm, pos, 1, gup_flags,
229 acct_arg_size(bprm, vma_pages(bprm->vma));
239 static void free_arg_pages(struct linux_binprm *bprm)
243 static void flush_arg_page(struct linux_binprm *bprm, unsigned long pos,
246 flush_cache_page(bprm->vma, pos, page_to_pfn(page));
249 static int __bprm_mm_init(struct linux_binprm *bprm)
253 struct mm_struct *mm = bprm->mm;
255 bprm->vma = vma = vm_area_alloc(mm);
283 bprm->p = vma->vm_end - sizeof(void *);
288 bprm->vma = NULL;
293 static bool valid_arg_len(struct linux_binprm *bprm, long len)
300 static inline void acct_arg_size(struct linux_binprm *bprm, unsigned long pages)
304 static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos,
309 page = bprm->page[pos / PAGE_SIZE];
314 bprm->page[pos / PAGE_SIZE] = page;
324 static void free_arg_page(struct linux_binprm *bprm, int i)
326 if (bprm->page[i]) {
327 __free_page(bprm->page[i]);
328 bprm->page[i] = NULL;
332 static void free_arg_pages(struct linux_binprm *bprm)
337 free_arg_page(bprm, i);
340 static void flush_arg_page(struct linux_binprm *bprm, unsigned long pos,
345 static int __bprm_mm_init(struct linux_binprm *bprm)
347 bprm->p = PAGE_SIZE * MAX_ARG_PAGES - sizeof(void *);
351 static bool valid_arg_len(struct linux_binprm *bprm, long len)
353 return len <= bprm->p;
364 static int bprm_mm_init(struct linux_binprm *bprm)
369 bprm->mm = mm = mm_alloc();
376 bprm->rlim_stack = current->signal->rlim[RLIMIT_STACK];
379 err = __bprm_mm_init(bprm);
387 bprm->mm = NULL;
473 static int bprm_stack_limits(struct linux_binprm *bprm)
486 limit = min(limit, bprm->rlim_stack.rlim_cur / 4);
505 ptr_size = (max(bprm->argc, 1) + bprm->envc) * sizeof(void *);
510 bprm->argmin = bprm->p - limit;
520 struct linux_binprm *bprm)
542 if (!valid_arg_len(bprm, len))
546 pos = bprm->p;
548 bprm->p -= len;
550 if (bprm->p < bprm->argmin)
579 page = get_arg_page(bprm, pos, 1);
593 flush_arg_page(bprm, kpos, kmapped_page);
614 int copy_string_kernel(const char *arg, struct linux_binprm *bprm)
617 unsigned long pos = bprm->p;
621 if (!valid_arg_len(bprm, len))
626 bprm->p -= len;
627 if (IS_ENABLED(CONFIG_MMU) && bprm->p < bprm->argmin)
640 page = get_arg_page(bprm, pos, 1);
644 flush_arg_page(bprm, pos & PAGE_MASK, page);
656 struct linux_binprm *bprm)
659 int ret = copy_string_kernel(argv[argc], bprm);
748 int setup_arg_pages(struct linux_binprm *bprm,
755 struct vm_area_struct *vma = bprm->vma;
765 stack_base = bprm->rlim_stack.rlim_max;
779 mm->arg_start = bprm->p - stack_shift;
780 bprm->p = vma->vm_end - stack_shift;
791 bprm->p -= stack_shift;
792 mm->arg_start = bprm->p;
795 if (bprm->loader)
796 bprm->loader -= stack_shift;
797 bprm->exec -= stack_shift;
824 bprm->file);
843 rlim_stack = bprm->rlim_stack.rlim_cur & PAGE_MASK;
855 current->mm->start_stack = bprm->p;
872 int transfer_args_to_stack(struct linux_binprm *bprm,
878 stop = bprm->p >> PAGE_SHIFT;
882 unsigned int offset = index == stop ? bprm->p & ~PAGE_MASK : 0;
883 char *src = kmap(bprm->page[index]) + offset;
887 kunmap(bprm->page[index]);
1245 int begin_new_exec(struct linux_binprm * bprm)
1252 retval = bprm_creds_from_file(bprm);
1259 bprm->point_of_no_return = true;
1276 * Must be called _before_ exec_mmap() as bprm->mm is
1280 set_mm_exe_file(bprm->mm, bprm->file);
1283 would_dump(bprm, bprm->file);
1284 if (bprm->have_execfd)
1285 would_dump(bprm, bprm->executable);
1290 acct_arg_size(bprm, 0);
1291 retval = exec_mmap(bprm->mm);
1295 bprm->mm = NULL;
1321 me->personality &= ~bprm->per_clear;
1331 if (bprm->secureexec) {
1342 if (bprm->rlim_stack.rlim_cur > _STK_LIM)
1343 bprm->rlim_stack.rlim_cur = _STK_LIM;
1351 * bprm->secureexec instead.
1353 if (bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP ||
1361 __set_task_comm(me, kbasename(bprm->filename), true);
1371 security_bprm_committing_creds(bprm);
1373 commit_creds(bprm->cred);
1374 bprm->cred = NULL;
1389 security_bprm_committed_creds(bprm);
1392 if (bprm->have_execfd) {
1396 fd_install(retval, bprm->executable);
1397 bprm->executable = NULL;
1398 bprm->execfd = retval;
1404 if (!bprm->cred)
1412 void would_dump(struct linux_binprm *bprm, struct file *file)
1417 bprm->interp_flags |= BINPRM_FLAGS_ENFORCE_NONDUMP;
1420 user_ns = old = bprm->mm->user_ns;
1426 bprm->mm->user_ns = get_user_ns(user_ns);
1433 void setup_new_exec(struct linux_binprm * bprm)
1438 arch_pick_mmap_layout(me->mm, &bprm->rlim_stack);
1453 void finalize_exec(struct linux_binprm *bprm)
1457 current->signal->rlim[RLIMIT_STACK] = bprm->rlim_stack;
1468 static int prepare_bprm_creds(struct linux_binprm *bprm)
1473 bprm->cred = prepare_exec_creds();
1474 if (likely(bprm->cred))
1481 static void free_bprm(struct linux_binprm *bprm)
1483 if (bprm->mm) {
1484 acct_arg_size(bprm, 0);
1485 mmput(bprm->mm);
1487 free_arg_pages(bprm);
1488 if (bprm->cred) {
1490 abort_creds(bprm->cred);
1492 if (bprm->file) {
1493 allow_write_access(bprm->file);
1494 fput(bprm->file);
1496 if (bprm->executable)
1497 fput(bprm->executable);
1499 if (bprm->interp != bprm->filename)
1500 kfree(bprm->interp);
1501 kfree(bprm->fdpath);
1502 kfree(bprm);
1507 struct linux_binprm *bprm = kzalloc(sizeof(*bprm), GFP_KERNEL);
1509 if (!bprm)
1513 bprm->filename = filename->name;
1516 bprm->fdpath = kasprintf(GFP_KERNEL, "/dev/fd/%d", fd);
1518 bprm->fdpath = kasprintf(GFP_KERNEL, "/dev/fd/%d/%s",
1520 if (!bprm->fdpath)
1523 bprm->filename = bprm->fdpath;
1525 bprm->interp = bprm->filename;
1527 retval = bprm_mm_init(bprm);
1530 return bprm;
1533 free_bprm(bprm);
1538 int bprm_change_interp(const char *interp, struct linux_binprm *bprm)
1541 if (bprm->interp != bprm->filename)
1542 kfree(bprm->interp);
1543 bprm->interp = kstrdup(interp, GFP_KERNEL);
1544 if (!bprm->interp)
1555 static void check_unsafe_exec(struct linux_binprm *bprm)
1561 bprm->unsafe |= LSM_UNSAFE_PTRACE;
1568 bprm->unsafe |= LSM_UNSAFE_NO_NEW_PRIVS;
1581 bprm->unsafe |= LSM_UNSAFE_SHARE;
1587 static void bprm_fill_uid(struct linux_binprm *bprm, struct file *file)
1622 if (!kuid_has_mapping(bprm->cred->user_ns, uid) ||
1623 !kgid_has_mapping(bprm->cred->user_ns, gid))
1627 bprm->per_clear |= PER_CLEAR_ON_SETID;
1628 bprm->cred->euid = uid;
1632 bprm->per_clear |= PER_CLEAR_ON_SETID;
1633 bprm->cred->egid = gid;
1640 static int bprm_creds_from_file(struct linux_binprm *bprm)
1643 struct file *file = bprm->execfd_creds ? bprm->executable : bprm->file;
1645 bprm_fill_uid(bprm, file);
1646 return security_bprm_creds_from_file(bprm, file);
1655 static int prepare_binprm(struct linux_binprm *bprm)
1659 memset(bprm->buf, 0, BINPRM_BUF_SIZE);
1660 return kernel_read(bprm->file, bprm->buf, BINPRM_BUF_SIZE, &pos);
1664 * Arguments are '\0' separated strings found at the location bprm->p
1668 int remove_arg_zero(struct linux_binprm *bprm)
1675 if (!bprm->argc)
1679 offset = bprm->p & ~PAGE_MASK;
1680 page = get_arg_page(bprm, bprm->p, 0);
1688 offset++, bprm->p++)
1695 bprm->p++;
1696 bprm->argc--;
1708 static int search_binary_handler(struct linux_binprm *bprm)
1714 retval = prepare_binprm(bprm);
1718 retval = security_bprm_check(bprm);
1730 retval = fmt->load_binary(bprm);
1734 if (bprm->point_of_no_return || (retval != -ENOEXEC)) {
1742 if (printable(bprm->buf[0]) && printable(bprm->buf[1]) &&
1743 printable(bprm->buf[2]) && printable(bprm->buf[3]))
1745 if (request_module("binfmt-%04x", *(ushort *)(bprm->buf + 2)) < 0)
1754 static int exec_binprm(struct linux_binprm *bprm)
1771 ret = search_binary_handler(bprm);
1774 if (!bprm->interpreter)
1777 exec = bprm->file;
1778 bprm->file = bprm->interpreter;
1779 bprm->interpreter = NULL;
1782 if (unlikely(bprm->have_execfd)) {
1783 if (bprm->executable) {
1787 bprm->executable = exec;
1792 audit_bprm(bprm);
1793 trace_sched_process_exec(current, old_pid, bprm);
1802 static int bprm_execve(struct linux_binprm *bprm,
1813 retval = prepare_bprm_creds(bprm);
1817 check_unsafe_exec(bprm);
1827 bprm->file = file;
1837 if (bprm->fdpath && get_close_on_exec(fd))
1838 bprm->interp_flags |= BINPRM_FLAGS_PATH_INACCESSIBLE;
1840 /* Set the unchanging part of bprm->cred */
1841 retval = security_bprm_creds_for_exec(bprm);
1845 retval = exec_binprm(bprm);
1865 if (bprm->point_of_no_return && !fatal_signal_pending(current))
1880 struct linux_binprm *bprm;
1902 bprm = alloc_bprm(fd, filename);
1903 if (IS_ERR(bprm)) {
1904 retval = PTR_ERR(bprm);
1911 current->comm, bprm->filename);
1914 bprm->argc = retval;
1919 bprm->envc = retval;
1921 retval = bprm_stack_limits(bprm);
1925 retval = copy_string_kernel(bprm->filename, bprm);
1928 bprm->exec = bprm->p;
1930 retval = copy_strings(bprm->envc, envp, bprm);
1934 retval = copy_strings(bprm->argc, argv, bprm);
1944 if (bprm->argc == 0) {
1945 retval = copy_string_kernel("", bprm);
1948 bprm->argc = 1;
1951 retval = bprm_execve(bprm, fd, filename, flags);
1953 free_bprm(bprm);
1964 struct linux_binprm *bprm;
1972 bprm = alloc_bprm(fd, filename);
1973 if (IS_ERR(bprm)) {
1974 retval = PTR_ERR(bprm);
1983 bprm->argc = retval;
1988 bprm->envc = retval;
1990 retval = bprm_stack_limits(bprm);
1994 retval = copy_string_kernel(bprm->filename, bprm);
1997 bprm->exec = bprm->p;
1999 retval = copy_strings_kernel(bprm->envc, envp, bprm);
2003 retval = copy_strings_kernel(bprm->argc, argv, bprm);
2007 retval = bprm_execve(bprm, fd, filename, 0);
2009 free_bprm(bprm);