From: Olivier Dion <olivier.dion@polymtl.ca>
To: qemu-devel@nongnu.org
Cc: Olivier Dion <olivier.dion@polymtl.ca>, john.ogness@linutronix.de
Subject: [Qemu-devel] [PATCH v2 1/1] Handle /proc/self/exe in syscall execve
Date: Mon, 16 Sep 2019 11:55:45 -0400 [thread overview]
Message-ID: <20190916155545.29928-2-olivier.dion@polymtl.ca> (raw)
In-Reply-To: <20190916155545.29928-1-olivier.dion@polymtl.ca>
If not handled, QEMU will execve itself instead of the emulated
process. The function do_openat already solves the /proc/self/exe
problem, so we can use it to get the executable file descriptor. We
then make a safe call to execveat.
Note that safe_execve has been replaced by safe_execveat, since the
former is now useless.
Signed-off-by: Olivier Dion <olivier.dion@polymtl.ca>
---
linux-user/syscall.c | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index e2af3c1494..68340bcb67 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -736,7 +736,7 @@ safe_syscall4(pid_t, wait4, pid_t, pid, int *, status, int, options, \
struct rusage *, rusage)
safe_syscall5(int, waitid, idtype_t, idtype, id_t, id, siginfo_t *, infop, \
int, options, struct rusage *, rusage)
-safe_syscall3(int, execve, const char *, filename, char **, argv, char **, envp)
+safe_syscall5(int, execveat, int, dirfd, const char *, pathname, char **, argv, char **, envp, int, flags)
safe_syscall6(int, pselect6, int, nfds, fd_set *, readfds, fd_set *, writefds, \
fd_set *, exceptfds, struct timespec *, timeout, void *, sig)
safe_syscall5(int, ppoll, struct pollfd *, ufds, unsigned int, nfds,
@@ -7507,8 +7507,18 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1,
* before the execve completes and makes it the other
* program's problem.
*/
- ret = get_errno(safe_execve(p, argp, envp));
- unlock_user(p, arg1, 0);
+ {
+ int execfd = get_errno(do_openat(cpu_env, AT_FDCWD, p, O_PATH, 0));
+ unlock_user(p, arg1, 0);
+ if (is_error(execfd)) {
+ ret = execfd;
+ goto execve_end;
+ }
+ ret = get_errno(safe_execveat(execfd, "",
+ argp, envp,
+ AT_EMPTY_PATH));
+ close(execfd);
+ }
goto execve_end;
--
2.23.0
next prev parent reply other threads:[~2019-09-16 16:35 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-07 13:54 [Qemu-devel] [PATCH 0/1] Handle /proc/self/exe in execve dion
2019-08-07 13:54 ` [Qemu-devel] [PATCH 1/1] linux-user: Handle /proc/self/exe in syscall execve dion
2019-08-23 16:58 ` Laurent Vivier
2019-09-02 17:36 ` Olivier Dion
2019-09-02 19:02 ` Laurent Vivier
2019-09-16 15:55 ` [Qemu-devel] [PATCH v2 0/1] Handle /proc/self/exe in execve Olivier Dion
2019-09-16 15:55 ` Olivier Dion [this message]
2019-09-16 16:55 ` no-reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190916155545.29928-2-olivier.dion@polymtl.ca \
--to=olivier.dion@polymtl.ca \
--cc=john.ogness@linutronix.de \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).