From: Stephen Rothwell <sfr@canb.auug.org.au>
To: Eric Paris <eparis@redhat.com>
Cc: linux-next@vger.kernel.org, linux-kernel@vger.kernel.org,
Richard Guy Briggs <rgb@redhat.com>
Subject: linux-next: manual merge of the audit tree with Linus' tree
Date: Wed, 6 Nov 2013 17:19:50 +1100 [thread overview]
Message-ID: <20131106171950.9a0823c8207fc897d387d612@canb.auug.org.au> (raw)
[-- Attachment #1: Type: text/plain, Size: 4129 bytes --]
Hi Eric,
Today's linux-next merge of the audit tree got a conflict in fs/exec.c
between commit(s) from Linus' tree and commit 9410d228a4cf ("audit: call
audit_bprm() only once to add AUDIT_EXECVE information") from the audit
tree.
I fixed it up (using the supplied resolution - thanks - see below) and can
carry the fix as necessary (no action is required).
--
Cheers,
Stephen Rothwell sfr@canb.auug.org.au
diff --cc fs/exec.c
index 8875dd10ae7a,c5c24f2fc44a..000000000000
--- a/fs/exec.c
+++ b/fs/exec.c
@@@ -1385,71 -1383,72 +1385,68 @@@ int search_binary_handler(struct linux_
if (retval)
return retval;
- retval = audit_bprm(bprm);
- if (retval)
- return retval;
-
+ retval = -ENOENT;
+ retry:
+ read_lock(&binfmt_lock);
+ list_for_each_entry(fmt, &formats, lh) {
+ if (!try_module_get(fmt->module))
+ continue;
+ read_unlock(&binfmt_lock);
+ bprm->recursion_depth++;
+ retval = fmt->load_binary(bprm);
+ bprm->recursion_depth--;
+ if (retval >= 0 || retval != -ENOEXEC ||
+ bprm->mm == NULL || bprm->file == NULL) {
+ put_binfmt(fmt);
+ return retval;
+ }
+ read_lock(&binfmt_lock);
+ put_binfmt(fmt);
+ }
+ read_unlock(&binfmt_lock);
+
+ if (need_retry && retval == -ENOEXEC) {
+ if (printable(bprm->buf[0]) && printable(bprm->buf[1]) &&
+ printable(bprm->buf[2]) && printable(bprm->buf[3]))
+ return retval;
+ if (request_module("binfmt-%04x", *(ushort *)(bprm->buf + 2)) < 0)
+ return retval;
+ need_retry = false;
+ goto retry;
+ }
+
+ return retval;
+}
+EXPORT_SYMBOL(search_binary_handler);
+
+static int exec_binprm(struct linux_binprm *bprm)
+{
+ pid_t old_pid, old_vpid;
+ int ret;
+
/* Need to fetch pid before load_binary changes it */
old_pid = current->pid;
rcu_read_lock();
old_vpid = task_pid_nr_ns(current, task_active_pid_ns(current->parent));
rcu_read_unlock();
- retval = -ENOENT;
- for (try=0; try<2; try++) {
- read_lock(&binfmt_lock);
- list_for_each_entry(fmt, &formats, lh) {
- int (*fn)(struct linux_binprm *) = fmt->load_binary;
- if (!fn)
- continue;
- if (!try_module_get(fmt->module))
- continue;
- read_unlock(&binfmt_lock);
- bprm->recursion_depth = depth + 1;
- retval = fn(bprm);
- bprm->recursion_depth = depth;
- if (retval >= 0) {
- if (depth == 0) {
- audit_bprm(bprm);
- trace_sched_process_exec(current, old_pid, bprm);
- ptrace_event(PTRACE_EVENT_EXEC, old_vpid);
- }
- put_binfmt(fmt);
- allow_write_access(bprm->file);
- if (bprm->file)
- fput(bprm->file);
- bprm->file = NULL;
- current->did_exec = 1;
- proc_exec_connector(current);
- return retval;
- }
- read_lock(&binfmt_lock);
- put_binfmt(fmt);
- if (retval != -ENOEXEC || bprm->mm == NULL)
- break;
- if (!bprm->file) {
- read_unlock(&binfmt_lock);
- return retval;
- }
+ ret = search_binary_handler(bprm);
+ if (ret >= 0) {
++ audit_bprm(bprm);
+ trace_sched_process_exec(current, old_pid, bprm);
+ ptrace_event(PTRACE_EVENT_EXEC, old_vpid);
+ current->did_exec = 1;
+ proc_exec_connector(current);
+
+ if (bprm->file) {
+ allow_write_access(bprm->file);
+ fput(bprm->file);
+ bprm->file = NULL; /* to catch use-after-free */
}
- read_unlock(&binfmt_lock);
-#ifdef CONFIG_MODULES
- if (retval != -ENOEXEC || bprm->mm == NULL) {
- break;
- } else {
-#define printable(c) (((c)=='\t') || ((c)=='\n') || (0x20<=(c) && (c)<=0x7e))
- if (printable(bprm->buf[0]) &&
- printable(bprm->buf[1]) &&
- printable(bprm->buf[2]) &&
- printable(bprm->buf[3]))
- break; /* -ENOEXEC */
- if (try)
- break; /* -ENOEXEC */
- request_module("binfmt-%04x", *(unsigned short *)(&bprm->buf[2]));
- }
-#else
- break;
-#endif
}
- return retval;
-}
-EXPORT_SYMBOL(search_binary_handler);
+ return ret;
+}
/*
* sys_execve() executes a new program.
[-- Attachment #2: Type: application/pgp-signature, Size: 836 bytes --]
next reply other threads:[~2013-11-06 6:20 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-11-06 6:19 Stephen Rothwell [this message]
2014-01-15 4:48 linux-next: manual merge of the audit tree with Linus' tree Stephen Rothwell
2014-04-01 4:07 Stephen Rothwell
2014-04-01 12:54 ` Richard Guy Briggs
2014-04-01 13:11 ` Stephen Rothwell
2014-04-16 4:02 Stephen Rothwell
2014-04-16 12:08 ` Eric Paris
2014-04-22 3:58 Stephen Rothwell
2015-01-20 4:03 Stephen Rothwell
2015-01-20 4:04 Stephen Rothwell
2015-01-20 15:45 ` Paul Moore
2015-01-20 4:04 Stephen Rothwell
2015-06-01 6:30 Stephen Rothwell
2015-06-01 15:59 ` Richard Guy Briggs
2015-08-07 4:15 Stephen Rothwell
2015-08-07 6:33 ` Richard Guy Briggs
2015-10-06 2:55 Stephen Rothwell
2015-10-06 17:21 ` Paul Moore
2015-11-19 1:06 Stephen Rothwell
2015-11-19 15:53 ` Paul Moore
2015-11-19 18:30 ` Richard Guy Briggs
2015-11-19 20:16 ` Stephen Rothwell
2016-01-19 1:02 Stephen Rothwell
2016-01-19 2:48 ` Paul Moore
2016-11-22 5:29 Stephen Rothwell
2016-11-22 10:35 ` Richard Guy Briggs
2016-11-22 21:25 ` Paul Moore
2017-01-19 2:51 Stephen Rothwell
2017-01-19 4:16 ` Richard Guy Briggs
2017-03-24 2:18 Stephen Rothwell
2017-03-24 6:33 ` Richard Guy Briggs
2017-03-24 16:39 ` Paul Moore
2019-04-08 1:31 Stephen Rothwell
2019-04-08 17:15 ` Dmitry V. Levin
2019-04-08 20:30 ` Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20131106171950.9a0823c8207fc897d387d612@canb.auug.org.au \
--to=sfr@canb.auug.org.au \
--cc=eparis@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-next@vger.kernel.org \
--cc=rgb@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).