Lines Matching refs:bprm
182 static void acct_arg_size(struct linux_binprm *bprm, unsigned long pages) in acct_arg_size() argument
185 long diff = (long)(pages - bprm->vma_pages); in acct_arg_size()
190 bprm->vma_pages = pages; in acct_arg_size()
194 static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, in get_arg_page() argument
203 ret = expand_downwards(bprm->vma, pos); in get_arg_page()
216 ret = get_user_pages_remote(current, bprm->mm, pos, 1, gup_flags, in get_arg_page()
222 unsigned long size = bprm->vma->vm_end - bprm->vma->vm_start; in get_arg_page()
237 ptr_size = (bprm->argc + bprm->envc) * sizeof(void *); in get_arg_page()
242 acct_arg_size(bprm, size / PAGE_SIZE); in get_arg_page()
260 limit = min(limit, bprm->rlim_stack.rlim_cur / 4); in get_arg_page()
277 static void free_arg_pages(struct linux_binprm *bprm) in free_arg_pages() argument
281 static void flush_arg_page(struct linux_binprm *bprm, unsigned long pos, in flush_arg_page() argument
284 flush_cache_page(bprm->vma, pos, page_to_pfn(page)); in flush_arg_page()
287 static int __bprm_mm_init(struct linux_binprm *bprm) in __bprm_mm_init() argument
291 struct mm_struct *mm = bprm->mm; in __bprm_mm_init()
293 bprm->vma = vma = vm_area_alloc(mm); in __bprm_mm_init()
322 bprm->p = vma->vm_end - sizeof(void *); in __bprm_mm_init()
327 bprm->vma = NULL; in __bprm_mm_init()
332 static bool valid_arg_len(struct linux_binprm *bprm, long len) in valid_arg_len() argument
339 static inline void acct_arg_size(struct linux_binprm *bprm, unsigned long pages) in acct_arg_size() argument
343 static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, in get_arg_page() argument
348 page = bprm->page[pos / PAGE_SIZE]; in get_arg_page()
353 bprm->page[pos / PAGE_SIZE] = page; in get_arg_page()
363 static void free_arg_page(struct linux_binprm *bprm, int i) in free_arg_page() argument
365 if (bprm->page[i]) { in free_arg_page()
366 __free_page(bprm->page[i]); in free_arg_page()
367 bprm->page[i] = NULL; in free_arg_page()
371 static void free_arg_pages(struct linux_binprm *bprm) in free_arg_pages() argument
376 free_arg_page(bprm, i); in free_arg_pages()
379 static void flush_arg_page(struct linux_binprm *bprm, unsigned long pos, in flush_arg_page() argument
384 static int __bprm_mm_init(struct linux_binprm *bprm) in __bprm_mm_init() argument
386 bprm->p = PAGE_SIZE * MAX_ARG_PAGES - sizeof(void *); in __bprm_mm_init()
390 static bool valid_arg_len(struct linux_binprm *bprm, long len) in valid_arg_len() argument
392 return len <= bprm->p; in valid_arg_len()
403 static int bprm_mm_init(struct linux_binprm *bprm) in bprm_mm_init() argument
408 bprm->mm = mm = mm_alloc(); in bprm_mm_init()
415 bprm->rlim_stack = current->signal->rlim[RLIMIT_STACK]; in bprm_mm_init()
418 err = __bprm_mm_init(bprm); in bprm_mm_init()
426 bprm->mm = NULL; in bprm_mm_init()
501 struct linux_binprm *bprm) in copy_strings() argument
523 if (!valid_arg_len(bprm, len)) in copy_strings()
527 pos = bprm->p; in copy_strings()
529 bprm->p -= len; in copy_strings()
556 page = get_arg_page(bprm, pos, 1); in copy_strings()
570 flush_arg_page(bprm, kpos, kmapped_page); in copy_strings()
592 struct linux_binprm *bprm) in copy_strings_kernel() argument
601 r = copy_strings(argc, argv, bprm); in copy_strings_kernel()
687 int setup_arg_pages(struct linux_binprm *bprm, in setup_arg_pages() argument
694 struct vm_area_struct *vma = bprm->vma; in setup_arg_pages()
704 stack_base = bprm->rlim_stack.rlim_max; in setup_arg_pages()
718 mm->arg_start = bprm->p - stack_shift; in setup_arg_pages()
719 bprm->p = vma->vm_end - stack_shift; in setup_arg_pages()
730 bprm->p -= stack_shift; in setup_arg_pages()
731 mm->arg_start = bprm->p; in setup_arg_pages()
734 if (bprm->loader) in setup_arg_pages()
735 bprm->loader -= stack_shift; in setup_arg_pages()
736 bprm->exec -= stack_shift; in setup_arg_pages()
777 rlim_stack = bprm->rlim_stack.rlim_cur & PAGE_MASK; in setup_arg_pages()
789 current->mm->start_stack = bprm->p; in setup_arg_pages()
806 int transfer_args_to_stack(struct linux_binprm *bprm, in transfer_args_to_stack() argument
812 stop = bprm->p >> PAGE_SHIFT; in transfer_args_to_stack()
816 unsigned int offset = index == stop ? bprm->p & ~PAGE_MASK : 0; in transfer_args_to_stack()
817 char *src = kmap(bprm->page[index]) + offset; in transfer_args_to_stack()
821 kunmap(bprm->page[index]); in transfer_args_to_stack()
1253 int flush_old_exec(struct linux_binprm * bprm) in flush_old_exec() argument
1270 set_mm_exe_file(bprm->mm, bprm->file); in flush_old_exec()
1275 acct_arg_size(bprm, 0); in flush_old_exec()
1276 retval = exec_mmap(bprm->mm); in flush_old_exec()
1286 bprm->mm = NULL; in flush_old_exec()
1292 current->personality &= ~bprm->per_clear; in flush_old_exec()
1308 void would_dump(struct linux_binprm *bprm, struct file *file) in would_dump() argument
1313 bprm->interp_flags |= BINPRM_FLAGS_ENFORCE_NONDUMP; in would_dump()
1316 user_ns = old = bprm->mm->user_ns; in would_dump()
1322 bprm->mm->user_ns = get_user_ns(user_ns); in would_dump()
1329 void setup_new_exec(struct linux_binprm * bprm) in setup_new_exec() argument
1336 bprm->secureexec |= bprm->cap_elevated; in setup_new_exec()
1338 if (bprm->secureexec) { in setup_new_exec()
1349 if (bprm->rlim_stack.rlim_cur > _STK_LIM) in setup_new_exec()
1350 bprm->rlim_stack.rlim_cur = _STK_LIM; in setup_new_exec()
1353 arch_pick_mmap_layout(current->mm, &bprm->rlim_stack); in setup_new_exec()
1362 if (bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP || in setup_new_exec()
1371 __set_task_comm(current, kbasename(bprm->filename), true); in setup_new_exec()
1387 void finalize_exec(struct linux_binprm *bprm) in finalize_exec() argument
1391 current->signal->rlim[RLIMIT_STACK] = bprm->rlim_stack; in finalize_exec()
1402 int prepare_bprm_creds(struct linux_binprm *bprm) in prepare_bprm_creds() argument
1407 bprm->cred = prepare_exec_creds(); in prepare_bprm_creds()
1408 if (likely(bprm->cred)) in prepare_bprm_creds()
1415 static void free_bprm(struct linux_binprm *bprm) in free_bprm() argument
1417 free_arg_pages(bprm); in free_bprm()
1418 if (bprm->cred) { in free_bprm()
1420 abort_creds(bprm->cred); in free_bprm()
1422 if (bprm->file) { in free_bprm()
1423 allow_write_access(bprm->file); in free_bprm()
1424 fput(bprm->file); in free_bprm()
1427 if (bprm->interp != bprm->filename) in free_bprm()
1428 kfree(bprm->interp); in free_bprm()
1429 kfree(bprm); in free_bprm()
1432 int bprm_change_interp(const char *interp, struct linux_binprm *bprm) in bprm_change_interp() argument
1435 if (bprm->interp != bprm->filename) in bprm_change_interp()
1436 kfree(bprm->interp); in bprm_change_interp()
1437 bprm->interp = kstrdup(interp, GFP_KERNEL); in bprm_change_interp()
1438 if (!bprm->interp) in bprm_change_interp()
1447 void install_exec_creds(struct linux_binprm *bprm) in install_exec_creds() argument
1449 security_bprm_committing_creds(bprm); in install_exec_creds()
1451 commit_creds(bprm->cred); in install_exec_creds()
1452 bprm->cred = NULL; in install_exec_creds()
1467 security_bprm_committed_creds(bprm); in install_exec_creds()
1477 static void check_unsafe_exec(struct linux_binprm *bprm) in check_unsafe_exec() argument
1483 bprm->unsafe |= LSM_UNSAFE_PTRACE; in check_unsafe_exec()
1490 bprm->unsafe |= LSM_UNSAFE_NO_NEW_PRIVS; in check_unsafe_exec()
1503 bprm->unsafe |= LSM_UNSAFE_SHARE; in check_unsafe_exec()
1509 static void bprm_fill_uid(struct linux_binprm *bprm) in bprm_fill_uid() argument
1522 bprm->cred->euid = current_euid(); in bprm_fill_uid()
1523 bprm->cred->egid = current_egid(); in bprm_fill_uid()
1525 if (!mnt_may_suid(bprm->file->f_path.mnt)) in bprm_fill_uid()
1531 inode = bprm->file->f_path.dentry->d_inode; in bprm_fill_uid()
1546 if (!kuid_has_mapping(bprm->cred->user_ns, uid) || in bprm_fill_uid()
1547 !kgid_has_mapping(bprm->cred->user_ns, gid)) in bprm_fill_uid()
1551 bprm->per_clear |= PER_CLEAR_ON_SETID; in bprm_fill_uid()
1552 bprm->cred->euid = uid; in bprm_fill_uid()
1556 bprm->per_clear |= PER_CLEAR_ON_SETID; in bprm_fill_uid()
1557 bprm->cred->egid = gid; in bprm_fill_uid()
1567 int prepare_binprm(struct linux_binprm *bprm) in prepare_binprm() argument
1572 bprm_fill_uid(bprm); in prepare_binprm()
1575 retval = security_bprm_set_creds(bprm); in prepare_binprm()
1578 bprm->called_set_creds = 1; in prepare_binprm()
1580 memset(bprm->buf, 0, BINPRM_BUF_SIZE); in prepare_binprm()
1581 return kernel_read(bprm->file, bprm->buf, BINPRM_BUF_SIZE, &pos); in prepare_binprm()
1591 int remove_arg_zero(struct linux_binprm *bprm) in remove_arg_zero() argument
1598 if (!bprm->argc) in remove_arg_zero()
1602 offset = bprm->p & ~PAGE_MASK; in remove_arg_zero()
1603 page = get_arg_page(bprm, bprm->p, 0); in remove_arg_zero()
1611 offset++, bprm->p++) in remove_arg_zero()
1618 bprm->p++; in remove_arg_zero()
1619 bprm->argc--; in remove_arg_zero()
1631 int search_binary_handler(struct linux_binprm *bprm) in search_binary_handler() argument
1638 if (bprm->recursion_depth > 5) in search_binary_handler()
1641 retval = security_bprm_check(bprm); in search_binary_handler()
1652 bprm->recursion_depth++; in search_binary_handler()
1653 retval = fmt->load_binary(bprm); in search_binary_handler()
1656 bprm->recursion_depth--; in search_binary_handler()
1657 if (retval < 0 && !bprm->mm) { in search_binary_handler()
1663 if (retval != -ENOEXEC || !bprm->file) { in search_binary_handler()
1671 if (printable(bprm->buf[0]) && printable(bprm->buf[1]) && in search_binary_handler()
1672 printable(bprm->buf[2]) && printable(bprm->buf[3])) in search_binary_handler()
1674 if (request_module("binfmt-%04x", *(ushort *)(bprm->buf + 2)) < 0) in search_binary_handler()
1684 static int exec_binprm(struct linux_binprm *bprm) in exec_binprm() argument
1695 ret = search_binary_handler(bprm); in exec_binprm()
1697 audit_bprm(bprm); in exec_binprm()
1698 trace_sched_process_exec(current, old_pid, bprm); in exec_binprm()
1715 struct linux_binprm *bprm; in __do_execve_file() local
1743 bprm = kzalloc(sizeof(*bprm), GFP_KERNEL); in __do_execve_file()
1744 if (!bprm) in __do_execve_file()
1747 retval = prepare_bprm_creds(bprm); in __do_execve_file()
1751 check_unsafe_exec(bprm); in __do_execve_file()
1762 bprm->file = file; in __do_execve_file()
1764 bprm->filename = "none"; in __do_execve_file()
1766 bprm->filename = filename->name; in __do_execve_file()
1783 bprm->interp_flags |= BINPRM_FLAGS_PATH_INACCESSIBLE; in __do_execve_file()
1784 bprm->filename = pathbuf; in __do_execve_file()
1786 bprm->interp = bprm->filename; in __do_execve_file()
1788 retval = bprm_mm_init(bprm); in __do_execve_file()
1792 bprm->argc = count(argv, MAX_ARG_STRINGS); in __do_execve_file()
1793 if ((retval = bprm->argc) < 0) in __do_execve_file()
1796 bprm->envc = count(envp, MAX_ARG_STRINGS); in __do_execve_file()
1797 if ((retval = bprm->envc) < 0) in __do_execve_file()
1800 retval = prepare_binprm(bprm); in __do_execve_file()
1804 retval = copy_strings_kernel(1, &bprm->filename, bprm); in __do_execve_file()
1808 bprm->exec = bprm->p; in __do_execve_file()
1809 retval = copy_strings(bprm->envc, envp, bprm); in __do_execve_file()
1813 retval = copy_strings(bprm->argc, argv, bprm); in __do_execve_file()
1817 would_dump(bprm, bprm->file); in __do_execve_file()
1819 retval = exec_binprm(bprm); in __do_execve_file()
1830 free_bprm(bprm); in __do_execve_file()
1839 if (bprm->mm) { in __do_execve_file()
1840 acct_arg_size(bprm, 0); in __do_execve_file()
1841 mmput(bprm->mm); in __do_execve_file()
1849 free_bprm(bprm); in __do_execve_file()