CRED: Wrap task credential accesses in the filesystem subsystem

[safe/jmp/linux-2.6] / fs / exec.c
diff --git a/fs/exec.c b/fs/exec.c

index 9696bbf..604834f 100644 (file)
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -32,6 +32,7 @@
  #include <linux/swap.h>
  #include <linux/string.h>
  #include <linux/init.h>
+#include <linux/pagemap.h>
  #include <linux/highmem.h>
  #include <linux/spinlock.h>
  #include <linux/key.h>
@@ -49,15 +50,12 @@
  #include <linux/cn_proc.h>
  #include <linux/audit.h>
  #include <linux/tracehook.h>
+#include <linux/kmod.h>
  
  #include <asm/uaccess.h>
  #include <asm/mmu_context.h>
  #include <asm/tlb.h>
  
-#ifdef CONFIG_KMOD
-#include <linux/kmod.h>
-#endif
-
  #ifdef __alpha__
  /* for /sbin/loader handling in search_binary_handler() */
  #include <linux/a.out.h>
@@ -390,7 +388,7 @@ static int count(char __user * __user * argv, int max)
                         if (!p)
                                 break;
                         argv++;
-                       if(++i > max)
+                       if (i++ >= max)
                                 return -E2BIG;
                         cond_resched();
                 }
@@ -751,11 +749,11 @@ static int exec_mmap(struct mm_struct *mm)
         tsk->active_mm = mm;
         activate_mm(active_mm, mm);
         task_unlock(tsk);
-       mm_update_next_owner(old_mm);
         arch_pick_mmap_layout(mm);
         if (old_mm) {
                 up_read(&old_mm->mmap_sem);
                 BUG_ON(active_mm != old_mm);
+               mm_update_next_owner(old_mm);
                 mmput(old_mm);
                 return 0;
         }
@@ -824,8 +822,6 @@ static int de_thread(struct task_struct *tsk)
                         schedule();
                 }
  
-               if (unlikely(task_child_reaper(tsk) == leader))
-                       task_active_pid_ns(tsk)->child_reaper = tsk;
                 /*
                  * The only record we have of the real-time age of a
                  * process, regardless of execs it's done, is start_time.
@@ -984,7 +980,7 @@ int flush_old_exec(struct linux_binprm * bprm)
         /* This is the point of no return */
         current->sas_ss_sp = current->sas_ss_size = 0;
  
-       if (current->euid == current->uid && current->egid == current->gid)
+       if (current_euid() == current_uid() && current_egid() == current_gid())
                 set_dumpable(current->mm, 1);
         else
                 set_dumpable(current->mm, suid_dumpable);
@@ -1011,7 +1007,7 @@ int flush_old_exec(struct linux_binprm * bprm)
          */
         current->mm->task_size = TASK_SIZE;
  
-       if (bprm->e_uid != current->euid || bprm->e_gid != current->egid) {
+       if (bprm->e_uid != current_euid() || bprm->e_gid != current_egid()) {
                 suid_keys(current);
                 set_dumpable(current->mm, suid_dumpable);
                 current->pdeath_signal = 0;
@@ -1051,8 +1047,8 @@ int prepare_binprm(struct linux_binprm *bprm)
         if (bprm->file->f_op == NULL)
                 return -EACCES;
  
-       bprm->e_uid = current->euid;
-       bprm->e_gid = current->egid;
+       bprm->e_uid = current_euid();
+       bprm->e_gid = current_egid();
  
         if(!(bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID)) {
                 /* Set-uid? */
@@ -1100,7 +1096,7 @@ void compute_creds(struct linux_binprm *bprm)
  {
         int unsafe;
  
-       if (bprm->e_uid != current->uid) {
+       if (bprm->e_uid != current_uid()) {
                 suid_keys(current);
                 current->pdeath_signal = 0;
         }
@@ -1188,7 +1184,7 @@ int search_binary_handler(struct linux_binprm *bprm,struct pt_regs *regs)
                         return retval;
  
                 /* Remember if the application is TASO.  */
-               bprm->sh_bang = eh->ah.entry < 0x100000000UL;
+               bprm->taso = eh->ah.entry < 0x100000000UL;
  
                 bprm->file = file;
                 bprm->loader = loader;
@@ -1246,8 +1242,8 @@ int search_binary_handler(struct linux_binprm *bprm,struct pt_regs *regs)
                 read_unlock(&binfmt_lock);
                 if (retval != -ENOEXEC || bprm->mm == NULL) {
                         break;
-#ifdef CONFIG_KMOD
-               }else{
+#ifdef CONFIG_MODULES
+               } else {
  #define printable(c) (((c)=='\t') || ((c)=='\n') || (0x20<=(c) && (c)<=0x7e))
                         if (printable(bprm->buf[0]) &&
                             printable(bprm->buf[1]) &&
@@ -1390,7 +1386,7 @@ EXPORT_SYMBOL(set_binfmt);
   * name into corename, which must have space for at least
   * CORENAME_MAX_SIZE bytes plus one byte for the zero terminator.
   */
-static int format_corename(char *corename, int nr_threads, long signr)
+static int format_corename(char *corename, long signr)
  {
         const char *pat_ptr = core_pattern;
         int ispipe = (*pat_ptr == '|');
@@ -1428,7 +1424,7 @@ static int format_corename(char *corename, int nr_threads, long signr)
                         /* uid */
                         case 'u':
                                 rc = snprintf(out_ptr, out_end - out_ptr,
-                                             "%d", current->uid);
+                                             "%d", current_uid());
                                 if (rc > out_end - out_ptr)
                                         goto out;
                                 out_ptr += rc;
@@ -1436,7 +1432,7 @@ static int format_corename(char *corename, int nr_threads, long signr)
                         /* gid */
                         case 'g':
                                 rc = snprintf(out_ptr, out_end - out_ptr,
-                                             "%d", current->gid);
+                                             "%d", current_gid());
                                 if (rc > out_end - out_ptr)
                                         goto out;
                                 out_ptr += rc;
@@ -1497,8 +1493,7 @@ static int format_corename(char *corename, int nr_threads, long signr)
          * If core_pattern does not include a %p (as is the default)
          * and core_uses_pid is set, then .%pid will be appended to
          * the filename. Do not do this for piped commands. */
-       if (!ispipe && !pid_in_pattern
-           && (core_uses_pid || nr_threads)) {
+       if (!ispipe && !pid_in_pattern && core_uses_pid) {
                 rc = snprintf(out_ptr, out_end - out_ptr,
                               ".%d", task_tgid_vnr(current));
                 if (rc > out_end - out_ptr)
@@ -1714,7 +1709,7 @@ int do_coredump(long signr, int exit_code, struct pt_regs * regs)
         struct inode * inode;
         struct file * file;
         int retval = 0;
-       int fsuid = current->fsuid;
+       int fsuid = current_fsuid();
         int flag = 0;
         int ispipe = 0;
         unsigned long core_limit = current->signal->rlim[RLIMIT_CORE].rlim_cur;
@@ -1761,7 +1756,7 @@ int do_coredump(long signr, int exit_code, struct pt_regs * regs)
          * uses lock_kernel()
          */
         lock_kernel();
-       ispipe = format_corename(corename, retval, signr);
+       ispipe = format_corename(corename, signr);
         unlock_kernel();
         /*
          * Don't bother to check the RLIMIT_CORE value if core_pattern points
@@ -1820,7 +1815,7 @@ int do_coredump(long signr, int exit_code, struct pt_regs * regs)
          * Dont allow local users get cute and trick others to coredump
          * into their pre-created files:
          */
-       if (inode->i_uid != current->fsuid)
+       if (inode->i_uid != current_fsuid())
                 goto close_fail;
         if (!file->f_op)
                 goto close_fail;