enum {Enabled, Magic};
#define MISC_FMT_PRESERVE_ARGV0 (1<<31)
+#define MISC_FMT_OPEN_BINARY (1<<30)
+#define MISC_FMT_CREDENTIALS (1<<29)
typedef struct {
struct list_head list;
static int load_misc_binary(struct linux_binprm *bprm, struct pt_regs *regs)
{
Node *fmt;
- struct file * file;
+ struct file * interp_file = NULL;
char iname[BINPRM_BUF_SIZE];
char *iname_addr = iname;
int retval;
+ int fd_binary = -1;
+ struct files_struct *files = NULL;
retval = -ENOEXEC;
if (!enabled)
if (!fmt)
goto _ret;
- allow_write_access(bprm->file);
- fput(bprm->file);
- bprm->file = NULL;
-
- /* Build args for interpreter */
if (!(fmt->flags & MISC_FMT_PRESERVE_ARGV0)) {
remove_arg_zero(bprm);
}
- retval = copy_strings_kernel(1, &bprm->interp, bprm);
- if (retval < 0) goto _ret;
- bprm->argc++;
- retval = copy_strings_kernel(1, &iname_addr, bprm);
- if (retval < 0) goto _ret;
+
+ if (fmt->flags & MISC_FMT_OPEN_BINARY) {
+
+ files = current->files;
+ retval = unshare_files();
+ if (retval < 0)
+ goto _ret;
+ if (files == current->files) {
+ put_files_struct(files);
+ files = NULL;
+ }
+ /* if the binary should be opened on behalf of the
+ * interpreter than keep it open and assign descriptor
+ * to it */
+ fd_binary = get_unused_fd();
+ if (fd_binary < 0) {
+ retval = fd_binary;
+ goto _unshare;
+ }
+ fd_install(fd_binary, bprm->file);
+
+ /* if the binary is not readable than enforce mm->dumpable=0
+ regardless of the interpreter's permissions */
+ if (permission(bprm->file->f_dentry->d_inode, MAY_READ, NULL))
+ bprm->interp_flags |= BINPRM_FLAGS_ENFORCE_NONDUMP;
+
+ allow_write_access(bprm->file);
+ bprm->file = NULL;
+
+ /* mark the bprm that fd should be passed to interp */
+ bprm->interp_flags |= BINPRM_FLAGS_EXECFD;
+ bprm->interp_data = fd_binary;
+
+ } else {
+ allow_write_access(bprm->file);
+ fput(bprm->file);
+ bprm->file = NULL;
+ }
+ /* make argv[1] be the path to the binary */
+ retval = copy_strings_kernel (1, &bprm->interp, bprm);
+ if (retval < 0)
+ goto _error;
bprm->argc++;
- bprm->interp = iname; /* for binfmt_script */
- file = open_exec(iname);
- retval = PTR_ERR(file);
- if (IS_ERR(file))
- goto _ret;
- bprm->file = file;
+ /* add the interp as argv[0] */
+ retval = copy_strings_kernel (1, &iname_addr, bprm);
+ if (retval < 0)
+ goto _error;
+ bprm->argc ++;
- retval = prepare_binprm(bprm);
- if (retval >= 0)
- retval = search_binary_handler(bprm, regs);
+ bprm->interp = iname; /* for binfmt_script */
+
+ interp_file = open_exec (iname);
+ retval = PTR_ERR (interp_file);
+ if (IS_ERR (interp_file))
+ goto _error;
+
+ bprm->file = interp_file;
+ if (fmt->flags & MISC_FMT_CREDENTIALS) {
+ /*
+ * No need to call prepare_binprm(), it's already been
+ * done. bprm->buf is stale, update from interp_file.
+ */
+ memset(bprm->buf, 0, BINPRM_BUF_SIZE);
+ retval = kernel_read(bprm->file, 0, bprm->buf, BINPRM_BUF_SIZE);
+ } else
+ retval = prepare_binprm (bprm);
+
+ if (retval < 0)
+ goto _error;
+
+ retval = search_binary_handler (bprm, regs);
+ if (retval < 0)
+ goto _error;
+
+ if (files) {
+ steal_locks(files);
+ put_files_struct(files);
+ files = NULL;
+ }
_ret:
return retval;
+_error:
+ if (fd_binary > 0)
+ sys_close(fd_binary);
+ bprm->interp_flags = 0;
+ bprm->interp_data = 0;
+_unshare:
+ if (files) {
+ put_files_struct(current->files);
+ current->files = files;
+ }
+ goto _ret;
}
/* Command parsers */
return p - from;
}
+static inline char * check_special_flags (char * sfs, Node * e)
+{
+ char * p = sfs;
+ int cont = 1;
+
+ /* special flags */
+ while (cont) {
+ switch (*p) {
+ case 'P':
+ p++;
+ e->flags |= MISC_FMT_PRESERVE_ARGV0;
+ break;
+ case 'O':
+ p++;
+ e->flags |= MISC_FMT_OPEN_BINARY;
+ break;
+ case 'C':
+ p++;
+ /* this flags also implies the
+ open-binary flag */
+ e->flags |= (MISC_FMT_CREDENTIALS |
+ MISC_FMT_OPEN_BINARY);
+ break;
+ default:
+ cont = 0;
+ }
+ }
+
+ return p;
+}
/*
* This registers a new binary format, it recognises the syntax
- * ':name:type:offset:magic:mask:interpreter:'
+ * ':name:type:offset:magic:mask:interpreter:flags'
* where the ':' is the IFS, that can be chosen with the first char
*/
static Node *create_entry(const char __user *buffer, size_t count)
if (!e->interpreter[0])
goto Einval;
- if (*p == 'P') {
- p++;
- e->flags |= MISC_FMT_PRESERVE_ARGV0;
- }
+
+ p = check_special_flags (p, e);
if (*p == '\n')
p++;
{
char *dp;
char *status = "disabled";
+ const char * flags = "flags: ";
if (test_bit(Enabled, &e->flags))
status = "enabled";
sprintf(page, "%s\ninterpreter %s\n", status, e->interpreter);
dp = page + strlen(page);
+
+ /* print the special flags */
+ sprintf (dp, "%s", flags);
+ dp += strlen (flags);
+ if (e->flags & MISC_FMT_PRESERVE_ARGV0) {
+ *dp ++ = 'P';
+ }
+ if (e->flags & MISC_FMT_OPEN_BINARY) {
+ *dp ++ = 'O';
+ }
+ if (e->flags & MISC_FMT_CREDENTIALS) {
+ *dp ++ = 'C';
+ }
+ *dp ++ = '\n';
+
+
if (!test_bit(Magic, &e->flags)) {
sprintf(dp, "extension .%s\n", e->magic);
} else {
git://git.onelab.eu / linux-2.6.git / blobdiff