extern int printk_ratelimit_jiffies;
extern int printk_ratelimit_burst;
+extern unsigned int vdso_enabled;
+
+int exec_shield = 1;
+int exec_shield_randomize = 1;
+
+static int __init setup_exec_shield(char *str)
+{
+ get_option (&str, &exec_shield);
+
+ return 1;
+}
+
+__setup("exec-shield=", setup_exec_shield);
+
+static int __init setup_exec_shield_randomize(char *str)
+{
+ get_option (&str, &exec_shield_randomize);
+
+ return 1;
+}
+
+__setup("exec-shield-randomize=", setup_exec_shield_randomize);
+
/* this is needed for the proc_dointvec_minmax for [fs_]overflow UID and GID */
static int maxolduid = 65535;
static int minolduid;
#ifdef CONFIG_HOTPLUG
extern char hotplug_path[];
#endif
+extern char vshelper_path[];
#ifdef CONFIG_CHR_DEV_SG
extern int sg_big_buff;
#endif
.mode = 0644,
.proc_handler = &proc_dointvec,
},
+ {
+ .ctl_name = KERN_PANIC,
+ .procname = "exec-shield",
+ .data = &exec_shield,
+ .maxlen = sizeof(int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec,
+ },
+ {
+ .ctl_name = KERN_PANIC,
+ .procname = "exec-shield-randomize",
+ .data = &exec_shield_randomize,
+ .maxlen = sizeof(int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec,
+ },
+ {
+ .ctl_name = KERN_PANIC,
+ .procname = "print-fatal-signals",
+ .data = &print_fatal_signals,
+ .maxlen = sizeof(int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec,
+ },
+#if __i386__
+ {
+ .ctl_name = KERN_PANIC,
+ .procname = "vdso",
+ .data = &vdso_enabled,
+ .maxlen = sizeof(int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec,
+ },
+#endif
{
.ctl_name = KERN_CORE_USES_PID,
.procname = "core_uses_pid",
.strategy = &sysctl_string,
},
#endif
+ {
+ .ctl_name = KERN_VSHELPER,
+ .procname = "vshelper",
+ .data = &vshelper_path,
+ .maxlen = 256,
+ .mode = 0644,
+ .proc_handler = &proc_dostring,
+ .strategy = &sysctl_string,
+ },
#ifdef CONFIG_CHR_DEV_SG
{
.ctl_name = KERN_SG_BIG_BUFF,
if(copy_to_user(buffer, table->data, len))
return -EFAULT;
if (len < *lenp) {
- if(put_user('\n', ((char *) buffer) + len))
+ if(put_user('\n', ((char __user *) buffer) + len))
return -EFAULT;
len++;
}
size_t left, len;
char buf[TMPBUFLEN], *p;
+ char __user *s = buffer;
if (!table->data || !table->maxlen || !*lenp ||
(filp->f_pos && !write)) {
if (write) {
while (left) {
char c;
- if (get_user(c,(char __user *) buffer))
+ if (get_user(c, s))
return -EFAULT;
if (!isspace(c))
break;
left--;
- buffer++;
+ s++;
}
if (!left)
break;
len = left;
if (len > sizeof(buf) - 1)
len = sizeof(buf) - 1;
- if(copy_from_user(buf, buffer, len))
+ if (copy_from_user(buf, s, len))
return -EFAULT;
buf[len] = 0;
p = buf;
break;
if (neg)
val = -val;
- buffer += len;
+ s += len;
left -= len;
if (conv(&neg, &lval, i, 1, data))
len = strlen(buf);
if (len > left)
len = left;
- if(copy_to_user(buffer, buf, len))
+ if(copy_to_user(s, buf, len))
return -EFAULT;
left -= len;
- buffer += len;
+ s += len;
}
}
if (!write && !first && left) {
- if(put_user('\n', (char *) buffer))
+ if(put_user('\n', s))
return -EFAULT;
- left--, buffer++;
+ left--, s++;
}
if (write) {
- p = (char *) buffer;
while (left) {
char c;
- if (get_user(c, p++))
+ if (get_user(c, s++))
return -EFAULT;
if (!isspace(c))
break;
int vleft, first=1, neg;
size_t len, left;
char buf[TMPBUFLEN], *p;
+ char __user *s = buffer;
if (!table->data || !table->maxlen || !*lenp ||
(filp->f_pos && !write)) {
if (write) {
while (left) {
char c;
- if (get_user(c, (char __user *) buffer))
+ if (get_user(c, s))
return -EFAULT;
if (!isspace(c))
break;
left--;
- buffer++;
+ s++;
}
if (!left)
break;
len = left;
if (len > TMPBUFLEN-1)
len = TMPBUFLEN-1;
- if (copy_from_user(buf, buffer, len))
+ if (copy_from_user(buf, s, len))
return -EFAULT;
buf[len] = 0;
p = buf;
break;
if (neg)
val = -val;
- buffer += len;
+ s += len;
left -= len;
if(neg)
len = strlen(buf);
if (len > left)
len = left;
- if(copy_to_user(buffer, buf, len))
+ if(copy_to_user(s, buf, len))
return -EFAULT;
left -= len;
- buffer += len;
+ s += len;
}
}
if (!write && !first && left) {
- if(put_user('\n', (char *) buffer))
+ if(put_user('\n', s))
return -EFAULT;
- left--, buffer++;
+ left--, s++;
}
if (write) {
- p = (char *) buffer;
while (left) {
char c;
- if (get_user(c, p++))
+ if (get_user(c, s++))
return -EFAULT;
if (!isspace(c))
break;
len = table->maxlen;
if(copy_to_user(oldval, table->data, len))
return -EFAULT;
- if(put_user(0, ((char *) oldval) + len))
+ if(put_user(0, ((char __user *) oldval) + len))
return -EFAULT;
if(put_user(len, oldlenp))
return -EFAULT;
void __user *oldval, size_t __user *oldlenp,
void __user *newval, size_t newlen, void **context)
{
- int i, *vec, *min, *max;
- size_t length;
if (newval && newlen) {
+ int __user *vec = (int __user *) newval;
+ int *min = (int *) table->extra1;
+ int *max = (int *) table->extra2;
+ size_t length;
+ int i;
+
if (newlen % sizeof(int) != 0)
return -EINVAL;
newlen = table->maxlen;
length = newlen / sizeof(int);
- vec = (int *) newval;
- min = (int *) table->extra1;
- max = (int *) table->extra2;
-
for (i = 0; i < length; i++) {
int value;
if (get_user(value, vec + i))
if (olen!=sizeof(int))
return -EINVAL;
}
- if (put_user(*(int *)(table->data) / HZ, (int *)oldval) ||
+ if (put_user(*(int *)(table->data)/HZ, (int __user *)oldval) ||
(oldlenp && put_user(sizeof(int),oldlenp)))
return -EFAULT;
}
int new;
if (newlen != sizeof(int))
return -EINVAL;
- if (get_user(new, (int *)newval))
+ if (get_user(new, (int __user *)newval))
return -EFAULT;
*(int *)(table->data) = new*HZ;
}