diff options
author | Eric W. Biederman <ebiederm@xmission.com> | 2020-07-13 19:06:48 +0200 |
---|---|---|
committer | Eric W. Biederman <ebiederm@xmission.com> | 2020-07-21 15:24:52 +0200 |
commit | be619f7f063a49c656f620a46af4f8ea3e759e91 (patch) | |
tree | be0f257b8da82e9e2eb9bdaa2574a48221e7b516 /security/tomoyo/common.h | |
parent | exec: Factor bprm_stack_limits out of prepare_arg_pages (diff) | |
download | linux-be619f7f063a49c656f620a46af4f8ea3e759e91.tar.xz linux-be619f7f063a49c656f620a46af4f8ea3e759e91.zip |
exec: Implement kernel_execve
To allow the kernel not to play games with set_fs to call exec
implement kernel_execve. The function kernel_execve takes pointers
into kernel memory and copies the values pointed to onto the new
userspace stack.
The calls with arguments from kernel space of do_execve are replaced
with calls to kernel_execve.
The calls do_execve and do_execveat are made static as there are now
no callers outside of exec.
The comments that mention do_execve are updated to refer to
kernel_execve or execve depending on the circumstances. In addition
to correcting the comments, this makes it easy to grep for do_execve
and verify it is not used.
Inspired-by: https://lkml.kernel.org/r/20200627072704.2447163-1-hch@lst.de
Reviewed-by: Kees Cook <keescook@chromium.org>
Link: https://lkml.kernel.org/r/87wo365ikj.fsf@x220.int.ebiederm.org
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Diffstat (limited to 'security/tomoyo/common.h')
-rw-r--r-- | security/tomoyo/common.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h index 050473df5809..85246b9df7ca 100644 --- a/security/tomoyo/common.h +++ b/security/tomoyo/common.h @@ -425,7 +425,7 @@ struct tomoyo_request_info { struct tomoyo_obj_info *obj; /* * For holding parameters specific to execve() request. - * NULL if not dealing do_execve(). + * NULL if not dealing execve(). */ struct tomoyo_execve *ee; struct tomoyo_domain_info *domain; |