diff options
author | Eric W. Biederman <ebiederm@xmission.com> | 2020-07-13 19:06:48 +0200 |
---|---|---|
committer | Eric W. Biederman <ebiederm@xmission.com> | 2020-07-21 15:24:52 +0200 |
commit | be619f7f063a49c656f620a46af4f8ea3e759e91 (patch) | |
tree | be0f257b8da82e9e2eb9bdaa2574a48221e7b516 /security/tomoyo/tomoyo.c | |
parent | exec: Factor bprm_stack_limits out of prepare_arg_pages (diff) | |
download | linux-be619f7f063a49c656f620a46af4f8ea3e759e91.tar.xz linux-be619f7f063a49c656f620a46af4f8ea3e759e91.zip |
exec: Implement kernel_execve
To allow the kernel not to play games with set_fs to call exec
implement kernel_execve. The function kernel_execve takes pointers
into kernel memory and copies the values pointed to onto the new
userspace stack.
The calls with arguments from kernel space of do_execve are replaced
with calls to kernel_execve.
The calls do_execve and do_execveat are made static as there are now
no callers outside of exec.
The comments that mention do_execve are updated to refer to
kernel_execve or execve depending on the circumstances. In addition
to correcting the comments, this makes it easy to grep for do_execve
and verify it is not used.
Inspired-by: https://lkml.kernel.org/r/20200627072704.2447163-1-hch@lst.de
Reviewed-by: Kees Cook <keescook@chromium.org>
Link: https://lkml.kernel.org/r/87wo365ikj.fsf@x220.int.ebiederm.org
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Diffstat (limited to 'security/tomoyo/tomoyo.c')
-rw-r--r-- | security/tomoyo/tomoyo.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index f9adddc42ac8..1f3cd432d830 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -93,7 +93,7 @@ static int tomoyo_bprm_check_security(struct linux_binprm *bprm) struct tomoyo_task *s = tomoyo_task(current); /* - * Execute permission is checked against pathname passed to do_execve() + * Execute permission is checked against pathname passed to execve() * using current domain. */ if (!s->old_domain_info) { @@ -307,7 +307,7 @@ static int tomoyo_file_fcntl(struct file *file, unsigned int cmd, */ static int tomoyo_file_open(struct file *f) { - /* Don't check read permission here if called from do_execve(). */ + /* Don't check read permission here if called from execve(). */ if (current->in_execve) return 0; return tomoyo_check_open_permission(tomoyo_domain(), &f->f_path, |