diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2008-04-26 06:05:55 +0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2008-04-26 06:05:55 +0400 |
| commit | bc84e0a160e383deb56568f4e03bc51b1ce16775 (patch) | |
| tree | 3c8cf1ae23c2f9c165bd7ce63a40b1d5c3aee275 /fs/exec.c | |
| parent | a92910723a5af54f81373875fd95133c88df94bd (diff) | |
| parent | f8f95702f0c4529b0f59488f4509608f0c160e77 (diff) | |
| download | linux-bc84e0a160e383deb56568f4e03bc51b1ce16775.tar.xz | |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6:
[PATCH] sanitize locate_fd()
[PATCH] sanitize unshare_files/reset_files_struct
[PATCH] sanitize handling of shared descriptor tables in failing execve()
[PATCH] close race in unshare_files()
[PATCH] restore sane ->umount_begin() API
cifs: timeout dfs automounts +little fix.
Diffstat (limited to 'fs/exec.c')
| -rw-r--r-- | fs/exec.c | 28 |
1 files changed, 12 insertions, 16 deletions
diff --git a/fs/exec.c b/fs/exec.c index 54a0a557b678..b152029f18f6 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -953,7 +953,6 @@ int flush_old_exec(struct linux_binprm * bprm) { char * name; int i, ch, retval; - struct files_struct *files; char tcomm[sizeof(current->comm)]; /* @@ -965,26 +964,15 @@ int flush_old_exec(struct linux_binprm * bprm) goto out; /* - * Make sure we have private file handles. Ask the - * fork helper to do the work for us and the exit - * helper to do the cleanup of the old one. - */ - files = current->files; /* refcounted so safe to hold */ - retval = unshare_files(); - if (retval) - goto out; - /* * Release all of the old mmap stuff */ retval = exec_mmap(bprm->mm); if (retval) - goto mmap_failed; + goto out; bprm->mm = NULL; /* We're using it now */ /* This is the point of no return */ - put_files_struct(files); - current->sas_ss_sp = current->sas_ss_size = 0; if (current->euid == current->uid && current->egid == current->gid) @@ -1034,8 +1022,6 @@ int flush_old_exec(struct linux_binprm * bprm) return 0; -mmap_failed: - reset_files_struct(current, files); out: return retval; } @@ -1283,12 +1269,17 @@ int do_execve(char * filename, struct linux_binprm *bprm; struct file *file; unsigned long env_p; + struct files_struct *displaced; int retval; + retval = unshare_files(&displaced); + if (retval) + goto out_ret; + retval = -ENOMEM; bprm = kzalloc(sizeof(*bprm), GFP_KERNEL); if (!bprm) - goto out_ret; + goto out_files; file = open_exec(filename); retval = PTR_ERR(file); @@ -1343,6 +1334,8 @@ int do_execve(char * filename, security_bprm_free(bprm); acct_update_integrals(current); kfree(bprm); + if (displaced) + put_files_struct(displaced); return retval; } @@ -1363,6 +1356,9 @@ out_file: out_kfree: kfree(bprm); +out_files: + if (displaced) + reset_files_struct(displaced); out_ret: return retval; } |