Lines Matching +full:protect +full:- +full:exec
2 * linux/fs/exec.c
8 * #!-checking implemented by tytso.
11 * Demand-loading implemented 01.12.91 - no need to read anything but
13 * "current->executable", and page faults do the actual loading. Clean.
16 * was less than 2 hours work to get demand-loading completely implemented.
19 * current->executable is only used by the procfs. This allows a dispatch
83 if (WARN_ON(!fmt->load_binary)) in __register_binfmt()
86 insert ? list_add(&fmt->lh, &formats) : in __register_binfmt()
87 list_add_tail(&fmt->lh, &formats); in __register_binfmt()
96 list_del(&fmt->lh); in unregister_binfmt()
104 module_put(fmt->module); in put_binfmt()
109 return (path->mnt->mnt_flags & MNT_NOEXEC) || in path_noexec()
110 (path->mnt->mnt_sb->s_iflags & SB_I_NOEXEC); in path_noexec()
142 error = -EINVAL; in SYSCALL_DEFINE1()
143 if (!S_ISREG(file_inode(file)->i_mode)) in SYSCALL_DEFINE1()
146 error = -EACCES; in SYSCALL_DEFINE1()
147 if (path_noexec(&file->f_path)) in SYSCALL_DEFINE1()
152 error = -ENOEXEC; in SYSCALL_DEFINE1()
156 if (!fmt->load_shlib) in SYSCALL_DEFINE1()
158 if (!try_module_get(fmt->module)) in SYSCALL_DEFINE1()
161 error = fmt->load_shlib(file); in SYSCALL_DEFINE1()
164 if (error != -ENOEXEC) in SYSCALL_DEFINE1()
177 * The nascent bprm->mm is not visible until exec_mmap() but it can
178 * use a lot of memory, account these pages in current->mm temporary
179 * for oom_badness()->get_mm_rss(). Once exec succeeds or fails, we
184 struct mm_struct *mm = current->mm; in acct_arg_size()
185 long diff = (long)(pages - bprm->vma_pages); in acct_arg_size()
190 bprm->vma_pages = pages; in acct_arg_size()
203 ret = expand_downwards(bprm->vma, pos); in get_arg_page()
213 * We are doing an exec(). 'current' is the process in get_arg_page()
214 * doing the exec and bprm->mm is the new process's mm. in get_arg_page()
216 ret = get_user_pages_remote(current, bprm->mm, pos, 1, gup_flags, in get_arg_page()
222 unsigned long size = bprm->vma->vm_end - bprm->vma->vm_start; in get_arg_page()
237 ptr_size = (bprm->argc + bprm->envc) * sizeof(void *); in get_arg_page()
238 if (ptr_size > ULONG_MAX - size) in get_arg_page()
255 * - the remaining binfmt code will not run out of stack space, in get_arg_page()
256 * - the program will have a reasonable amount of stack left in get_arg_page()
260 limit = min(limit, bprm->rlim_stack.rlim_cur / 4); in get_arg_page()
284 flush_cache_page(bprm->vma, pos, page_to_pfn(page)); in flush_arg_page()
291 struct mm_struct *mm = bprm->mm; in __bprm_mm_init()
293 bprm->vma = vma = vm_area_alloc(mm); in __bprm_mm_init()
295 return -ENOMEM; in __bprm_mm_init()
298 if (down_write_killable(&mm->mmap_sem)) { in __bprm_mm_init()
299 err = -EINTR; in __bprm_mm_init()
310 vma->vm_end = STACK_TOP_MAX; in __bprm_mm_init()
311 vma->vm_start = vma->vm_end - PAGE_SIZE; in __bprm_mm_init()
312 vma->vm_flags = VM_SOFTDIRTY | VM_STACK_FLAGS | VM_STACK_INCOMPLETE_SETUP; in __bprm_mm_init()
313 vma->vm_page_prot = vm_get_page_prot(vma->vm_flags); in __bprm_mm_init()
319 mm->stack_vm = mm->total_vm = 1; in __bprm_mm_init()
321 up_write(&mm->mmap_sem); in __bprm_mm_init()
322 bprm->p = vma->vm_end - sizeof(void *); in __bprm_mm_init()
325 up_write(&mm->mmap_sem); in __bprm_mm_init()
327 bprm->vma = NULL; in __bprm_mm_init()
348 page = bprm->page[pos / PAGE_SIZE]; in get_arg_page()
353 bprm->page[pos / PAGE_SIZE] = page; in get_arg_page()
365 if (bprm->page[i]) { in free_arg_page()
366 __free_page(bprm->page[i]); in free_arg_page()
367 bprm->page[i] = NULL; in free_arg_page()
386 bprm->p = PAGE_SIZE * MAX_ARG_PAGES - sizeof(void *); in __bprm_mm_init()
392 return len <= bprm->p; in valid_arg_len()
408 bprm->mm = mm = mm_alloc(); in bprm_mm_init()
409 err = -ENOMEM; in bprm_mm_init()
413 /* Save current stack limit for all calculations made during exec. */ in bprm_mm_init()
414 task_lock(current->group_leader); in bprm_mm_init()
415 bprm->rlim_stack = current->signal->rlim[RLIMIT_STACK]; in bprm_mm_init()
416 task_unlock(current->group_leader); in bprm_mm_init()
426 bprm->mm = NULL; in bprm_mm_init()
454 return ERR_PTR(-EFAULT); in get_user_arg_ptr()
461 return ERR_PTR(-EFAULT); in get_user_arg_ptr()
481 return -EFAULT; in count()
484 return -E2BIG; in count()
488 return -ERESTARTNOHAND; in count()
508 while (argc-- > 0) { in copy_strings()
513 ret = -EFAULT; in copy_strings()
522 ret = -E2BIG; in copy_strings()
527 pos = bprm->p; in copy_strings()
529 bprm->p -= len; in copy_strings()
535 ret = -ERESTARTNOHAND; in copy_strings()
548 offset -= bytes_to_copy; in copy_strings()
549 pos -= bytes_to_copy; in copy_strings()
550 str -= bytes_to_copy; in copy_strings()
551 len -= bytes_to_copy; in copy_strings()
558 ret = -E2BIG; in copy_strings()
573 ret = -EFAULT; in copy_strings()
624 struct mm_struct *mm = vma->vm_mm; in shift_arg_pages()
625 unsigned long old_start = vma->vm_start; in shift_arg_pages()
626 unsigned long old_end = vma->vm_end; in shift_arg_pages()
627 unsigned long length = old_end - old_start; in shift_arg_pages()
628 unsigned long new_start = old_start - shift; in shift_arg_pages()
629 unsigned long new_end = old_end - shift; in shift_arg_pages()
639 return -EFAULT; in shift_arg_pages()
644 if (vma_adjust(vma, new_start, old_end, vma->vm_pgoff, NULL)) in shift_arg_pages()
645 return -ENOMEM; in shift_arg_pages()
653 return -ENOMEM; in shift_arg_pages()
662 vma->vm_next ? vma->vm_next->vm_start : USER_PGTABLES_CEILING); in shift_arg_pages()
667 * have constraints on va-space that make this illegal (IA64) - in shift_arg_pages()
671 vma->vm_next ? vma->vm_next->vm_start : USER_PGTABLES_CEILING); in shift_arg_pages()
678 vma_adjust(vma, new_start, new_end, vma->vm_pgoff, NULL); in shift_arg_pages()
693 struct mm_struct *mm = current->mm; in setup_arg_pages()
694 struct vm_area_struct *vma = bprm->vma; in setup_arg_pages()
704 stack_base = bprm->rlim_stack.rlim_max; in setup_arg_pages()
712 if (vma->vm_end - vma->vm_start > stack_base) in setup_arg_pages()
713 return -ENOMEM; in setup_arg_pages()
715 stack_base = PAGE_ALIGN(stack_top - stack_base); in setup_arg_pages()
717 stack_shift = vma->vm_start - stack_base; in setup_arg_pages()
718 mm->arg_start = bprm->p - stack_shift; in setup_arg_pages()
719 bprm->p = vma->vm_end - stack_shift; in setup_arg_pages()
725 unlikely(vma->vm_end - vma->vm_start >= stack_top - mmap_min_addr)) in setup_arg_pages()
726 return -ENOMEM; in setup_arg_pages()
728 stack_shift = vma->vm_end - stack_top; in setup_arg_pages()
730 bprm->p -= stack_shift; in setup_arg_pages()
731 mm->arg_start = bprm->p; in setup_arg_pages()
734 if (bprm->loader) in setup_arg_pages()
735 bprm->loader -= stack_shift; in setup_arg_pages()
736 bprm->exec -= stack_shift; in setup_arg_pages()
738 if (down_write_killable(&mm->mmap_sem)) in setup_arg_pages()
739 return -EINTR; in setup_arg_pages()
752 vm_flags |= mm->def_flags; in setup_arg_pages()
755 ret = mprotect_fixup(vma, &prev, vma->vm_start, vma->vm_end, in setup_arg_pages()
769 vma->vm_flags &= ~VM_STACK_INCOMPLETE_SETUP; in setup_arg_pages()
772 stack_size = vma->vm_end - vma->vm_start; in setup_arg_pages()
777 rlim_stack = bprm->rlim_stack.rlim_cur & PAGE_MASK; in setup_arg_pages()
780 stack_base = vma->vm_start + rlim_stack; in setup_arg_pages()
782 stack_base = vma->vm_end + stack_expand; in setup_arg_pages()
785 stack_base = vma->vm_end - rlim_stack; in setup_arg_pages()
787 stack_base = vma->vm_start - stack_expand; in setup_arg_pages()
789 current->mm->start_stack = bprm->p; in setup_arg_pages()
792 ret = -EFAULT; in setup_arg_pages()
795 up_write(&mm->mmap_sem); in setup_arg_pages()
812 stop = bprm->p >> PAGE_SHIFT; in transfer_args_to_stack()
815 for (index = MAX_ARG_PAGES - 1; index >= stop; index--) { in transfer_args_to_stack()
816 unsigned int offset = index == stop ? bprm->p & ~PAGE_MASK : 0; in transfer_args_to_stack()
817 char *src = kmap(bprm->page[index]) + offset; in transfer_args_to_stack()
818 sp -= PAGE_SIZE - offset; in transfer_args_to_stack()
819 if (copy_to_user((void *) sp, src, PAGE_SIZE - offset) != 0) in transfer_args_to_stack()
820 ret = -EFAULT; in transfer_args_to_stack()
821 kunmap(bprm->page[index]); in transfer_args_to_stack()
847 return ERR_PTR(-EINVAL); in do_open_execat()
857 err = -EACCES; in do_open_execat()
858 if (!S_ISREG(file_inode(file)->i_mode)) in do_open_execat()
861 if (path_noexec(&file->f_path)) in do_open_execat()
868 if (name->name[0] != '\0') in do_open_execat()
899 if (!S_ISREG(file_inode(file)->i_mode) || max_size < 0) in kernel_read_file()
900 return -EINVAL; in kernel_read_file()
912 ret = -EFBIG; in kernel_read_file()
916 ret = -EINVAL; in kernel_read_file()
923 ret = -ENOMEM; in kernel_read_file()
929 bytes = kernel_read(file, *buf + pos, i_size - pos, &pos); in kernel_read_file()
940 ret = -EIO; in kernel_read_file()
969 return -EINVAL; in kernel_read_file_from_path()
985 int ret = -EBADF; in kernel_read_file_from_fd()
1013 old_mm = current->mm; in exec_mmap()
1021 * through with the exec. We must hold mmap_sem around in exec_mmap()
1022 * checking core_state and changing tsk->mm. in exec_mmap()
1024 down_read(&old_mm->mmap_sem); in exec_mmap()
1025 if (unlikely(old_mm->core_state)) { in exec_mmap()
1026 up_read(&old_mm->mmap_sem); in exec_mmap()
1027 return -EINTR; in exec_mmap()
1033 active_mm = tsk->active_mm; in exec_mmap()
1034 tsk->active_mm = mm; in exec_mmap()
1035 tsk->mm = mm; in exec_mmap()
1048 tsk->mm->vmacache_seqnum = 0; in exec_mmap()
1052 up_read(&old_mm->mmap_sem); in exec_mmap()
1054 setmax_mm_hiwater_rss(&tsk->signal->maxrss, old_mm); in exec_mmap()
1071 struct signal_struct *sig = tsk->signal; in de_thread()
1072 struct sighand_struct *oldsighand = tsk->sighand; in de_thread()
1073 spinlock_t *lock = &oldsighand->siglock; in de_thread()
1088 return -EAGAIN; in de_thread()
1091 sig->group_exit_task = tsk; in de_thread()
1092 sig->notify_count = zap_other_threads(tsk); in de_thread()
1094 sig->notify_count--; in de_thread()
1096 while (sig->notify_count) { in de_thread()
1112 struct task_struct *leader = tsk->group_leader; in de_thread()
1119 * exit_notify() can't miss ->group_exit_task in de_thread()
1121 sig->notify_count = -1; in de_thread()
1122 if (likely(leader->exit_state)) in de_thread()
1133 * The only record we have of the real-time age of a in de_thread()
1136 * from sister threads now dead. But in this non-leader in de_thread()
1137 * exec, nothing survives from the original leader thread, in de_thread()
1142 tsk->start_time = leader->start_time; in de_thread()
1143 tsk->real_start_time = leader->real_start_time; in de_thread()
1148 * An exec() starts a new thread group with the in de_thread()
1159 tsk->pid = leader->pid; in de_thread()
1165 list_replace_rcu(&leader->tasks, &tsk->tasks); in de_thread()
1166 list_replace_init(&leader->sibling, &tsk->sibling); in de_thread()
1168 tsk->group_leader = tsk; in de_thread()
1169 leader->group_leader = tsk; in de_thread()
1171 tsk->exit_signal = SIGCHLD; in de_thread()
1172 leader->exit_signal = -1; in de_thread()
1174 BUG_ON(leader->exit_state != EXIT_ZOMBIE); in de_thread()
1175 leader->exit_state = EXIT_DEAD; in de_thread()
1178 * We are going to release_task()->ptrace_unlink() silently, in de_thread()
1182 if (unlikely(leader->ptrace)) in de_thread()
1183 __wake_up_parent(leader, leader->parent); in de_thread()
1190 sig->group_exit_task = NULL; in de_thread()
1191 sig->notify_count = 0; in de_thread()
1195 tsk->exit_signal = SIGCHLD; in de_thread()
1202 if (atomic_read(&oldsighand->count) != 1) { in de_thread()
1205 * This ->sighand is shared with the CLONE_SIGHAND in de_thread()
1210 return -ENOMEM; in de_thread()
1212 atomic_set(&newsighand->count, 1); in de_thread()
1213 memcpy(newsighand->action, oldsighand->action, in de_thread()
1214 sizeof(newsighand->action)); in de_thread()
1217 spin_lock(&oldsighand->siglock); in de_thread()
1218 rcu_assign_pointer(tsk->sighand, newsighand); in de_thread()
1219 spin_unlock(&oldsighand->siglock); in de_thread()
1231 sig->group_exit_task = NULL; in de_thread()
1232 sig->notify_count = 0; in de_thread()
1234 return -EAGAIN; in de_thread()
1240 strncpy(buf, tsk->comm, buf_size); in __get_task_comm()
1251 void __set_task_comm(struct task_struct *tsk, const char *buf, bool exec) in __set_task_comm() argument
1255 strlcpy(tsk->comm, buf, sizeof(tsk->comm)); in __set_task_comm()
1257 perf_event_comm(tsk, exec); in __set_task_comm()
1279 * Must be called _before_ exec_mmap() as bprm->mm is in flush_old_exec()
1283 set_mm_exe_file(bprm->mm, bprm->file); in flush_old_exec()
1285 would_dump(bprm, bprm->file); in flush_old_exec()
1291 retval = exec_mmap(bprm->mm); in flush_old_exec()
1296 * After clearing bprm->mm (to mark that current is using the in flush_old_exec()
1301 bprm->mm = NULL; in flush_old_exec()
1304 current->flags &= ~(PF_RANDOMIZE | PF_FORKNOEXEC | PF_KTHREAD | in flush_old_exec()
1307 current->personality &= ~bprm->per_clear; in flush_old_exec()
1312 * trying to access the should-be-closed file descriptors of a process in flush_old_exec()
1313 * undergoing exec(2). in flush_old_exec()
1315 do_close_on_exec(current->files); in flush_old_exec()
1328 bprm->interp_flags |= BINPRM_FLAGS_ENFORCE_NONDUMP; in would_dump()
1330 /* Ensure mm->user_ns contains the executable */ in would_dump()
1331 user_ns = old = bprm->mm->user_ns; in would_dump()
1334 user_ns = user_ns->parent; in would_dump()
1337 bprm->mm->user_ns = get_user_ns(user_ns); in would_dump()
1351 bprm->secureexec |= bprm->cap_elevated; in setup_new_exec()
1353 if (bprm->secureexec) { in setup_new_exec()
1355 current->pdeath_signal = 0; in setup_new_exec()
1364 if (bprm->rlim_stack.rlim_cur > _STK_LIM) in setup_new_exec()
1365 bprm->rlim_stack.rlim_cur = _STK_LIM; in setup_new_exec()
1368 arch_pick_mmap_layout(current->mm, &bprm->rlim_stack); in setup_new_exec()
1370 current->sas_ss_sp = current->sas_ss_size = 0; in setup_new_exec()
1375 * bprm->secureexec instead. in setup_new_exec()
1377 if (bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP || in setup_new_exec()
1380 set_dumpable(current->mm, suid_dumpable); in setup_new_exec()
1382 set_dumpable(current->mm, SUID_DUMP_USER); in setup_new_exec()
1386 __set_task_comm(current, kbasename(bprm->filename), true); in setup_new_exec()
1392 current->mm->task_size = TASK_SIZE; in setup_new_exec()
1394 /* An exec changes our domain. We are no longer part of the thread in setup_new_exec()
1396 WRITE_ONCE(current->self_exec_id, current->self_exec_id + 1); in setup_new_exec()
1405 task_lock(current->group_leader); in finalize_exec()
1406 current->signal->rlim[RLIMIT_STACK] = bprm->rlim_stack; in finalize_exec()
1407 task_unlock(current->group_leader); in finalize_exec()
1412 * Prepare credentials and lock ->cred_guard_mutex.
1414 * Or, if exec fails before, free_bprm() should release ->cred and
1419 if (mutex_lock_interruptible(¤t->signal->cred_guard_mutex)) in prepare_bprm_creds()
1420 return -ERESTARTNOINTR; in prepare_bprm_creds()
1422 bprm->cred = prepare_exec_creds(); in prepare_bprm_creds()
1423 if (likely(bprm->cred)) in prepare_bprm_creds()
1426 mutex_unlock(¤t->signal->cred_guard_mutex); in prepare_bprm_creds()
1427 return -ENOMEM; in prepare_bprm_creds()
1433 if (bprm->cred) { in free_bprm()
1434 mutex_unlock(¤t->signal->cred_guard_mutex); in free_bprm()
1435 abort_creds(bprm->cred); in free_bprm()
1437 if (bprm->file) { in free_bprm()
1438 allow_write_access(bprm->file); in free_bprm()
1439 fput(bprm->file); in free_bprm()
1442 if (bprm->interp != bprm->filename) in free_bprm()
1443 kfree(bprm->interp); in free_bprm()
1450 if (bprm->interp != bprm->filename) in bprm_change_interp()
1451 kfree(bprm->interp); in bprm_change_interp()
1452 bprm->interp = kstrdup(interp, GFP_KERNEL); in bprm_change_interp()
1453 if (!bprm->interp) in bprm_change_interp()
1454 return -ENOMEM; in bprm_change_interp()
1466 commit_creds(bprm->cred); in install_exec_creds()
1467 bprm->cred = NULL; in install_exec_creds()
1475 if (get_dumpable(current->mm) != SUID_DUMP_USER) in install_exec_creds()
1483 mutex_unlock(¤t->signal->cred_guard_mutex); in install_exec_creds()
1489 * - the caller must hold ->cred_guard_mutex to protect against
1490 * PTRACE_ATTACH or seccomp thread-sync
1497 if (p->ptrace) in check_unsafe_exec()
1498 bprm->unsafe |= LSM_UNSAFE_PTRACE; in check_unsafe_exec()
1505 bprm->unsafe |= LSM_UNSAFE_NO_NEW_PRIVS; in check_unsafe_exec()
1509 spin_lock(&p->fs->lock); in check_unsafe_exec()
1512 if (t->fs == p->fs) in check_unsafe_exec()
1517 if (p->fs->users > n_fs) in check_unsafe_exec()
1518 bprm->unsafe |= LSM_UNSAFE_SHARE; in check_unsafe_exec()
1520 p->fs->in_exec = 1; in check_unsafe_exec()
1521 spin_unlock(&p->fs->lock); in check_unsafe_exec()
1534 * bits from any earlier bprm->file uses (for example when run in bprm_fill_uid()
1537 bprm->cred->euid = current_euid(); in bprm_fill_uid()
1538 bprm->cred->egid = current_egid(); in bprm_fill_uid()
1540 if (!mnt_may_suid(bprm->file->f_path.mnt)) in bprm_fill_uid()
1546 inode = bprm->file->f_path.dentry->d_inode; in bprm_fill_uid()
1547 mode = READ_ONCE(inode->i_mode); in bprm_fill_uid()
1555 mode = inode->i_mode; in bprm_fill_uid()
1556 uid = inode->i_uid; in bprm_fill_uid()
1557 gid = inode->i_gid; in bprm_fill_uid()
1561 if (!kuid_has_mapping(bprm->cred->user_ns, uid) || in bprm_fill_uid()
1562 !kgid_has_mapping(bprm->cred->user_ns, gid)) in bprm_fill_uid()
1566 bprm->per_clear |= PER_CLEAR_ON_SETID; in bprm_fill_uid()
1567 bprm->cred->euid = uid; in bprm_fill_uid()
1571 bprm->per_clear |= PER_CLEAR_ON_SETID; in bprm_fill_uid()
1572 bprm->cred->egid = gid; in bprm_fill_uid()
1593 bprm->called_set_creds = 1; in prepare_binprm()
1595 memset(bprm->buf, 0, BINPRM_BUF_SIZE); in prepare_binprm()
1596 return kernel_read(bprm->file, bprm->buf, BINPRM_BUF_SIZE, &pos); in prepare_binprm()
1602 * Arguments are '\0' separated strings found at the location bprm->p
1603 * points to; chop off the first by relocating brpm->p to right after
1613 if (!bprm->argc) in remove_arg_zero()
1617 offset = bprm->p & ~PAGE_MASK; in remove_arg_zero()
1618 page = get_arg_page(bprm, bprm->p, 0); in remove_arg_zero()
1620 ret = -EFAULT; in remove_arg_zero()
1626 offset++, bprm->p++) in remove_arg_zero()
1633 bprm->p++; in remove_arg_zero()
1634 bprm->argc--; in remove_arg_zero()
1653 if (bprm->recursion_depth > 5) in search_binary_handler()
1654 return -ELOOP; in search_binary_handler()
1660 retval = -ENOENT; in search_binary_handler()
1664 if (!try_module_get(fmt->module)) in search_binary_handler()
1667 bprm->recursion_depth++; in search_binary_handler()
1668 retval = fmt->load_binary(bprm); in search_binary_handler()
1671 bprm->recursion_depth--; in search_binary_handler()
1672 if (retval < 0 && !bprm->mm) { in search_binary_handler()
1678 if (retval != -ENOEXEC || !bprm->file) { in search_binary_handler()
1686 if (printable(bprm->buf[0]) && printable(bprm->buf[1]) && in search_binary_handler()
1687 printable(bprm->buf[2]) && printable(bprm->buf[3])) in search_binary_handler()
1689 if (request_module("binfmt-%04x", *(ushort *)(bprm->buf + 2)) < 0) in search_binary_handler()
1705 old_pid = current->pid; in exec_binprm()
1707 old_vpid = task_pid_nr_ns(current, task_active_pid_ns(current->parent)); in exec_binprm()
1743 if ((current->flags & PF_NPROC_EXCEEDED) && in __do_execve_file()
1744 atomic_read(¤t_user()->processes) > rlimit(RLIMIT_NPROC)) { in __do_execve_file()
1745 retval = -EAGAIN; in __do_execve_file()
1751 current->flags &= ~PF_NPROC_EXCEEDED; in __do_execve_file()
1757 retval = -ENOMEM; in __do_execve_file()
1767 current->in_execve = 1; in __do_execve_file()
1777 bprm->file = file; in __do_execve_file()
1779 bprm->filename = "none"; in __do_execve_file()
1780 } else if (fd == AT_FDCWD || filename->name[0] == '/') { in __do_execve_file()
1781 bprm->filename = filename->name; in __do_execve_file()
1783 if (filename->name[0] == '\0') in __do_execve_file()
1787 fd, filename->name); in __do_execve_file()
1789 retval = -ENOMEM; in __do_execve_file()
1794 * inaccessible after exec. Relies on having exclusive access to in __do_execve_file()
1795 * current->files (due to unshare_files above). in __do_execve_file()
1797 if (close_on_exec(fd, rcu_dereference_raw(current->files->fdt))) in __do_execve_file()
1798 bprm->interp_flags |= BINPRM_FLAGS_PATH_INACCESSIBLE; in __do_execve_file()
1799 bprm->filename = pathbuf; in __do_execve_file()
1801 bprm->interp = bprm->filename; in __do_execve_file()
1807 bprm->argc = count(argv, MAX_ARG_STRINGS); in __do_execve_file()
1808 if ((retval = bprm->argc) < 0) in __do_execve_file()
1811 bprm->envc = count(envp, MAX_ARG_STRINGS); in __do_execve_file()
1812 if ((retval = bprm->envc) < 0) in __do_execve_file()
1819 retval = copy_strings_kernel(1, &bprm->filename, bprm); in __do_execve_file()
1823 bprm->exec = bprm->p; in __do_execve_file()
1824 retval = copy_strings(bprm->envc, envp, bprm); in __do_execve_file()
1828 retval = copy_strings(bprm->argc, argv, bprm); in __do_execve_file()
1837 current->fs->in_exec = 0; in __do_execve_file()
1838 current->in_execve = 0; in __do_execve_file()
1852 if (bprm->mm) { in __do_execve_file()
1854 mmput(bprm->mm); in __do_execve_file()
1858 current->fs->in_exec = 0; in __do_execve_file()
1859 current->in_execve = 0; in __do_execve_file()
1945 struct mm_struct *mm = current->mm; in set_binfmt()
1947 if (mm->binfmt) in set_binfmt()
1948 module_put(mm->binfmt->module); in set_binfmt()
1950 mm->binfmt = new; in set_binfmt()
1952 __module_get(new->module); in set_binfmt()
1957 * set_dumpable stores three-value SUID_DUMP_* into mm->flags.
1967 old = READ_ONCE(mm->flags); in set_dumpable()
1969 } while (cmpxchg(&mm->flags, old, new) != old); in set_dumpable()