• Oleg Nesterov's avatar
    sys_personality: change sys_personality() to accept "unsigned int" instead of u_long · 485d5276
    Oleg Nesterov authored
    task_struct->pesonality is "unsigned int", but sys_personality() paths use
    "unsigned long pesonality".  This means that every assignment or
    comparison is not right.  In particular, if this argument does not fit
    into "unsigned int" __set_personality() changes the caller's personality
    and then sys_personality() returns -EINVAL.
    
    Turn this argument into "unsigned int" and avoid overflows.  Obviously,
    this is the user-visible change, we just ignore the upper bits.  But this
    can't break the sane application.
    
    There is another thing which can confuse the poorly written applications.
    User-space thinks that this syscall returns int, not long.  This means
    that the returned value can be negative and look like the error code.  But
    note that libc won't be confused and thus errno won't be set, and with
    this patch the user-space can never get -1 unless sys_personality() really
    fails.  And, most importantly, the negative RET != -1 is only possible if
    that app previously called personality(RET).
    Pointed-out-by: default avatarWenming Zhang <wezhang@redhat.com>
    Suggested-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    Signed-off-by: default avatarOleg Nesterov <oleg@redhat.com>
    Cc: "H. Peter Anvin" <hpa@zytor.com>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    485d5276
exec_domain.c 4.5 KB