• Linus Torvalds's avatar
    execve: use 'struct filename *' for executable name passing · c4ad8f98
    Linus Torvalds authored
    This changes 'do_execve()' to get the executable name as a 'struct
    filename', and to free it when it is done.  This is what the normal
    users want, and it simplifies and streamlines their error handling.
    
    The controlled lifetime of the executable name also fixes a
    use-after-free problem with the trace_sched_process_exec tracepoint: the
    lifetime of the passed-in string for kernel users was not at all
    obvious, and the user-mode helper code used UMH_WAIT_EXEC to serialize
    the pathname allocation lifetime with the execve() having finished,
    which in turn meant that the trace point that happened after
    mm_release() of the old process VM ended up using already free'd memory.
    
    To solve the kernel string lifetime issue, this simply introduces
    "getname_kernel()" that works like the normal user-space getname()
    function, except with the source coming from kernel memory.
    
    As Oleg points out, this also means that we could drop the tcomm[] array
    from 'struct linux_binprm', since the pathname lifetime now covers
    setup_new_exec().  That would be a separate cleanup.
    Reported-by: default avatarIgor Zhbanov <i.zhbanov@samsung.com>
    Tested-by: default avatarSteven Rostedt <rostedt@goodmis.org>
    Cc: Oleg Nesterov <oleg@redhat.com>
    Cc: Al Viro <viro@zeniv.linux.org.uk>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    c4ad8f98
exec.c 37.5 KB