mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-01-04 04:04:19 +00:00
execve fixes for v6.9-rc2
- Fix selftests to conform to the TAP output format (Muhammad Usama Anjum) - Fix NOMMU linux_binprm::exec pointer in auxv (Max Filippov) - Replace deprecated strncpy usage (Justin Stitt) - Replace another /bin/sh instance in selftests -----BEGIN PGP SIGNATURE----- iQJKBAABCgA0FiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAmYDT3sWHGtlZXNjb29r QGNocm9taXVtLm9yZwAKCRCJcvTf3G3AJjxlD/49PYpA4hMReEJ/01UkMn7IT2DP QWV9IfaPTodj9tjQngalhcF7r6O5guRR7MRfZxyaXriq4aJNzOLm2STmwSG1cOgP hP9D0HnMSc5CrqMJ2kSTr3ETK0a2mTivWl375TUgGdW+QJo7YYInHYaH2THhme1Z MkLHqSkruHw6YVvSvzoWiwZ4taiia7op8HbAEvJQiwnJdiVeCLIYbf2AxXNop2xv xcmoGkSh6KSiQ0XQ7VXs4LC3v/ElHBINSbChoXPBDY5kBWZybyxRwYCVt8mJftgF mVGXBFFpnaLU/gDayPg/Pyq9sW1bLpi8w0BBu419BVfAQ475K+YZ/V8nj4fm95e3 gIWm3x1O48r0OxdzmPb5re/s7lG5uNLzzFEWIus18NmqgA8S1CyFveRB3Zh8LlXB 9UEt4mlcgp/CLAo1Zv6IBe6UDcAf4AR4Tq+d+etmORTqHmM7n399XivNuft9myyB 9ObLCfKvOa71uF0n714XLHc5STk2KTK70Me2L/H5gitSqjIEKFNQ5SOaSbsGImDv i4YPnptCJFTQumE0Tu5hna8uyjOXFIxq/zkfDmzc1wP8FcijwRx3UPoO6WlQsdfx 5cmJSaIX1bhFC+4gxAoEHUDWPh/f4kLeDpIXX6NPH28Do1wxLnri3ryvkfgkw5Vj /1E03LXfcnnSbjQAPQ== =Siss -----END PGP SIGNATURE----- Merge tag 'execve-v6.9-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux Pull execve fixes from Kees Cook: - Fix selftests to conform to the TAP output format (Muhammad Usama Anjum) - Fix NOMMU linux_binprm::exec pointer in auxv (Max Filippov) - Replace deprecated strncpy usage (Justin Stitt) - Replace another /bin/sh instance in selftests * tag 'execve-v6.9-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: binfmt: replace deprecated strncpy exec: Fix NOMMU linux_binprm::exec in transfer_args_to_stack() selftests/exec: Convert remaining /bin/sh to /bin/bash selftests/exec: execveat: Improve debug reporting selftests/exec: recursion-depth: conform test to TAP format output selftests/exec: load_address: conform test to TAP format output selftests/exec: binfmt_script: Add the overall result line according to TAP
This commit is contained in:
commit
f4a432914a
@ -1359,7 +1359,7 @@ static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p,
|
|||||||
SET_UID(psinfo->pr_uid, from_kuid_munged(cred->user_ns, cred->uid));
|
SET_UID(psinfo->pr_uid, from_kuid_munged(cred->user_ns, cred->uid));
|
||||||
SET_GID(psinfo->pr_gid, from_kgid_munged(cred->user_ns, cred->gid));
|
SET_GID(psinfo->pr_gid, from_kgid_munged(cred->user_ns, cred->gid));
|
||||||
rcu_read_unlock();
|
rcu_read_unlock();
|
||||||
strncpy(psinfo->pr_fname, p->comm, sizeof(psinfo->pr_fname));
|
get_task_comm(psinfo->pr_fname, p);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -895,6 +895,7 @@ int transfer_args_to_stack(struct linux_binprm *bprm,
|
|||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bprm->exec += *sp_location - MAX_ARG_PAGES * PAGE_SIZE;
|
||||||
*sp_location = sp;
|
*sp_location = sp;
|
||||||
|
|
||||||
out:
|
out:
|
||||||
|
@ -19,8 +19,8 @@ include ../lib.mk
|
|||||||
|
|
||||||
$(OUTPUT)/subdir:
|
$(OUTPUT)/subdir:
|
||||||
mkdir -p $@
|
mkdir -p $@
|
||||||
$(OUTPUT)/script:
|
$(OUTPUT)/script: Makefile
|
||||||
echo '#!/bin/sh' > $@
|
echo '#!/bin/bash' > $@
|
||||||
echo 'exit $$*' >> $@
|
echo 'exit $$*' >> $@
|
||||||
chmod +x $@
|
chmod +x $@
|
||||||
$(OUTPUT)/execveat.symlink: $(OUTPUT)/execveat
|
$(OUTPUT)/execveat.symlink: $(OUTPUT)/execveat
|
||||||
|
@ -16,6 +16,8 @@ SIZE=256
|
|||||||
NAME_MAX=int(subprocess.check_output(["getconf", "NAME_MAX", "."]))
|
NAME_MAX=int(subprocess.check_output(["getconf", "NAME_MAX", "."]))
|
||||||
|
|
||||||
test_num=0
|
test_num=0
|
||||||
|
pass_num=0
|
||||||
|
fail_num=0
|
||||||
|
|
||||||
code='''#!/usr/bin/perl
|
code='''#!/usr/bin/perl
|
||||||
print "Executed interpreter! Args:\n";
|
print "Executed interpreter! Args:\n";
|
||||||
@ -42,7 +44,7 @@ foreach my $a (@ARGV) {
|
|||||||
# ...
|
# ...
|
||||||
def test(name, size, good=True, leading="", root="./", target="/perl",
|
def test(name, size, good=True, leading="", root="./", target="/perl",
|
||||||
fill="A", arg="", newline="\n", hashbang="#!"):
|
fill="A", arg="", newline="\n", hashbang="#!"):
|
||||||
global test_num, tests, NAME_MAX
|
global test_num, pass_num, fail_num, tests, NAME_MAX
|
||||||
test_num += 1
|
test_num += 1
|
||||||
if test_num > tests:
|
if test_num > tests:
|
||||||
raise ValueError("more binfmt_script tests than expected! (want %d, expected %d)"
|
raise ValueError("more binfmt_script tests than expected! (want %d, expected %d)"
|
||||||
@ -80,16 +82,20 @@ def test(name, size, good=True, leading="", root="./", target="/perl",
|
|||||||
if good:
|
if good:
|
||||||
print("ok %d - binfmt_script %s (successful good exec)"
|
print("ok %d - binfmt_script %s (successful good exec)"
|
||||||
% (test_num, name))
|
% (test_num, name))
|
||||||
|
pass_num += 1
|
||||||
else:
|
else:
|
||||||
print("not ok %d - binfmt_script %s succeeded when it should have failed"
|
print("not ok %d - binfmt_script %s succeeded when it should have failed"
|
||||||
% (test_num, name))
|
% (test_num, name))
|
||||||
|
fail_num = 1
|
||||||
else:
|
else:
|
||||||
if good:
|
if good:
|
||||||
print("not ok %d - binfmt_script %s failed when it should have succeeded (rc:%d)"
|
print("not ok %d - binfmt_script %s failed when it should have succeeded (rc:%d)"
|
||||||
% (test_num, name, proc.returncode))
|
% (test_num, name, proc.returncode))
|
||||||
|
fail_num = 1
|
||||||
else:
|
else:
|
||||||
print("ok %d - binfmt_script %s (correctly failed bad exec)"
|
print("ok %d - binfmt_script %s (correctly failed bad exec)"
|
||||||
% (test_num, name))
|
% (test_num, name))
|
||||||
|
pass_num += 1
|
||||||
|
|
||||||
# Clean up crazy binaries
|
# Clean up crazy binaries
|
||||||
os.unlink(script)
|
os.unlink(script)
|
||||||
@ -166,6 +172,8 @@ test(name="two-under-trunc-arg", size=int(SIZE/2), arg=" ")
|
|||||||
test(name="two-under-leading", size=int(SIZE/2), leading=" ")
|
test(name="two-under-leading", size=int(SIZE/2), leading=" ")
|
||||||
test(name="two-under-lead-trunc-arg", size=int(SIZE/2), leading=" ", arg=" ")
|
test(name="two-under-lead-trunc-arg", size=int(SIZE/2), leading=" ", arg=" ")
|
||||||
|
|
||||||
|
print("# Totals: pass:%d fail:%d xfail:0 xpass:0 skip:0 error:0" % (pass_num, fail_num))
|
||||||
|
|
||||||
if test_num != tests:
|
if test_num != tests:
|
||||||
raise ValueError("fewer binfmt_script tests than expected! (ran %d, expected %d"
|
raise ValueError("fewer binfmt_script tests than expected! (ran %d, expected %d"
|
||||||
% (test_num, tests))
|
% (test_num, tests))
|
||||||
|
@ -98,10 +98,9 @@ static int check_execveat_invoked_rc(int fd, const char *path, int flags,
|
|||||||
if (child == 0) {
|
if (child == 0) {
|
||||||
/* Child: do execveat(). */
|
/* Child: do execveat(). */
|
||||||
rc = execveat_(fd, path, argv, envp, flags);
|
rc = execveat_(fd, path, argv, envp, flags);
|
||||||
ksft_print_msg("execveat() failed, rc=%d errno=%d (%s)\n",
|
ksft_print_msg("child execveat() failed, rc=%d errno=%d (%s)\n",
|
||||||
rc, errno, strerror(errno));
|
rc, errno, strerror(errno));
|
||||||
ksft_test_result_fail("%s\n", test_name);
|
exit(errno);
|
||||||
exit(1); /* should not reach here */
|
|
||||||
}
|
}
|
||||||
/* Parent: wait for & check child's exit status. */
|
/* Parent: wait for & check child's exit status. */
|
||||||
rc = waitpid(child, &status, 0);
|
rc = waitpid(child, &status, 0);
|
||||||
@ -226,11 +225,14 @@ static int check_execveat_pathmax(int root_dfd, const char *src, int is_script)
|
|||||||
* "If the command name is found, but it is not an executable utility,
|
* "If the command name is found, but it is not an executable utility,
|
||||||
* the exit status shall be 126."), so allow either.
|
* the exit status shall be 126."), so allow either.
|
||||||
*/
|
*/
|
||||||
if (is_script)
|
if (is_script) {
|
||||||
|
ksft_print_msg("Invoke script via root_dfd and relative filename\n");
|
||||||
fail += check_execveat_invoked_rc(root_dfd, longpath + 1, 0,
|
fail += check_execveat_invoked_rc(root_dfd, longpath + 1, 0,
|
||||||
127, 126);
|
127, 126);
|
||||||
else
|
} else {
|
||||||
|
ksft_print_msg("Invoke exec via root_dfd and relative filename\n");
|
||||||
fail += check_execveat(root_dfd, longpath + 1, 0);
|
fail += check_execveat(root_dfd, longpath + 1, 0);
|
||||||
|
}
|
||||||
|
|
||||||
return fail;
|
return fail;
|
||||||
}
|
}
|
||||||
|
@ -5,6 +5,7 @@
|
|||||||
#include <link.h>
|
#include <link.h>
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
|
#include "../kselftest.h"
|
||||||
|
|
||||||
struct Statistics {
|
struct Statistics {
|
||||||
unsigned long long load_address;
|
unsigned long long load_address;
|
||||||
@ -41,28 +42,23 @@ int main(int argc, char **argv)
|
|||||||
unsigned long long misalign;
|
unsigned long long misalign;
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
ret = dl_iterate_phdr(ExtractStatistics, &extracted);
|
ksft_print_header();
|
||||||
if (ret != 1) {
|
ksft_set_plan(1);
|
||||||
fprintf(stderr, "FAILED\n");
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (extracted.alignment == 0) {
|
ret = dl_iterate_phdr(ExtractStatistics, &extracted);
|
||||||
fprintf(stderr, "No alignment found\n");
|
if (ret != 1)
|
||||||
return 1;
|
ksft_exit_fail_msg("FAILED: dl_iterate_phdr\n");
|
||||||
} else if (extracted.alignment & (extracted.alignment - 1)) {
|
|
||||||
fprintf(stderr, "Alignment is not a power of 2\n");
|
if (extracted.alignment == 0)
|
||||||
return 1;
|
ksft_exit_fail_msg("FAILED: No alignment found\n");
|
||||||
}
|
else if (extracted.alignment & (extracted.alignment - 1))
|
||||||
|
ksft_exit_fail_msg("FAILED: Alignment is not a power of 2\n");
|
||||||
|
|
||||||
misalign = extracted.load_address & (extracted.alignment - 1);
|
misalign = extracted.load_address & (extracted.alignment - 1);
|
||||||
if (misalign) {
|
if (misalign)
|
||||||
printf("alignment = %llu, load_address = %llu\n",
|
ksft_exit_fail_msg("FAILED: alignment = %llu, load_address = %llu\n",
|
||||||
extracted.alignment, extracted.load_address);
|
extracted.alignment, extracted.load_address);
|
||||||
fprintf(stderr, "FAILED\n");
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
fprintf(stderr, "PASS\n");
|
ksft_test_result_pass("Completed\n");
|
||||||
return 0;
|
ksft_finished();
|
||||||
}
|
}
|
||||||
|
@ -23,45 +23,44 @@
|
|||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
#include <sys/mount.h>
|
#include <sys/mount.h>
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
|
#include "../kselftest.h"
|
||||||
|
|
||||||
int main(void)
|
int main(void)
|
||||||
{
|
{
|
||||||
|
int fd, rv;
|
||||||
|
|
||||||
|
ksft_print_header();
|
||||||
|
ksft_set_plan(1);
|
||||||
|
|
||||||
if (unshare(CLONE_NEWNS) == -1) {
|
if (unshare(CLONE_NEWNS) == -1) {
|
||||||
if (errno == ENOSYS || errno == EPERM) {
|
if (errno == ENOSYS || errno == EPERM) {
|
||||||
fprintf(stderr, "error: unshare, errno %d\n", errno);
|
ksft_test_result_skip("error: unshare, errno %d\n", errno);
|
||||||
return 4;
|
ksft_finished();
|
||||||
}
|
}
|
||||||
fprintf(stderr, "error: unshare, errno %d\n", errno);
|
ksft_exit_fail_msg("error: unshare, errno %d\n", errno);
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
if (mount(NULL, "/", NULL, MS_PRIVATE|MS_REC, NULL) == -1) {
|
|
||||||
fprintf(stderr, "error: mount '/', errno %d\n", errno);
|
|
||||||
return 1;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (mount(NULL, "/", NULL, MS_PRIVATE | MS_REC, NULL) == -1)
|
||||||
|
ksft_exit_fail_msg("error: mount '/', errno %d\n", errno);
|
||||||
|
|
||||||
/* Require "exec" filesystem. */
|
/* Require "exec" filesystem. */
|
||||||
if (mount(NULL, "/tmp", "ramfs", 0, NULL) == -1) {
|
if (mount(NULL, "/tmp", "ramfs", 0, NULL) == -1)
|
||||||
fprintf(stderr, "error: mount ramfs, errno %d\n", errno);
|
ksft_exit_fail_msg("error: mount ramfs, errno %d\n", errno);
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
#define FILENAME "/tmp/1"
|
#define FILENAME "/tmp/1"
|
||||||
|
|
||||||
int fd = creat(FILENAME, 0700);
|
fd = creat(FILENAME, 0700);
|
||||||
if (fd == -1) {
|
if (fd == -1)
|
||||||
fprintf(stderr, "error: creat, errno %d\n", errno);
|
ksft_exit_fail_msg("error: creat, errno %d\n", errno);
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
#define S "#!" FILENAME "\n"
|
#define S "#!" FILENAME "\n"
|
||||||
if (write(fd, S, strlen(S)) != strlen(S)) {
|
if (write(fd, S, strlen(S)) != strlen(S))
|
||||||
fprintf(stderr, "error: write, errno %d\n", errno);
|
ksft_exit_fail_msg("error: write, errno %d\n", errno);
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
close(fd);
|
close(fd);
|
||||||
|
|
||||||
int rv = execve(FILENAME, NULL, NULL);
|
rv = execve(FILENAME, NULL, NULL);
|
||||||
if (rv == -1 && errno == ELOOP) {
|
ksft_test_result(rv == -1 && errno == ELOOP,
|
||||||
return 0;
|
"execve failed as expected (ret %d, errno %d)\n", rv, errno);
|
||||||
}
|
ksft_finished();
|
||||||
fprintf(stderr, "error: execve, rv %d, errno %d\n", rv, errno);
|
|
||||||
return 1;
|
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user