diff options
| -rw-r--r-- | arch/ia64/include/asm/processor.h | 2 | ||||
| -rw-r--r-- | fs/exec.c | 6 | ||||
| -rw-r--r-- | include/linux/binfmts.h | 3 | ||||
| -rw-r--r-- | include/linux/sched.h | 4 | ||||
| -rw-r--r-- | kernel/ptrace.c | 2 |
5 files changed, 12 insertions, 5 deletions
diff --git a/arch/ia64/include/asm/processor.h b/arch/ia64/include/asm/processor.h index 3eaeedf1aef..d77b3425cc9 100644 --- a/arch/ia64/include/asm/processor.h +++ b/arch/ia64/include/asm/processor.h @@ -361,7 +361,7 @@ struct thread_struct { regs->loadrs = 0; \ regs->r8 = get_dumpable(current->mm); /* set "don't zap registers" flag */ \ regs->r12 = new_sp - 16; /* allocate 16 byte scratch area */ \ - if (unlikely(!get_dumpable(current->mm))) { \ + if (unlikely(get_dumpable(current->mm) != SUID_DUMP_USER)) { \ /* \ * Zap scratch regs to avoid leaking bits between processes with different \ * uid/privileges. \ diff --git a/fs/exec.c b/fs/exec.c index feb24352228..c32ae344462 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -1793,6 +1793,12 @@ void set_dumpable(struct mm_struct *mm, int value) } } +/* + * This returns the actual value of the suid_dumpable flag. For things + * that are using this for checking for privilege transitions, it must + * test against SUID_DUMP_USER rather than treating it as a boolean + * value. + */ int get_dumpable(struct mm_struct *mm) { int ret; diff --git a/include/linux/binfmts.h b/include/linux/binfmts.h index 9ffffec7ba0..8eab6288ddf 100644 --- a/include/linux/binfmts.h +++ b/include/linux/binfmts.h @@ -107,9 +107,6 @@ extern int flush_old_exec(struct linux_binprm * bprm); extern void setup_new_exec(struct linux_binprm * bprm); extern int suid_dumpable; -#define SUID_DUMP_DISABLE 0 /* No setuid dumping */ -#define SUID_DUMP_USER 1 /* Dump as user of process */ -#define SUID_DUMP_ROOT 2 /* Dump as root */ /* Stack area protections */ #define EXSTACK_DEFAULT 0 /* Whatever the arch defaults to */ diff --git a/include/linux/sched.h b/include/linux/sched.h index 73c3b9ba95d..56e1771eb6c 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -442,6 +442,10 @@ static inline unsigned long get_mm_hiwater_vm(struct mm_struct *mm) extern void set_dumpable(struct mm_struct *mm, int value); extern int get_dumpable(struct mm_struct *mm); +#define SUID_DUMP_DISABLE 0 /* No setuid dumping */ +#define SUID_DUMP_USER 1 /* Dump as user of process */ +#define SUID_DUMP_ROOT 2 /* Dump as root */ + /* mm flags */ /* dumpable bits */ #define MMF_DUMPABLE 0 /* core dump is permitted */ diff --git a/kernel/ptrace.c b/kernel/ptrace.c index d9c8c47ec99..4185220acbe 100644 --- a/kernel/ptrace.c +++ b/kernel/ptrace.c @@ -187,7 +187,7 @@ int __ptrace_may_access(struct task_struct *task, unsigned int mode) smp_rmb(); if (task->mm) dumpable = get_dumpable(task->mm); - if (!dumpable && !capable(CAP_SYS_PTRACE)) + if (dumpable != SUID_DUMP_USER && !capable(CAP_SYS_PTRACE)) return -EPERM; return security_ptrace_access_check(task, mode); |