Commit 7ab02af4 authored by Linus Torvalds's avatar Linus Torvalds

Fix 'flush_old_exec()/setup_new_exec()' split

Commit 221af7f8 ("Split 'flush_old_exec' into two functions") split
the function at the point of no return - ie right where there were no
more error cases to check.  That made sense from a technical standpoint,
but when we then also combined it with the actual personality setting
going in between flush_old_exec() and setup_new_exec(), it needs to be a
bit more careful.

In particular, we need to make sure that we really flush the old
personality bits in the 'flush' stage, rather than later in the 'setup'
stage, since otherwise we might be flushing the _new_ personality state
that we're just setting up.

So this moves the flags and personality flushing (and 'flush_thread()',
which is the arch-specific function that generally resets lazy FP state
etc) of the old process into flush_old_exec(), so that it doesn't affect
any state that execve() is setting up for the new process environment.

This was reported by Michal Simek as breaking his Microblaze qemu
environment.
Reported-and-tested-by: default avatarMichal Simek <michal.simek@petalogix.com>
Cc: Peter Anvin <hpa@zytor.com>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent ab658321
...@@ -961,6 +961,11 @@ int flush_old_exec(struct linux_binprm * bprm) ...@@ -961,6 +961,11 @@ int flush_old_exec(struct linux_binprm * bprm)
goto out; goto out;
bprm->mm = NULL; /* We're using it now */ bprm->mm = NULL; /* We're using it now */
current->flags &= ~PF_RANDOMIZE;
flush_thread();
current->personality &= ~bprm->per_clear;
return 0; return 0;
out: out:
...@@ -997,9 +1002,6 @@ void setup_new_exec(struct linux_binprm * bprm) ...@@ -997,9 +1002,6 @@ void setup_new_exec(struct linux_binprm * bprm)
tcomm[i] = '\0'; tcomm[i] = '\0';
set_task_comm(current, tcomm); set_task_comm(current, tcomm);
current->flags &= ~PF_RANDOMIZE;
flush_thread();
/* Set the new mm task size. We have to do that late because it may /* Set the new mm task size. We have to do that late because it may
* depend on TIF_32BIT which is only updated in flush_thread() on * depend on TIF_32BIT which is only updated in flush_thread() on
* some architectures like powerpc * some architectures like powerpc
...@@ -1015,8 +1017,6 @@ void setup_new_exec(struct linux_binprm * bprm) ...@@ -1015,8 +1017,6 @@ void setup_new_exec(struct linux_binprm * bprm)
set_dumpable(current->mm, suid_dumpable); set_dumpable(current->mm, suid_dumpable);
} }
current->personality &= ~bprm->per_clear;
/* /*
* Flush performance counters when crossing a * Flush performance counters when crossing a
* security domain: * security domain:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment