exec: Factor bprm_stack_limits out of prepare_arg_pages
authorEric W. Biederman <ebiederm@xmission.com>
Sun, 12 Jul 2020 13:23:54 +0000 (08:23 -0500)
committerEric W. Biederman <ebiederm@xmission.com>
Tue, 21 Jul 2020 13:24:52 +0000 (08:24 -0500)
In preparation for implementiong kernel_execve (which will take kernel
pointers not userspace pointers) factor out bprm_stack_limits out of
prepare_arg_pages.  This separates the counting which depends upon the
getting data from userspace from the calculations of the stack limits
which is usable in kernel_execve.

The remove prepare_args_pages and compute bprm->argc and bprm->envc
directly in do_execveat_common, before bprm_stack_limits is called.

Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Link: https://lkml.kernel.org/r/87365u6x60.fsf@x220.int.ebiederm.org
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
fs/exec.c

index 5050889..f8135dc 100644 (file)
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -448,19 +448,10 @@ static int count(struct user_arg_ptr argv, int max)
        return i;
 }
 
-static int prepare_arg_pages(struct linux_binprm *bprm,
-                       struct user_arg_ptr argv, struct user_arg_ptr envp)
+static int bprm_stack_limits(struct linux_binprm *bprm)
 {
        unsigned long limit, ptr_size;
 
-       bprm->argc = count(argv, MAX_ARG_STRINGS);
-       if (bprm->argc < 0)
-               return bprm->argc;
-
-       bprm->envc = count(envp, MAX_ARG_STRINGS);
-       if (bprm->envc < 0)
-               return bprm->envc;
-
        /*
         * Limit to 1/4 of the max stack size or 3/4 of _STK_LIM
         * (whichever is smaller) for the argv+env strings.
@@ -1964,7 +1955,17 @@ static int do_execveat_common(int fd, struct filename *filename,
                goto out_ret;
        }
 
-       retval = prepare_arg_pages(bprm, argv, envp);
+       retval = count(argv, MAX_ARG_STRINGS);
+       if (retval < 0)
+               goto out_free;
+       bprm->argc = retval;
+
+       retval = count(envp, MAX_ARG_STRINGS);
+       if (retval < 0)
+               goto out_free;
+       bprm->envc = retval;
+
+       retval = bprm_stack_limits(bprm);
        if (retval < 0)
                goto out_free;