Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ https://git.shady.money/linux/atom?h=v2.6.25 2008-03-03T18:12:14Z 2008-03-03T18:12:14Z Linus Torvalds torvalds@woody.linux-foundation.org 2008-03-03T18:12:14Z urn:sha1:a64e715fc74b1a7dcc5944f848acc38b2c4d4ee2 The new code that removed the limitation on the execve string size (which was historically 32 pages) replaced it with a much softer limit based on RLIMIT_STACK which is usually much larger than the traditional limit. See commit b6a2fea39318e43fee84fa7b0b90d68bed92d2ba ("mm: variable length argument support") for details. However, if you have a small stack limit (perhaps because you need lots of stacks in a threaded environment), the new heuristic of allowing up to 1/4th of RLIMIT_STACK to be used for argument and environment strings could actually be smaller than the old limit. So just say that it's ok to have up to ARG_MAX strings regardless of the value of RLIMIT_STACK, and check the rlimit only when going over that traditional limit. (Of course, if you actually have a *really* small stack limit, the whole stack itself will be limited before you hit ARG_MAX, but that has always been true and is clearly the right behaviour anyway). Acked-by: Carlos O'Donell <carlos@codesourcery.com> Cc: Michael Kerrisk <michael.kerrisk@googlemail.com> Cc: Peter Zijlstra <a.p.zijlstra@chello.nl> Cc: Ollie Wild <aaw@google.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2008-02-15T05:13:33Z Jan Blunck jblunck@suse.de 2008-02-15T03:34:35Z urn:sha1:1d957f9bf87da74f420424d16ece005202bbebd3 * Add path_put() functions for releasing a reference to the dentry and vfsmount of a struct path in the right order * Switch from path_release(nd) to path_put(&nd->path) * Rename dput_path() to path_put_conditional() [akpm@linux-foundation.org: fix cifs] Signed-off-by: Jan Blunck <jblunck@suse.de> Signed-off-by: Andreas Gruenbacher <agruen@suse.de> Acked-by: Christoph Hellwig <hch@lst.de> Cc: <linux-fsdevel@vger.kernel.org> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Steven French <sfrench@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2008-02-15T05:13:33Z Jan Blunck jblunck@suse.de 2008-02-15T03:34:32Z urn:sha1:4ac9137858e08a19f29feac4e1f4df7c268b0ba5 This is the central patch of a cleanup series. In most cases there is no good reason why someone would want to use a dentry for itself. This series reflects that fact and embeds a struct path into nameidata. Together with the other patches of this series - it enforced the correct order of getting/releasing the reference count on <dentry,vfsmount> pairs - it prepares the VFS for stacking support since it is essential to have a struct path in every place where the stack can be traversed - it reduces the overall code size: without patch series: text data bss dec hex filename 5321639 858418 715768 6895825 6938d1 vmlinux with patch series: text data bss dec hex filename 5320026 858418 715768 6894212 693284 vmlinux This patch: Switch from nd->{dentry,mnt} to nd->path.{dentry,mnt} everywhere. [akpm@linux-foundation.org: coding-style fixes] [akpm@linux-foundation.org: fix cifs] [akpm@linux-foundation.org: fix smack] Signed-off-by: Jan Blunck <jblunck@suse.de> Signed-off-by: Andreas Gruenbacher <agruen@suse.de> Acked-by: Christoph Hellwig <hch@lst.de> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2008-02-08T17:22:34Z Andi Kleen andi@firstfloor.org 2008-02-08T12:20:23Z urn:sha1:abe8be3abe4c2043bd766f32d7eba62c12dbb0b3 This allows us to use executables >2GB. Based on a patch by Dave Anderson Signed-off-by: Andi Kleen <ak@suse.de> Cc: Dave Anderson <anderson@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2008-02-08T17:22:30Z David Howells dhowells@redhat.com 2008-02-08T12:19:28Z urn:sha1:7fa3031500ec9b0a7460c8c23751799006ffee74 Suppress A.OUT library support if CONFIG_ARCH_SUPPORTS_AOUT is not set. Not all architectures support the A.OUT binfmt, so the ELF binfmt should not be permitted to go looking for A.OUT libraries to load in such a case. Not only that, but under such conditions A.OUT core dumps are not produced either. To make this work, this patch also does the following: (1) Makes the existence of the contents of linux/a.out.h contingent on CONFIG_ARCH_SUPPORTS_AOUT. (2) Renames dump_thread() to aout_dump_thread() as it's only called by A.OUT core dumping code. (3) Moves aout_dump_thread() into asm/a.out-core.h and makes it inline. This is then included only where needed. This means that this bit of arch code will be stored in the appropriate A.OUT binfmt module rather than the core kernel. (4) Drops A.OUT support for Blackfin (according to Mike Frysinger it's not needed) and FRV. This patch depends on the previous patch to move STACK_TOP[_MAX] out of asm/a.out.h and into asm/processor.h as they're required whether or not A.OUT format is available. [jdike@addtoit.com: uml: re-remove accidentally restored code] Signed-off-by: David Howells <dhowells@redhat.com> Cc: <linux-arch@vger.kernel.org> Signed-off-by: Jeff Dike <jdike@linux.intel.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2008-02-08T17:22:29Z Oleg Nesterov oleg@tv-sign.ru 2008-02-08T12:19:19Z urn:sha1:fea9d175545b38cb3e84569400419eb81bc90fa3 signal_struct->tsk points to the ->group_leader and thus we have the nasty code in de_thread() which has to change it and restart ->real_timer if the leader is changed. Use "struct pid *leader_pid" instead. This also allows us to kill now unneeded send_group_sig_info(). Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru> Acked-by: "Eric W. Biederman" <ebiederm@xmission.com> Cc: Davide Libenzi <davidel@xmailserver.org> Cc: Pavel Emelyanov <xemul@openvz.org> Acked-by: Roland McGrath <roland@redhat.com> Acked-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2008-02-05T17:44:07Z Oleg Nesterov oleg@tv-sign.ru 2008-02-05T06:27:24Z urn:sha1:ed5d2cac114202fe2978a9cbcab8f5032796d538 As Roland pointed out, we have the very old problem with exec. de_thread() sets SIGNAL_GROUP_EXIT, kills other threads, changes ->group_leader and then clears signal->flags. All signals (even fatal ones) sent in this window (which is not too small) will be lost. With this patch exec doesn't abuse SIGNAL_GROUP_EXIT. signal_group_exit(), the new helper, should be used to detect exit_group() or exec() in progress. It can have more users, but this patch does only strictly necessary changes. Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru> Cc: Davide Libenzi <davidel@xmailserver.org> Cc: Ingo Molnar <mingo@elte.hu> Cc: Robin Holt <holt@sgi.com> Cc: Roland McGrath <roland@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2008-02-05T17:44:07Z Andrew Morton akpm@linux-foundation.org 2008-02-05T06:27:21Z urn:sha1:59714d65dfbc86d5cb93adc5bac57a921cc2fa84 It was dumb to make get_task_comm() return void. Change it to return a pointer to the resulting output for caller convenience. Cc: Ulrich Drepper <drepper@redhat.com> Cc: Ingo Molnar <mingo@elte.hu> Cc: Roland McGrath <roland@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2007-11-28T18:58:01Z Ingo Molnar mingo@elte.hu 2007-11-28T12:59:18Z urn:sha1:c46f739dd39db3b07ab5deb4e3ec81e1c04a91af fix: http://bugzilla.kernel.org/show_bug.cgi?id=3043 only allow coredumping to the same uid that the coredumping task runs under. Signed-off-by: Ingo Molnar <mingo@elte.hu> Acked-by: Alan Cox <alan@redhat.com> Acked-by: Christoph Hellwig <hch@lst.de> Acked-by: Al Viro <viro@ftp.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2007-11-12T18:32:29Z Roland McGrath roland@redhat.com 2007-11-12T03:13:43Z urn:sha1:00ec99da43a7c2aed46c6595aa271b84bb1b1462 The coredump code always calls set_dumpable(0) when it starts (even if RLIMIT_CORE prevents any core from being dumped). The effect of this (via task_dumpable) is to make /proc/pid/* files owned by root instead of the user, so the user can no longer examine his own process--in a case where there was never any privileged data to protect. This affects e.g. auxv, environ, fd; in Fedora (execshield) kernels, also maps. In practice, you can only notice this when a debugger has requested PTRACE_EVENT_EXIT tracing. set_dumpable was only used in do_coredump for synchronization and not intended for any security purpose. (It doesn't secure anything that wasn't already unsecured when a process dies by SIGTERM instead of SIGQUIT.) This changes do_coredump to check the core_waiters count as the means of synchronization, which is sufficient. Now we leave the "dumpable" bits alone. Signed-off-by: Roland McGrath <roland@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>