# HG changeset patch # Parent e464dd15d2d9042a08268d377b6ef9b3e2d0f938 Implement LINUX_AT_SECURE properly. Return 1 when the program has changes its credentials during the execution. This corresponds to the issetugid() system call value. diff -r e464dd15d2d9 sys/amd64/linux32/linux32_sysvec.c --- a/sys/amd64/linux32/linux32_sysvec.c +++ b/sys/amd64/linux32/linux32_sysvec.c @@ -248,16 +248,23 @@ elf_linux_fixup(register_t **stack_base, Elf32_Addr *base; Elf32_Addr *pos, *uplatform; struct linux32_ps_strings *arginfo; + struct proc *p; + int issetugid; arginfo = (struct linux32_ps_strings *)LINUX32_PS_STRINGS; uplatform = (Elf32_Addr *)((caddr_t)arginfo - linux_szplatform); - KASSERT(curthread->td_proc == imgp->proc, + p = imgp->proc; + KASSERT(curthread->td_proc == p, ("unsafe elf_linux_fixup(), should be curproc")); base = (Elf32_Addr *)*stack_base; args = (Elf32_Auxargs *)imgp->auxargs; pos = base + (imgp->args->argc + imgp->args->envc + 2); + PROC_LOCK(p); + issetugid = (p->p_flag & P_SUGID) ? 1 : 0; + PROC_UNLOCK(p); + AUXARGS_ENTRY_32(pos, LINUX_AT_HWCAP, cpu_feature); /* @@ -277,7 +284,7 @@ elf_linux_fixup(register_t **stack_base, AUXARGS_ENTRY_32(pos, AT_FLAGS, args->flags); AUXARGS_ENTRY_32(pos, AT_ENTRY, args->entry); AUXARGS_ENTRY_32(pos, AT_BASE, args->base); - AUXARGS_ENTRY_32(pos, LINUX_AT_SECURE, 0); + AUXARGS_ENTRY_32(pos, LINUX_AT_SECURE, issetugid); AUXARGS_ENTRY_32(pos, AT_UID, imgp->proc->p_ucred->cr_ruid); AUXARGS_ENTRY_32(pos, AT_EUID, imgp->proc->p_ucred->cr_svuid); AUXARGS_ENTRY_32(pos, AT_GID, imgp->proc->p_ucred->cr_rgid); diff -r e464dd15d2d9 sys/i386/linux/linux_sysvec.c --- a/sys/i386/linux/linux_sysvec.c +++ b/sys/i386/linux/linux_sysvec.c @@ -244,6 +244,7 @@ elf_linux_fixup(register_t **stack_base, Elf32_Addr *uplatform; struct ps_strings *arginfo; register_t *pos; + int issetugid; KASSERT(curthread->td_proc == imgp->proc, ("unsafe elf_linux_fixup(), should be curproc")); @@ -254,6 +255,10 @@ elf_linux_fixup(register_t **stack_base, args = (Elf32_Auxargs *)imgp->auxargs; pos = *stack_base + (imgp->args->argc + imgp->args->envc + 2); + PROC_LOCK(p); + issetugid = (p->p_flag & P_SUGID) ? 1 : 0; + PROC_UNLOCK(p); + AUXARGS_ENTRY(pos, LINUX_AT_HWCAP, cpu_feature); /* @@ -273,7 +278,7 @@ elf_linux_fixup(register_t **stack_base, AUXARGS_ENTRY(pos, AT_FLAGS, args->flags); AUXARGS_ENTRY(pos, AT_ENTRY, args->entry); AUXARGS_ENTRY(pos, AT_BASE, args->base); - AUXARGS_ENTRY(pos, LINUX_AT_SECURE, 0); + AUXARGS_ENTRY(pos, LINUX_AT_SECURE, issetugid); AUXARGS_ENTRY(pos, AT_UID, imgp->proc->p_ucred->cr_ruid); AUXARGS_ENTRY(pos, AT_EUID, imgp->proc->p_ucred->cr_svuid); AUXARGS_ENTRY(pos, AT_GID, imgp->proc->p_ucred->cr_rgid);