[Midnightbsd-cvs] src [7441] trunk/sys: A programming error in the Linux compatibility layer could cause the
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Wed Feb 3 00:38:00 EST 2016
Revision: 7441
http://svnweb.midnightbsd.org/src/?rev=7441
Author: laffer1
Date: 2016-02-03 00:38:00 -0500 (Wed, 03 Feb 2016)
Log Message:
-----------
A programming error in the Linux compatibility layer could cause the
issetugid(2) system call to return incorrect information.
Modified Paths:
--------------
trunk/sys/amd64/linux32/linux32_sysvec.c
trunk/sys/i386/linux/linux_sysvec.c
Modified: trunk/sys/amd64/linux32/linux32_sysvec.c
===================================================================
--- trunk/sys/amd64/linux32/linux32_sysvec.c 2016-01-30 18:08:22 UTC (rev 7440)
+++ trunk/sys/amd64/linux32/linux32_sysvec.c 2016-02-03 05:38:00 UTC (rev 7441)
@@ -247,6 +247,7 @@
Elf32_Addr *base;
Elf32_Addr *pos, *uplatform;
struct linux32_ps_strings *arginfo;
+ int issetugid;
arginfo = (struct linux32_ps_strings *)LINUX32_PS_STRINGS;
uplatform = (Elf32_Addr *)((caddr_t)arginfo - linux_szplatform);
@@ -257,6 +258,7 @@
args = (Elf32_Auxargs *)imgp->auxargs;
pos = base + (imgp->args->argc + imgp->args->envc + 2);
+ issetugid = imgp->proc->p_flag & P_SUGID ? 1 : 0;
AUXARGS_ENTRY_32(pos, LINUX_AT_HWCAP, cpu_feature);
/*
@@ -276,7 +278,7 @@
AUXARGS_ENTRY_32(pos, AT_FLAGS, args->flags);
AUXARGS_ENTRY_32(pos, AT_ENTRY, args->entry);
AUXARGS_ENTRY_32(pos, AT_BASE, args->base);
- AUXARGS_ENTRY_32(pos, LINUX_AT_SECURE, 0);
+ AUXARGS_ENTRY_32(pos, LINUX_AT_SECURE, issetugid);
AUXARGS_ENTRY_32(pos, AT_UID, imgp->proc->p_ucred->cr_ruid);
AUXARGS_ENTRY_32(pos, AT_EUID, imgp->proc->p_ucred->cr_svuid);
AUXARGS_ENTRY_32(pos, AT_GID, imgp->proc->p_ucred->cr_rgid);
Modified: trunk/sys/i386/linux/linux_sysvec.c
===================================================================
--- trunk/sys/i386/linux/linux_sysvec.c 2016-01-30 18:08:22 UTC (rev 7440)
+++ trunk/sys/i386/linux/linux_sysvec.c 2016-02-03 05:38:00 UTC (rev 7441)
@@ -243,11 +243,13 @@
Elf32_Addr *uplatform;
struct ps_strings *arginfo;
register_t *pos;
+ int issetugid;
KASSERT(curthread->td_proc == imgp->proc,
("unsafe elf_linux_fixup(), should be curproc"));
p = imgp->proc;
+ issetugid = imgp->proc->p_flag & P_SUGID ? 1 : 0;
arginfo = (struct ps_strings *)p->p_sysent->sv_psstrings;
uplatform = (Elf32_Addr *)((caddr_t)arginfo - linux_szplatform);
args = (Elf32_Auxargs *)imgp->auxargs;
@@ -272,7 +274,7 @@
AUXARGS_ENTRY(pos, AT_FLAGS, args->flags);
AUXARGS_ENTRY(pos, AT_ENTRY, args->entry);
AUXARGS_ENTRY(pos, AT_BASE, args->base);
- AUXARGS_ENTRY(pos, LINUX_AT_SECURE, 0);
+ AUXARGS_ENTRY(pos, LINUX_AT_SECURE, issetugid);
AUXARGS_ENTRY(pos, AT_UID, imgp->proc->p_ucred->cr_ruid);
AUXARGS_ENTRY(pos, AT_EUID, imgp->proc->p_ucred->cr_svuid);
AUXARGS_ENTRY(pos, AT_GID, imgp->proc->p_ucred->cr_rgid);
More information about the Midnightbsd-cvs
mailing list