Allow callers to specify the directory against which to resolve the helper's filename. Enables the running of helpers from private mounts.
Signed-off-by: Thomas Weißschuh <[email protected]> --- fs/coredump.c | 2 +- include/linux/umh.h | 3 ++- kernel/module/kmod.c | 2 +- kernel/umh.c | 9 ++++++--- lib/kobject_uevent.c | 2 +- security/keys/request_key.c | 2 +- 6 files changed, 12 insertions(+), 8 deletions(-) diff --git a/fs/coredump.c b/fs/coredump.c index bb6fdb1f458e..45df2387be3d 100644 --- a/fs/coredump.c +++ b/fs/coredump.c @@ -1015,7 +1015,7 @@ static bool coredump_pipe(struct core_name *cn, struct coredump_params *cprm, helper_argv[argi] = cn->corename + argv[argi]; helper_argv[argi] = NULL; - sub_info = call_usermodehelper_setup(helper_argv[0], helper_argv, NULL, + sub_info = call_usermodehelper_setup(AT_FDCWD, helper_argv[0], helper_argv, NULL, GFP_KERNEL, umh_coredump_setup, NULL, cprm); if (!sub_info) diff --git a/include/linux/umh.h b/include/linux/umh.h index daa6a7048c11..6670b9ff85d4 100644 --- a/include/linux/umh.h +++ b/include/linux/umh.h @@ -20,6 +20,7 @@ struct file; struct subprocess_info { struct work_struct work; struct completion *complete; + int dirfd; const char *path; char **argv; char **envp; @@ -34,7 +35,7 @@ extern int call_usermodehelper(const char *path, char **argv, char **envp, int wait); extern struct subprocess_info * -call_usermodehelper_setup(const char *path, char **argv, char **envp, +call_usermodehelper_setup(int dirfd, const char *path, char **argv, char **envp, gfp_t gfp_mask, int (*init)(struct subprocess_info *info, struct cred *new), void (*cleanup)(struct subprocess_info *), void *data); diff --git a/kernel/module/kmod.c b/kernel/module/kmod.c index a25dccdf7aa7..a85c57a707af 100644 --- a/kernel/module/kmod.c +++ b/kernel/module/kmod.c @@ -95,7 +95,7 @@ static int call_modprobe(char *orig_module_name, int wait) argv[3] = module_name; /* check free_modprobe_argv() */ argv[4] = NULL; - info = call_usermodehelper_setup(modprobe_path, argv, envp, GFP_KERNEL, + info = call_usermodehelper_setup(AT_FDCWD, modprobe_path, argv, envp, GFP_KERNEL, NULL, free_modprobe_argv, NULL); if (!info) goto free_module_name; diff --git a/kernel/umh.c b/kernel/umh.c index bab134fa8c36..5cdcba6005d9 100644 --- a/kernel/umh.c +++ b/kernel/umh.c @@ -106,7 +106,7 @@ static int call_usermodehelper_exec_async(void *data) commit_creds(new); wait_for_initramfs(); - retval = kernel_execve(AT_FDCWD, sub_info->path, + retval = kernel_execve(sub_info->dirfd, sub_info->path, (const char *const *)sub_info->argv, (const char *const *)sub_info->envp); out: @@ -331,6 +331,7 @@ static void helper_unlock(void) /** * call_usermodehelper_setup - prepare to call a usermode helper + * @dirfd: directory to resolve path against * @path: path to usermode executable * @argv: arg vector for process * @envp: environment for process @@ -352,7 +353,7 @@ static void helper_unlock(void) * Function must be runnable in either a process context or the * context in which call_usermodehelper_exec is called. */ -struct subprocess_info *call_usermodehelper_setup(const char *path, char **argv, +struct subprocess_info *call_usermodehelper_setup(int dirfd, const char *path, char **argv, char **envp, gfp_t gfp_mask, int (*init)(struct subprocess_info *info, struct cred *new), void (*cleanup)(struct subprocess_info *info), @@ -366,8 +367,10 @@ struct subprocess_info *call_usermodehelper_setup(const char *path, char **argv, INIT_WORK(&sub_info->work, call_usermodehelper_exec_work); #ifdef CONFIG_STATIC_USERMODEHELPER + sub_info->dirfd = AT_FDCWD; sub_info->path = CONFIG_STATIC_USERMODEHELPER_PATH; #else + sub_info->dirfd = dirfd; sub_info->path = path; #endif sub_info->argv = argv; @@ -484,7 +487,7 @@ int call_usermodehelper(const char *path, char **argv, char **envp, int wait) struct subprocess_info *info; gfp_t gfp_mask = (wait == UMH_NO_WAIT) ? GFP_ATOMIC : GFP_KERNEL; - info = call_usermodehelper_setup(path, argv, envp, gfp_mask, + info = call_usermodehelper_setup(AT_FDCWD, path, argv, envp, gfp_mask, NULL, NULL, NULL); if (info == NULL) return -ENOMEM; diff --git a/lib/kobject_uevent.c b/lib/kobject_uevent.c index ddbc4d7482d2..426ac83f1d2a 100644 --- a/lib/kobject_uevent.c +++ b/lib/kobject_uevent.c @@ -628,7 +628,7 @@ int kobject_uevent_env(struct kobject *kobj, enum kobject_action action, goto exit; retval = -ENOMEM; - info = call_usermodehelper_setup(env->argv[0], env->argv, + info = call_usermodehelper_setup(AT_FDCWD, env->argv[0], env->argv, env->envp, GFP_KERNEL, NULL, cleanup_uevent_env, env); if (info) { diff --git a/security/keys/request_key.c b/security/keys/request_key.c index a7673ad86d18..f6f3d4bc0bda 100644 --- a/security/keys/request_key.c +++ b/security/keys/request_key.c @@ -101,7 +101,7 @@ static int call_usermodehelper_keys(const char *path, char **argv, char **envp, { struct subprocess_info *info; - info = call_usermodehelper_setup(path, argv, envp, GFP_KERNEL, + info = call_usermodehelper_setup(AT_FDCWD, path, argv, envp, GFP_KERNEL, umh_keys_init, umh_keys_cleanup, session_keyring); if (!info) -- 2.53.0
