include/linux/binfmts.h

/* SPDX-License-Identifier: GPL-2.0 */
#ifndef _LINUX_BINFMTS_H
#define _LINUX_BINFMTS_H

#include <linux/sched.h>
#include <linux/unistd.h>
#include <asm/exec.h>
#include <uapi/linux/binfmts.h>

struct filename;

#define CORENAME_MAX_SIZE 128

/*
 * This structure is used to hold the arguments that are used when loading binaries.
 */
struct linux_binprm {
#ifdef CONFIG_MMU
	struct vm_area_struct *vma;
	unsigned long vma_pages;
#else
# define MAX_ARG_PAGES	32
	struct page *page[MAX_ARG_PAGES];
#endif
	struct mm_struct *mm;
	unsigned long p; /* current top of mem */
	unsigned long argmin; /* rlimit marker for copy_strings() */
	unsigned int
		/*
		 * True after the bprm_set_creds hook has been called once
		 * (multiple calls can be made via prepare_binprm() for
		 * binfmt_script/misc).
		 */
		called_set_creds:1,
		/*
		 * True if most recent call to the commoncaps bprm_set_creds
		 * hook (due to multiple prepare_binprm() calls from the
		 * binfmt_script/misc handlers) resulted in elevated
		 * privileges.
		 */
		cap_elevated:1,
		/*
		 * Set by bprm_set_creds hook to indicate a privilege-gaining
		 * exec has happened. Used to sanitize execution environment
		 * and to set AT_SECURE auxv for glibc.
		 */
		secureexec:1;
#ifdef __alpha__
	unsigned int taso:1;
#endif
	unsigned int recursion_depth; /* only for search_binary_handler() */
	struct file * file;
	struct cred *cred;	/* new credentials */
	int unsafe;		/* how unsafe this exec is (mask of LSM_UNSAFE_*) */
	unsigned int per_clear;	/* bits to clear in current->personality */
	int argc, envc;
	const char * filename;	/* Name of binary as seen by procps */
	const char * interp;	/* Name of the binary really executed. Most
				   of the time same as filename, but could be
				   different for binfmt_{misc,script} */
	unsigned interp_flags;
	unsigned interp_data;
	unsigned long loader, exec;

	struct rlimit rlim_stack; /* Saved RLIMIT_STACK used during exec. */

	char buf[BINPRM_BUF_SIZE];
} __randomize_layout;

#define BINPRM_FLAGS_ENFORCE_NONDUMP_BIT 0
#define BINPRM_FLAGS_ENFORCE_NONDUMP (1 << BINPRM_FLAGS_ENFORCE_NONDUMP_BIT)

/* fd of the binary should be passed to the interpreter */
#define BINPRM_FLAGS_EXECFD_BIT 1
#define BINPRM_FLAGS_EXECFD (1 << BINPRM_FLAGS_EXECFD_BIT)

/* filename of the binary will be inaccessible after exec */
#define BINPRM_FLAGS_PATH_INACCESSIBLE_BIT 2
#define BINPRM_FLAGS_PATH_INACCESSIBLE (1 << BINPRM_FLAGS_PATH_INACCESSIBLE_BIT)

/* Function parameter for binfmt->coredump */
struct coredump_params {
	const kernel_siginfo_t *siginfo;
	struct pt_regs *regs;
	struct file *file;
	unsigned long limit;
	unsigned long mm_flags;
	loff_t written;
	loff_t pos;
};

/*
 * This structure defines the functions that are used to load the binary formats that
 * linux accepts.
 */
struct linux_binfmt {
	struct list_head lh;
	struct module *module;
	int (*load_binary)(struct linux_binprm *);
	int (*load_shlib)(struct file *);
	int (*core_dump)(struct coredump_params *cprm);
	unsigned long min_coredump;	/* minimal dump size */
} __randomize_layout;

extern void __register_binfmt(struct linux_binfmt *fmt, int insert);

/* Registration of default binfmt handlers */
static inline void register_binfmt(struct linux_binfmt *fmt)
{
	__register_binfmt(fmt, 0);
}
/* Same as above, but adds a new binfmt at the top of the list */
static inline void insert_binfmt(struct linux_binfmt *fmt)
{
	__register_binfmt(fmt, 1);
}

extern void unregister_binfmt(struct linux_binfmt *);

extern int prepare_binprm(struct linux_binprm *);
extern int __must_check remove_arg_zero(struct linux_binprm *);
extern int search_binary_handler(struct linux_binprm *);
extern int flush_old_exec(struct linux_binprm * bprm);
extern void setup_new_exec(struct linux_binprm * bprm);
extern void finalize_exec(struct linux_binprm *bprm);
extern void would_dump(struct linux_binprm *, struct file *);

extern int suid_dumpable;

/* Stack area protections */
#define EXSTACK_DEFAULT   0	/* Whatever the arch defaults to */
#define EXSTACK_DISABLE_X 1	/* Disable executable stacks */
#define EXSTACK_ENABLE_X  2	/* Enable executable stacks */

extern int setup_arg_pages(struct linux_binprm * bprm,
			   unsigned long stack_top,
			   int executable_stack);
extern int transfer_args_to_stack(struct linux_binprm *bprm,
				  unsigned long *sp_location);
extern int bprm_change_interp(const char *interp, struct linux_binprm *bprm);
extern int copy_strings_kernel(int argc, const char *const *argv,
			       struct linux_binprm *bprm);
extern void install_exec_creds(struct linux_binprm *bprm);
extern void set_binfmt(struct linux_binfmt *new);
extern ssize_t read_code(struct file *, unsigned long, loff_t, size_t);

extern int do_execve(struct filename *,
		     const char __user * const __user *,
		     const char __user * const __user *);
extern int do_execveat(int, struct filename *,
		       const char __user * const __user *,
		       const char __user * const __user *,
		       int);
int do_execve_file(struct file *file, void *__argv, void *__envp);

#endif /* _LINUX_BINFMTS_H */
License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-01 15:07:57 +01:00			`/* SPDX-License-Identifier: GPL-2.0 */`
Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00			`#ifndef _LINUX_BINFMTS_H`
			`#define _LINUX_BINFMTS_H`

exec: fix use-after-free bug in setup_new_exec() 2012-02-04 10:47:10 +01:00			`#include <linux/sched.h>`
generic kernel_execve() 2012-09-30 13:20:09 -04:00			`#include <linux/unistd.h>`
the only place that needs to include asm/exec.h is linux/binfmts.h 2012-08-03 12:14:44 +04:00			`#include <asm/exec.h>`
UAPI: (Scripted) Disintegrate include/linux 2012-10-13 10:46:48 +01:00			`#include <uapi/linux/binfmts.h>`
Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
sched/headers, vfs/execve: Move the do_execve*() prototypes from <linux/sched.h> to <linux/binfmts.h> 2017-02-05 14:24:31 +01:00			`struct filename;`

make sysctl/kernel/core_pattern and fs/exec.c agree on maximum core filename size 2007-05-16 22:11:16 -07:00			`#define CORENAME_MAX_SIZE 128`

Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00			`/*`
			`* This structure is used to hold the arguments that are used when loading binaries.`
			`*/`
binfmt_elf: cleanups 2011-01-12 17:00:02 -08:00			`struct linux_binprm {`
mm: variable length argument support 2007-07-19 01:48:16 -07:00			`#ifdef CONFIG_MMU`
			`struct vm_area_struct *vma;`
exec: make argv/envp memory visible to oom-killer 2010-11-30 20:55:34 +01:00			`unsigned long vma_pages;`
mm: variable length argument support 2007-07-19 01:48:16 -07:00			`#else`
			`# define MAX_ARG_PAGES 32`
Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00			`struct page *page[MAX_ARG_PAGES];`
mm: variable length argument support 2007-07-19 01:48:16 -07:00			`#endif`
Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00			`struct mm_struct *mm;`
			`unsigned long p; /* current top of mem */`
exec: separate MM_ANONPAGES and RLIMIT_STACK accounting 2019-01-03 15:28:11 -08:00			`unsigned long argmin; /* rlimit marker for copy_strings() */`
struct linux_binprm: drop unused fields 2009-04-02 16:58:29 -07:00			`unsigned int`
exec: Rename bprm->cred_prepared to called_set_creds 2017-07-18 15:25:23 -07:00			`/*`
			`* True after the bprm_set_creds hook has been called once`
			`* (multiple calls can be made via prepare_binprm() for`
			`* binfmt_script/misc).`
			`*/`
			`called_set_creds:1,`
commoncap: Refactor to remove bprm_secureexec hook 2017-07-18 15:25:27 -07:00			`/*`
			`* True if most recent call to the commoncaps bprm_set_creds`
			`* hook (due to multiple prepare_binprm() calls from the`
			`* binfmt_script/misc handlers) resulted in elevated`
			`* privileges.`
			`*/`
			`cap_elevated:1,`
binfmt: Introduce secureexec flag 2017-07-18 15:25:22 -07:00			`/*`
			`* Set by bprm_set_creds hook to indicate a privilege-gaining`
			`* exec has happened. Used to sanitize execution environment`
			`* and to set AT_SECURE auxv for glibc.`
			`*/`
			`secureexec:1;`
alpha: introduce field 'taso' into struct linux_binprm 2008-10-15 22:02:37 -07:00			`#ifdef __alpha__`
			`unsigned int taso:1;`
			`#endif`
exec: kill "int depth" in search_binary_handler() 2013-09-11 14:24:39 -07:00			`unsigned int recursion_depth; /* only for search_binary_handler() */`
Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00			`struct file * file;`
CRED: Make execve() take advantage of copy-on-write credentials 2008-11-14 10:39:24 +11:00			`struct cred cred; / new credentials */`
			`int unsafe; /* how unsafe this exec is (mask of LSM_UNSAFE_) /`
			`unsigned int per_clear; /* bits to clear in current->personality */`
Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00			`int argc, envc;`
Make do_execve() take a const filename pointer 2010-08-17 23:52:56 +01:00			`const char * filename; /* Name of binary as seen by procps */`
			`const char * interp; /* Name of the binary really executed. Most`
Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00			`of the time same as filename, but could be`
			`different for binfmt_{misc,script} */`
			`unsigned interp_flags;`
			`unsigned interp_data;`
			`unsigned long loader, exec;`
exec: pin stack limit during exec 2018-04-10 16:35:01 -07:00
			`struct rlimit rlim_stack; /* Saved RLIMIT_STACK used during exec. */`
exec: move struct linux_binprm::buf 2019-05-14 15:44:40 -07:00
			`char buf[BINPRM_BUF_SIZE];`
randstruct: Mark various structs for randomization 2016-10-28 01:22:25 -07:00			`} __randomize_layout;`
Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
			`#define BINPRM_FLAGS_ENFORCE_NONDUMP_BIT 0`
			`#define BINPRM_FLAGS_ENFORCE_NONDUMP (1 << BINPRM_FLAGS_ENFORCE_NONDUMP_BIT)`

			`/* fd of the binary should be passed to the interpreter */`
			`#define BINPRM_FLAGS_EXECFD_BIT 1`
			`#define BINPRM_FLAGS_EXECFD (1 << BINPRM_FLAGS_EXECFD_BIT)`

syscalls: implement execveat() system call 2014-12-12 16:57:29 -08:00			`/* filename of the binary will be inaccessible after exec */`
			`#define BINPRM_FLAGS_PATH_INACCESSIBLE_BIT 2`
			`#define BINPRM_FLAGS_PATH_INACCESSIBLE (1 << BINPRM_FLAGS_PATH_INACCESSIBLE_BIT)`

mm: introduce coredump parameter structure 2009-12-17 15:27:16 -08:00			`/* Function parameter for binfmt->coredump */`
			`struct coredump_params {`
signal: Distinguish between kernel_siginfo and siginfo 2018-09-25 11:27:20 +02:00			`const kernel_siginfo_t *siginfo;`
mm: introduce coredump parameter structure 2009-12-17 15:27:16 -08:00			`struct pt_regs *regs;`
			`struct file *file;`
			`unsigned long limit;`
coredump: pass mm->flags as a coredump parameter for consistency 2010-03-05 13:44:12 -08:00			`unsigned long mm_flags;`
new helper: dump_emit() 2013-10-05 15:32:35 -04:00			`loff_t written;`
coredump: fix dumping through pipes 2016-06-05 23:14:14 +02:00			`loff_t pos;`
mm: introduce coredump parameter structure 2009-12-17 15:27:16 -08:00			`};`

Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00			`/*`
			`* This structure defines the functions that are used to load the binary formats that`
			`* linux accepts.`
			`*/`
			`struct linux_binfmt {`
Use list_head in binfmt handling 2007-10-16 23:26:03 -07:00			`struct list_head lh;`
Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00			`struct module *module;`
get rid of pt_regs argument of ->load_binary() 2012-10-20 22:00:48 -04:00			`int (load_binary)(struct linux_binprm );`
Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00			`int (load_shlib)(struct file );`
mm: introduce coredump parameter structure 2009-12-17 15:27:16 -08:00			`int (core_dump)(struct coredump_params cprm);`
Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00			`unsigned long min_coredump; /* minimal dump size */`
randstruct: Mark various structs for randomization 2016-10-28 01:22:25 -07:00			`} __randomize_layout;`
Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
__register_binfmt() made void 2012-03-17 03:05:16 -04:00			`extern void __register_binfmt(struct linux_binfmt *fmt, int insert);`
alpha: binfmt_aout fix 2009-04-30 15:08:49 -07:00
			`/* Registration of default binfmt handlers */`
__register_binfmt() made void 2012-03-17 03:05:16 -04:00			`static inline void register_binfmt(struct linux_binfmt *fmt)`
alpha: binfmt_aout fix 2009-04-30 15:08:49 -07:00			`{`
__register_binfmt() made void 2012-03-17 03:05:16 -04:00			`__register_binfmt(fmt, 0);`
alpha: binfmt_aout fix 2009-04-30 15:08:49 -07:00			`}`
			`/* Same as above, but adds a new binfmt at the top of the list */`
__register_binfmt() made void 2012-03-17 03:05:16 -04:00			`static inline void insert_binfmt(struct linux_binfmt *fmt)`
alpha: binfmt_aout fix 2009-04-30 15:08:49 -07:00			`{`
__register_binfmt() made void 2012-03-17 03:05:16 -04:00			`__register_binfmt(fmt, 1);`
alpha: binfmt_aout fix 2009-04-30 15:08:49 -07:00			`}`

Make unregister_binfmt() return void 2007-10-16 23:26:04 -07:00			`extern void unregister_binfmt(struct linux_binfmt *);`
Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
			`extern int prepare_binprm(struct linux_binprm *);`
mm: variable length argument support 2007-07-19 01:48:16 -07:00			`extern int __must_check remove_arg_zero(struct linux_binprm *);`
get rid of pt_regs argument of search_binary_handler() 2012-10-20 21:53:31 -04:00			`extern int search_binary_handler(struct linux_binprm *);`
Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00			`extern int flush_old_exec(struct linux_binprm * bprm);`
Split 'flush_old_exec' into two functions 2010-01-28 22:14:42 -08:00			`extern void setup_new_exec(struct linux_binprm * bprm);`
exec: introduce finalize_exec() before start_thread() 2018-04-10 16:34:57 -07:00			`extern void finalize_exec(struct linux_binprm *bprm);`
consolidate BINPRM_FLAGS_ENFORCE_NONDUMP handling 2011-06-19 12:49:47 -04:00			`extern void would_dump(struct linux_binprm , struct file );`
Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
[PATCH] setuid core dump 2005-06-23 00:09:43 -07:00			`extern int suid_dumpable;`

Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00			`/* Stack area protections */`
			`#define EXSTACK_DEFAULT 0 /* Whatever the arch defaults to */`
			`#define EXSTACK_DISABLE_X 1 /* Disable executable stacks */`
			`#define EXSTACK_ENABLE_X 2 /* Enable executable stacks */`

			`extern int setup_arg_pages(struct linux_binprm * bprm,`
			`unsigned long stack_top,`
			`int executable_stack);`
elf_fdpic_transfer_args_to_stack(): make it generic 2016-07-24 11:30:18 -04:00			`extern int transfer_args_to_stack(struct linux_binprm *bprm,`
			`unsigned long *sp_location);`
exec: load_script: kill the onstack interp[BINPRM_BUF_SIZE] array 2017-10-03 16:15:42 -07:00			`extern int bprm_change_interp(const char interp, struct linux_binprm bprm);`
Make do_execve() take a const filename pointer 2010-08-17 23:52:56 +01:00			`extern int copy_strings_kernel(int argc, const char const argv,`
			`struct linux_binprm *bprm);`
CRED: Make execve() take advantage of copy-on-write credentials 2008-11-14 10:39:24 +11:00			`extern void install_exec_creds(struct linux_binprm *bprm);`
exec: fix set_binfmt() vs sys_delete_module() race 2009-09-23 15:56:59 -07:00			`extern void set_binfmt(struct linux_binfmt *new);`
new helper: read_code() 2013-04-13 20:31:37 -04:00			`extern ssize_t read_code(struct file *, unsigned long, loff_t, size_t);`
Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
sched/headers, vfs/execve: Move the do_execve*() prototypes from <linux/sched.h> to <linux/binfmts.h> 2017-02-05 14:24:31 +01:00			`extern int do_execve(struct filename *,`
			`const char __user * const __user *,`
			`const char __user * const __user *);`
			`extern int do_execveat(int, struct filename *,`
			`const char __user * const __user *,`
			`const char __user * const __user *,`
			`int);`
umh: introduce fork_usermode_blob() helper 2018-05-21 19:22:29 -07:00			`int do_execve_file(struct file file, void __argv, void *__envp);`
sched/headers, vfs/execve: Move the do_execve*() prototypes from <linux/sched.h> to <linux/binfmts.h> 2017-02-05 14:24:31 +01:00
Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00			`#endif /* _LINUX_BINFMTS_H */`