Merge branches 'tegra/board' and 'at91/board' into next/board

author: Arnd Bergmann <arnd@arndb.de> 2011-09-10 22:58:42 +0200
committer: Arnd Bergmann <arnd@arndb.de> 2011-09-10 22:58:42 +0200
commit: 72787aa866bfa6bcbd259e7a39b2f9a2f412794e (patch)
tree: 1769d854a26f444875f7cdfd9982fe494a4cff71 /fs/exec.c
parent: ad9f6677575e80ce23cb491d5ffb7b536772552e (diff)
parent: 0a072a247fa79979dd31813decb6b118d7d511fd (diff)
download: cachepc-linux-72787aa866bfa6bcbd259e7a39b2f9a2f412794e.tar.gz
cachepc-linux-72787aa866bfa6bcbd259e7a39b2f9a2f412794e.zip
1 files changed, 17 insertions, 0 deletions
diff --git a/fs/exec.c b/fs/exec.c
index da80612a35f4..25dcbe5fc356 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1459,6 +1459,23 @@ static int do_execve_common(const char *filename,
 	struct files_struct *displaced;
 	bool clear_in_exec;
 	int retval;
+	const struct cred *cred = current_cred();
+
+	/*
+	 * We move the actual failure in case of RLIMIT_NPROC excess from
+	 * set*uid() to execve() because too many poorly written programs
+	 * don't check setuid() return code.  Here we additionally recheck
+	 * whether NPROC limit is still exceeded.
+	 */
+	if ((current->flags & PF_NPROC_EXCEEDED) &&
+	    atomic_read(&cred->user->processes) > rlimit(RLIMIT_NPROC)) {
+		retval = -EAGAIN;
+		goto out_ret;
+	}
+
+	/* We're below the limit (still or again), so we don't want to make
+	 * further execve() calls fail. */
+	current->flags &= ~PF_NPROC_EXCEEDED;
 
 	retval = unshare_files(&displaced);
 	if (retval)
author	Arnd Bergmann <arnd@arndb.de>	2011-09-10 22:58:42 +0200
committer	Arnd Bergmann <arnd@arndb.de>	2011-09-10 22:58:42 +0200
commit	72787aa866bfa6bcbd259e7a39b2f9a2f412794e (patch)
tree	1769d854a26f444875f7cdfd9982fe494a4cff71 /fs/exec.c
parent	ad9f6677575e80ce23cb491d5ffb7b536772552e (diff)
parent	0a072a247fa79979dd31813decb6b118d7d511fd (diff)
download	cachepc-linux-72787aa866bfa6bcbd259e7a39b2f9a2f412794e.tar.gz cachepc-linux-72787aa866bfa6bcbd259e7a39b2f9a2f412794e.zip