[PATCH 7/7] exec: Implement kernel_execve
Kees Cook
keescook at chromium.org
Tue Jul 14 21:49:23 UTC 2020
On Tue, Jul 14, 2020 at 08:31:40AM -0500, Eric W. Biederman wrote:
> +static int count_strings_kernel(const char *const *argv)
> +{
> + int i;
> +
> + if (!argv)
> + return 0;
> +
> + for (i = 0; argv[i]; ++i) {
> + if (i >= MAX_ARG_STRINGS)
> + return -E2BIG;
> + if (fatal_signal_pending(current))
> + return -ERESTARTNOHAND;
> + cond_resched();
> + }
> + return i;
> +}
I notice count() is only ever called with MAX_ARG_STRINGS. Perhaps
refactor that too? (And maybe rename it to count_strings_user()?)
Otherwise, looks good:
Reviewed-by: Kees Cook <keescook at chromium.org>
--
Kees Cook
More information about the Linux-security-module-archive
mailing list