[PATCH 5/5] exec: Move the call of prepare_binprm into search_binary_handler
Kees Cook
keescook at chromium.org
Mon May 11 22:24:10 UTC 2020
On Sat, May 09, 2020 at 02:42:52PM -0500, Eric W. Biederman wrote:
>
> The code in prepare_binary_handler needs to be run every time
> search_binary_handler is called so move the call into search_binary_handler
> itself to make the code simpler and easier to understand.
>
> Signed-off-by: "Eric W. Biederman" <ebiederm at xmission.com>
Yes, nice. :) I don't see any ordering dependencies here. The only thing
I see is a potential for more "work done by kernel before bailing" in
the sense that the arg copying will be performed before we check the
kernel_read() result. I struggle to see how that might be a problem,
and this get us to fewer exec.c exports. Yay!
Reviewed-by: Kees Cook <keescook at chromium.org>
--
Kees Cook
More information about the Linux-security-module-archive
mailing list