[PATCH v2 0/8] exec: Control flow simplifications
Eric W. Biederman
ebiederm at xmission.com
Wed May 20 22:12:10 UTC 2020
I have pushed this out to:
git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git exec-next
I have collected up the acks and reviewed-by's, and fixed a couple of
typos but that is it.
If we need comment fixes or additional cleanups we can apply that on top
of this series. This way the code can sit in linux-next until the
merge window opens.
Before I pushed this out I also tested this with Kees new test of
binfmt_misc and did not find any problems.
Eric
The git range-diff of the changes I applied before pushing this out:
1: f6bb0d6563ca ! 1: 87b047d2be41 exec: Teach prepare_exec_creds how exec treats uids & gids
@@ Commit message
update bprm->cred are just need to handle special cases such
as setuid exec and change of domains.
+ Link: https://lkml.kernel.org/r/871rng22dm.fsf_-_@x220.int.ebiederm.org
+ Acked-by: Linus Torvalds <torvalds at linux-foundation.org>
+ Reviewed-by: Kees Cook <keescook at chromium.org>
Signed-off-by: "Eric W. Biederman" <ebiederm at xmission.com>
## kernel/cred.c ##
2: d3b3594be22f ! 2: b8bff599261c exec: Factor security_bprm_creds_for_exec out of security_bprm_set_creds
@@ Commit message
Add or upate comments a appropriate to bring them up to date and
to reflect this change.
+ Link: https://lkml.kernel.org/r/87v9kszrzh.fsf_-_@x220.int.ebiederm.org
+ Acked-by: Linus Torvalds <torvalds at linux-foundation.org>
+ Acked-by: Casey Schaufler <casey at schaufler-ca.com> # For the LSM and Smack bits
+ Reviewed-by: Kees Cook <keescook at chromium.org>
Signed-off-by: "Eric W. Biederman" <ebiederm at xmission.com>
## fs/exec.c ##
3: 65c651a77967 ! 3: d9d67b76eed6 exec: Convert security_bprm_set_creds into security_bprm_repopulate_creds
@@ Commit message
In short two renames and a move in the location of initializing
bprm->active_secureexec.
+ Link: https://lkml.kernel.org/r/87o8qkzrxp.fsf_-_@x220.int.ebiederm.org
+ Acked-by: Linus Torvalds <torvalds at linux-foundation.org>
+ Reviewed-by: Kees Cook <keescook at chromium.org>
Signed-off-by: "Eric W. Biederman" <ebiederm at xmission.com>
## fs/exec.c ##
4: 6d0d5da2b45e ! 4: dbf17e846ea9 exec: Allow load_misc_binary to call prepare_binfmt unconditionally
@@ Metadata
Author: Eric W. Biederman <ebiederm at xmission.com>
## Commit message ##
- exec: Allow load_misc_binary to call prepare_binfmt unconditionally
+ exec: Allow load_misc_binary to call prepare_binprm unconditionally
Add a flag preserve_creds that binfmt_misc can set to prevent
credentials from being updated. This allows binfmt_misc to always
- call prepare_binfmt. Allowing the credential computation logic to be
+ call prepare_binprm. Allowing the credential computation logic to be
consolidated.
Not replacing the credentials with the interpreters credentials is
@@ Commit message
exec sees.
Ref: c407c033de84 ("[PATCH] binfmt_misc: improve calculation of interpreter's credentials")
+ Link: https://lkml.kernel.org/r/87imgszrwo.fsf_-_@x220.int.ebiederm.org
+ Acked-by: Linus Torvalds <torvalds at linux-foundation.org>
+ Reviewed-by: Kees Cook <keescook at chromium.org>
Signed-off-by: "Eric W. Biederman" <ebiederm at xmission.com>
## fs/binfmt_misc.c ##
5: af7db65c2483 ! 5: 8a8f3bb8ec41 exec: Move the call of prepare_binprm into search_binary_handler
@@ Commit message
search_binary_handler is called so move the call into search_binary_handler
itself to make the code simpler and easier to understand.
+ Link: https://lkml.kernel.org/r/87d070zrvx.fsf_-_@x220.int.ebiederm.org
+ Acked-by: Linus Torvalds <torvalds at linux-foundation.org>
+ Reviewed-by: Kees Cook <keescook at chromium.org>
+ Reviewed-by: James Morris <jamorris at linux.microsoft.com>
Signed-off-by: "Eric W. Biederman" <ebiederm at xmission.com>
## arch/alpha/kernel/binfmt_loader.c ##
6: 69fccdf33a87 ! 6: 01dbc34d75bf exec/binfmt_script: Don't modify bprm->buf and then return -ENOEXEC
@@ Commit message
has been take that the logic of the parsing code (short of replacing
characters by '\0') remains the same.
+ Link: https://lkml.kernel.org/r/874ksczru6.fsf_-_@x220.int.ebiederm.org
+ Acked-by: Linus Torvalds <torvalds at linux-foundation.org>
+ Reviewed-by: Kees Cook <keescook at chromium.org>
Signed-off-by: "Eric W. Biederman" <ebiederm at xmission.com>
## fs/binfmt_script.c ##
7: 30fe957c6dce ! 7: 6962a6b4de92 exec: Generic execfd support
@@ Commit message
In binfmt_misc the movement of fd_install into generic code means
that it's special error exit path is no longer needed.
+ Link: https://lkml.kernel.org/r/87y2poyd91.fsf_-_@x220.int.ebiederm.org
+ Acked-by: Linus Torvalds <torvalds at linux-foundation.org>
+ Reviewed-by: Kees Cook <keescook at chromium.org>
Signed-off-by: "Eric W. Biederman" <ebiederm at xmission.com>
## fs/binfmt_elf.c ##
@@ fs/exec.c: int begin_new_exec(struct linux_binprm * bprm)
*/
set_mm_exe_file(bprm->mm, bprm->file);
-+ /* If the binary is not readable than enforce mm->dumpable=0 */
++ /* If the binary is not readable then enforce mm->dumpable=0 */
would_dump(bprm, bprm->file);
+ if (bprm->have_execfd)
+ would_dump(bprm, bprm->executable);
8: f0a27d0fde69 ! 8: 226ce5863881 exec: Remove recursion from search_binary_handler
@@ Commit message
reassignments of bprm->file moved to exec_binprm bprm->file can never
be NULL in search_binary_handler.
+ Link: https://lkml.kernel.org/r/87sgfwyd84.fsf_-_@x220.int.ebiederm.org
+ Acked-by: Linus Torvalds <torvalds at linux-foundation.org>
+ Reviewed-by: Kees Cook <keescook at chromium.org>
Signed-off-by: "Eric W. Biederman" <ebiederm at xmission.com>
## arch/alpha/kernel/binfmt_loader.c ##
More information about the Linux-security-module-archive
mailing list