[PATCH 11/11] exec: Remove the label after_setid from bprm_fill_uid

Eric W. Biederman ebiederm at xmission.com
Thu May 28 15:50:36 UTC 2020


There is nothing past the label after_setid in bprm_fill_uid so
replace code that jumps to it with return, and delete
the label entirely.

Signed-off-by: "Eric W. Biederman" <ebiederm at xmission.com>
---
 fs/exec.c | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/fs/exec.c b/fs/exec.c
index fc4edc7517a6..ccb552fcdcff 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1598,15 +1598,15 @@ static void bprm_fill_uid(struct linux_binprm *bprm)
 	kgid_t gid;
 
 	if (!mnt_may_suid(bprm->file->f_path.mnt))
-		goto after_setid;
+		return;
 
 	if (task_no_new_privs(current))
-		goto after_setid;
+		return;
 
 	inode = bprm->file->f_path.dentry->d_inode;
 	mode = READ_ONCE(inode->i_mode);
 	if (!(mode & (S_ISUID|S_ISGID)))
-		goto after_setid;
+		return;
 
 	/* Be careful if suid/sgid is set */
 	inode_lock(inode);
@@ -1620,7 +1620,7 @@ static void bprm_fill_uid(struct linux_binprm *bprm)
 	/* We ignore suid/sgid if there are no mappings for them in the ns */
 	if (!kuid_has_mapping(new->user_ns, uid) ||
 	    !kgid_has_mapping(new->user_ns, gid))
-		goto after_setid;
+		return;
 
 	/*
 	 * Is the root directory and working directory shared or is
@@ -1647,9 +1647,6 @@ static void bprm_fill_uid(struct linux_binprm *bprm)
 		bprm->secureexec = 1;
 		new->sgid = new->fsgid = new->egid = gid;
 	}
-
-after_setid:
-	;
 }
 
 /*
-- 
2.25.0



More information about the Linux-security-module-archive mailing list