[6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper

Linus Torvalds torvalds at linux-foundation.org
Wed Jan 24 16:54:58 UTC 2024


On Wed, 24 Jan 2024 at 08:46, Linus Torvalds
<torvalds at linux-foundation.org> wrote:
>
> If the code ends up deciding "is this an exec" based on some state
> flag that hasn't been set, that would explain it.
>
> Something like "current->in_execve", perhaps?

Yeah, that looks like exactly what some of the security layer is testing.

Hmm. That whole thing is disgusting. I think it should have checked
FMODE_EXEC, and I have no idea why it doesn't.

                 Linus



More information about the Linux-security-module-archive mailing list