From: Bernd Edlinger <bernd.edlinger@hotmail.de>
To: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>,
Kees Cook <keescook@chromium.org>,
"linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
Christian Brauner <brauner@kernel.org>,
linux-mm@kvack.org
Subject: Re: [PATCH] Fix error handling in begin_new_exec
Date: Mon, 30 Oct 2023 06:50:54 +0100 [thread overview]
Message-ID: <AS8P193MB12857C4E9B8C7EEEA2506AF7E4A1A@AS8P193MB1285.EURP193.PROD.OUTLOOK.COM> (raw)
In-Reply-To: <87mts2kcrm.fsf@disp2133>
Ping...
On 6/6/21 21:34, Eric W. Biederman wrote:
> Bernd Edlinger <bernd.edlinger@hotmail.de> writes:
>
>> If get_unused_fd_flags() fails, the error handling is incomplete
>> because bprm->cred is already set to NULL, and therefore
>> free_bprm will not unlock the cred_guard_mutex.
>> Note there are two error conditions which end up here,
>> one before and one after bprm->cred is cleared.
>
> Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>
>
> Yuck. I wonder if there is a less error prone idiom we could be using
> here than testing bprm->cred in free_bprm. Especially as this lock is
> expected to stay held through setup_new_exec.
>
> Something feels too clever here.
>
>> Fixes: b8a61c9e7b4 ("exec: Generic execfd support")
Note, ./scripts/checkpatch.pl complains about the too
short commit hash here, I overlooked that previously:
WARNING: Please use correct Fixes: style 'Fixes: <12 chars of sha1> ("<title line>")'
- ie: 'Fixes: b8a61c9e7b4a ("exec: Generic execfd support")'
Could you please fix that before merging,
the correct Fixes reference would be:
Fixes: b8a61c9e7b4a ("exec: Generic execfd support")
Thanks
Bernd.
>>
>> Signed-off-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
>> ---
>> fs/exec.c | 3 +++
>> 1 file changed, 3 insertions(+)
>>
>> diff --git a/fs/exec.c b/fs/exec.c
>> index 18594f1..d8af85f 100644
>> --- a/fs/exec.c
>> +++ b/fs/exec.c
>> @@ -1396,6 +1396,9 @@ int begin_new_exec(struct linux_binprm * bprm)
>>
>> out_unlock:
>> up_write(&me->signal->exec_update_lock);
>> + if (!bprm->cred)
>> + mutex_unlock(&me->signal->cred_guard_mutex);
>> +
>> out:
>> return retval;
>> }
next parent reply other threads:[~2023-10-30 5:50 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <AM8PR10MB47081071E64EAAB343196D5AE4399@AM8PR10MB4708.EURPRD10.PROD.OUTLOOK.COM>
[not found] ` <87mts2kcrm.fsf@disp2133>
2023-10-30 5:50 ` Bernd Edlinger [this message]
2024-01-15 19:22 ` [PATCH v2] " Bernd Edlinger
2024-01-22 18:34 ` [PATCH v3] " Bernd Edlinger
2024-01-22 20:53 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=AS8P193MB12857C4E9B8C7EEEA2506AF7E4A1A@AS8P193MB1285.EURP193.PROD.OUTLOOK.COM \
--to=bernd.edlinger@hotmail.de \
--cc=brauner@kernel.org \
--cc=ebiederm@xmission.com \
--cc=keescook@chromium.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox