From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3E233C47E49 for ; Wed, 24 Jan 2024 16:46:23 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id ACBCD8D0002; Wed, 24 Jan 2024 11:46:22 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id A7C5B8D0001; Wed, 24 Jan 2024 11:46:22 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 91CAF8D0002; Wed, 24 Jan 2024 11:46:22 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 7EE5A8D0001 for ; Wed, 24 Jan 2024 11:46:22 -0500 (EST) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 527DD1203DA for ; Wed, 24 Jan 2024 16:46:22 +0000 (UTC) X-FDA: 81714782604.24.ACFD1AD Received: from mail-ej1-f43.google.com (mail-ej1-f43.google.com [209.85.218.43]) by imf04.hostedemail.com (Postfix) with ESMTP id 3B2784000F for ; Wed, 24 Jan 2024 16:46:19 +0000 (UTC) Authentication-Results: imf04.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=google header.b=h6A8QEQs; spf=pass (imf04.hostedemail.com: domain of torvalds@linuxfoundation.org designates 209.85.218.43 as permitted sender) smtp.mailfrom=torvalds@linuxfoundation.org; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1706114780; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=gAV9hUjIFjsOqBZPLiRvCMjNyiBrTHJa47CjdZfZGyc=; b=FdLpjGC28it3CTWpu4hn6SUZE0Xhgpk3mCjen/2YNyBQnHfR9EnURk3sEmIJS8MBJtG8pt 1fDe9839Rj5cPbhg2LC5W0JH2kSV9xMF8v/SxDRP7eRcXZL1DV2h7iCHJprnDfZulZW/oz 9KuafXPEiWTt2f8n9YY54KXbWNaLQzs= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1706114780; a=rsa-sha256; cv=none; b=8TkVBzmaMzTQTcvo6SMkoT8OwyWmOqgNEaFb9RUy0f4Vs/HumzOGAs+Yaes1o3jVANEPx7 QS4Z+5l3nB/EmDGxDfEr46ZULjYumKq5G8dqVUerp+JoBLalSw+Q7THomSLsXsPxztlvgA 5UFXAMAOvHYLeFwcrBqfKhm0X65T19w= ARC-Authentication-Results: i=1; imf04.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=google header.b=h6A8QEQs; spf=pass (imf04.hostedemail.com: domain of torvalds@linuxfoundation.org designates 209.85.218.43 as permitted sender) smtp.mailfrom=torvalds@linuxfoundation.org; dmarc=none Received: by mail-ej1-f43.google.com with SMTP id a640c23a62f3a-a30e445602cso253056366b.0 for ; Wed, 24 Jan 2024 08:46:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; t=1706114778; x=1706719578; darn=kvack.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=gAV9hUjIFjsOqBZPLiRvCMjNyiBrTHJa47CjdZfZGyc=; b=h6A8QEQs7vbTsdbYXEPyJdE7hTd+SCVmawyzXZ+uZZYDsQ+wBmjbExvnJEyeSDgSt5 tuXvDgO07JKpdCxCecwt/838eg13OUSfhKexSATT6sqU0RIrxcGRDQOTHzQR42xSaRze +DNFmEiwxJ5wmLGaJGPs78E2z9GOxS6EdSrZM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706114778; x=1706719578; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=gAV9hUjIFjsOqBZPLiRvCMjNyiBrTHJa47CjdZfZGyc=; b=WMiomSSHbudO4tu7fJWu7lLFNme26YCJolCcUwzjHhRgQSYM6eL+/ARC4TC4Uhn4gQ xff82zBTMeweyWaFH2TcXmeB7aYXR0syhLxAmbyW24z2jijLdHKe8zRIAjvlGo8taclD VWLNKxOUT4CWLEKykbqPWIgeQSVlg01+09zZR4bEAa915FsXowxzQ93eVUiGU4KNyMs/ MMR2xmI+W+Yyr9l1VLRXnADd99IIyt/zA6T8/uhd7neKbCL682bXr0Z15PZqXidNr/su Lm+nwAYIbvNj4wLId9xm3QrBYfGWjPx2LywUuDFz5FSXMJdMgzfGhOJG+WYaZO+H0401 U0uA== X-Gm-Message-State: AOJu0Yyn7EfwUwTLtlSy7ItpVmi1mzyaJ3guDUyuE1qkuEU/RVahTqpb jARnJUBm9pUCUuIitJ9hnOSNm2/Z41EvTUpCXrTPSn2yGegF+adgBLZnmiGYOdZ/VrAtTXJDzsb Ra+xlvQ== X-Google-Smtp-Source: AGHT+IFz/JMdtkkfbMcX2u9sTLGSyUotPsa7WI9wFyquX8gTDKru6PR90aRt51xfPzQOsl0DC/ddEw== X-Received: by 2002:a17:907:160d:b0:a31:3ad3:4e6d with SMTP id cw13-20020a170907160d00b00a313ad34e6dmr939660ejd.4.1706114778287; Wed, 24 Jan 2024 08:46:18 -0800 (PST) Received: from mail-ed1-f53.google.com (mail-ed1-f53.google.com. [209.85.208.53]) by smtp.gmail.com with ESMTPSA id up26-20020a170907cc9a00b00a29d232ab76sm57838ejc.182.2024.01.24.08.46.17 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 24 Jan 2024 08:46:17 -0800 (PST) Received: by mail-ed1-f53.google.com with SMTP id 4fb4d7f45d1cf-55cdaa96f34so658765a12.1 for ; Wed, 24 Jan 2024 08:46:17 -0800 (PST) X-Received: by 2002:aa7:d44a:0:b0:55c:c7f5:4ce3 with SMTP id q10-20020aa7d44a000000b0055cc7f54ce3mr1287114edr.5.1706114777365; Wed, 24 Jan 2024 08:46:17 -0800 (PST) MIME-Version: 1.0 References: <202401240832.02940B1A@keescook> In-Reply-To: <202401240832.02940B1A@keescook> From: Linus Torvalds Date: Wed, 24 Jan 2024 08:46:00 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper To: Kees Cook Cc: Kevin Locke , John Johansen , Josh Triplett , Mateusz Guzik , Al Viro , linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 3B2784000F X-Rspam-User: X-Rspamd-Server: rspam11 X-Stat-Signature: rcwdx5i4n68fqq66gc84oxbzcyrmpwnx X-HE-Tag: 1706114779-489065 X-HE-Meta: U2FsdGVkX1+w1OxCm3yO2GB57FcINsgyphfGNRDiB05SLlLE9X5iXEYB56Vkmoli6J1Uek5XgkqGvKygL1NkOLSq/51qolPEHqG8hZed4QvCWOz5WqcL0tZG3YiQncTCqfcI8Z7osc6+5c8Qm5MZqWlsn4TtgxQEOL0eQiAQhaKJ3xjPHzX8X8NYxpcsaTRjnoXTjUUSJ1YxyhNw5R3MJCEC54W4MVMWKzC42M9QTcpuO8aEVWHlU/ESCgIaUk6DluUg+6qv+25qJ278a99pmcd16LSeiy2zxaRzycfzoeF/QoFTrpG7HIh93y8s8XWmmZegIWXsO2ry+9U5mDRDWbzN/UsHHGSCrO+0HMoXJgfgqzW3mEkpNRHTdeV72eFW5AXaB0b0PP3Cd1zQ4XSYUhq5qZc4Lq28QdDC6TWh+y6ZgfO2nBsfBkslBpr3I5khBeV5U1n1az9RQBYsyI1QMsxlPodqpyNVu97WGzGd+IjoFiBfUkHNdkBHuuaNrNWgOrZ8D47cEbYK96e58viK1/MYHU/M22y18frfeI1nxffJDxJBD4EHmvUGxmUh1p/mRW0f6d2ljj2mfrmEGNiJMMfuUjpBz2+fSufpfvaXStYvC7ihEM+fv8OEdnWES5+OqVCxelzYBx+8pLXTrlcHg+rkHtbgkQ2pwOysvUYNETmCuUDsbJ1oZcgitqqvtiesWecubwm8iSyoCed5sSD07wOxmrwxLl+zflkgrI0x+XrV01rmp+sL8tbfvhW7yxiRnWx4WYYoqYTmKVBBTrURwCc37nNdbTRrQXskx2eM7Zxo2yTDenyrdKYja4db5bG/XeAjNgMK2w1RCNvo8o11WpWNKFptm1g/OE02mE0L3byna8qYXlYK8yIQ51BbRjjp0gcI4PcOPMAybI6tW0zXVoQkxDdzQwBsWDjZLcy32R465CnNZ40FNzUTcMkALnKMSeS5GJavXXnaaqQsOnT UnmTqgys +Zk/5cx9ePPjKLoIAPh5kwbC53m3NwoAzkZD+sqFG+zZeo2otjj6Wl4BFCkFgLCt2mj5uZh552EUDO/TKWKui0CoAnTxG0fyjBF+kOXvotE2s69cLtDkgP+Lrhaf+DjkgL0ccfNoHuZCh2ri3tGCSAl2oQB8FFfC+UHBEDGHCUjf2Vm1AKG4yYYgJQhqRj3dbRZiqZrDeNJHowvzkTR2HDFsEXcIBvi1tMDfsIRS9PXC1IzUn3b+QacV+GM1FrhSdgI1kBzgkbv9T7ll3eiheKMBf2OTeZuLb30E7fGaUNIsmn/fru+Ewj8QNOLJhdvHgAjNpKqV4a8vofFgzeRxPq9m1FLbSlBfbJ/vWK+O6PTWFvvmo8n2S/qXSgzxBnOpMibvSfPD2rg2vt3ihXrMp0Cx/igUjnWHoa352ojf0C7+TG1DT0+wQIngcWSUqqpe75QiQcOAr0FFRPDsEsduSSZfiuow9VMNa9NTdGGB+9mPMA4By71vbpBtvwCY8plXJ9ZGH/oCfesh9vWg6QCyBMSzYdjR1FTtDjUjDO83rjotZv6jlw1NU4W+U6758ll0gQa18N4WQ+OdJNpQZgEUoF3lbJTKzPhmGWa+P X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Wed, 24 Jan 2024 at 08:35, Kees Cook wrote: > > Oh, yikes. This means the LSM lost the knowledge that this open is an > _exec_, not a _read_. > > I will starting looking at this. John might be able to point me in the > right direction more quickly, though. One obvious change in -rc1 is that the exec open was moved much earlier: commit 978ffcbf00d8 ("execve: open the executable file before doing anything else"). If the code ends up deciding "is this an exec" based on some state flag that hasn't been set, that would explain it. Something like "current->in_execve", perhaps? Linus