From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id A71FEC46CD2
	for <linux-mm@archiver.kernel.org>; Wed, 24 Jan 2024 19:39:48 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 256338D0008; Wed, 24 Jan 2024 14:39:48 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 205DA8D0001; Wed, 24 Jan 2024 14:39:48 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 0CDF88D0008; Wed, 24 Jan 2024 14:39:48 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15])
	by kanga.kvack.org (Postfix) with ESMTP id 010158D0001
	for <linux-mm@kvack.org>; Wed, 24 Jan 2024 14:39:47 -0500 (EST)
Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay01.hostedemail.com (Postfix) with ESMTP id B5B3B1C17B4
	for <linux-mm@kvack.org>; Wed, 24 Jan 2024 19:39:47 +0000 (UTC)
X-FDA: 81715219614.15.D56052B
Received: from vulcan.kevinlocke.name (vulcan.kevinlocke.name [107.191.43.88])
	by imf11.hostedemail.com (Postfix) with ESMTP id D333640019
	for <linux-mm@kvack.org>; Wed, 24 Jan 2024 19:39:45 +0000 (UTC)
Authentication-Results: imf11.hostedemail.com;
	dkim=none;
	dmarc=pass (policy=none) header.from=kevinlocke.name;
	spf=pass (imf11.hostedemail.com: domain of kevin@kevinlocke.name designates 107.191.43.88 as permitted sender) smtp.mailfrom=kevin@kevinlocke.name
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1706125186;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=F+Zlj8yDqUy/uj451nk0vWDUSr/9Xc0ZiokYmRYFXns=;
	b=OeG34j7JY2kUaIrVLt9D4uY9Ea4leTLu1LgDYDOdt0+7nFwsEb8QETIoFTVRLEaN5Csuu5
	Ud80KvxicYaCLw2hUwVtA2Bu79cEWJWKaPp53+aI6sNC+UUR0Kzb7df9M4jj+YiNve/PK1
	GYCwcq4769TIYXtWnesWRq4rMHaSEuE=
ARC-Authentication-Results: i=1;
	imf11.hostedemail.com;
	dkim=none;
	dmarc=pass (policy=none) header.from=kevinlocke.name;
	spf=pass (imf11.hostedemail.com: domain of kevin@kevinlocke.name designates 107.191.43.88 as permitted sender) smtp.mailfrom=kevin@kevinlocke.name
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1706125186; a=rsa-sha256;
	cv=none;
	b=pddq+csoGuSQ3caV9f7CpVFk3an51V6A3psIHpiqysY5IpqN0WAWGI0A1XxOTdVwCzV5Eo
	aPzPd4mrUrkKohw1w0CaKPrl6H0fgiN1f2gYY6iB2PxOJOx8O9cBgCB5iAP/mWG56+nzif
	KxCNKzHMSf0oKvguLhz+Wm9L1C/uSBI=
Received: from kevinolos.kevinlocke.name (2600-6c67-5000-0a52-00e4-35b0-b82a-0c08.res6.spectrum.com [IPv6:2600:6c67:5000:a52:e4:35b0:b82a:c08])
	(Authenticated sender: kevin@kevinlocke.name)
	by vulcan.kevinlocke.name (Postfix) with ESMTPSA id 86E254143C5F;
	Wed, 24 Jan 2024 19:39:41 +0000 (UTC)
Received: by kevinolos.kevinlocke.name (Postfix, from userid 1000)
	id D511C1300145; Wed, 24 Jan 2024 12:39:38 -0700 (MST)
Date: Wed, 24 Jan 2024 12:39:38 -0700
From: Kevin Locke <kevin@kevinlocke.name>
To: Kees Cook <keescook@chromium.org>
Cc: Josh Triplett <josh@joshtriplett.org>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	John Johansen <john.johansen@canonical.com>,
	Paul Moore <paul@paul-moore.com>, James Morris <jmorris@namei.org>,
	"Serge E. Hallyn" <serge@hallyn.com>,
	Kentaro Takeda <takedakn@nttdata.co.jp>,
	Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>,
	Alexander Viro <viro@zeniv.linux.org.uk>,
	Christian Brauner <brauner@kernel.org>, Jan Kara <jack@suse.cz>,
	Eric Biederman <ebiederm@xmission.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	Sebastian Andrzej Siewior <bigeasy@linutronix.de>,
	linux-fsdevel@vger.kernel.org, linux-mm@kvack.org,
	apparmor@lists.ubuntu.com, linux-security-module@vger.kernel.org,
	linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org
Subject: Re: [PATCH] exec: Check __FMODE_EXEC instead of in_execve for LSMs
Message-ID: <ZbFneq3URF5lLAT7@kevinlocke.name>
Mail-Followup-To: Kevin Locke <kevin@kevinlocke.name>,
	Kees Cook <keescook@chromium.org>,
	Josh Triplett <josh@joshtriplett.org>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	John Johansen <john.johansen@canonical.com>,
	Paul Moore <paul@paul-moore.com>, James Morris <jmorris@namei.org>,
	"Serge E. Hallyn" <serge@hallyn.com>,
	Kentaro Takeda <takedakn@nttdata.co.jp>,
	Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>,
	Alexander Viro <viro@zeniv.linux.org.uk>,
	Christian Brauner <brauner@kernel.org>, Jan Kara <jack@suse.cz>,
	Eric Biederman <ebiederm@xmission.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	Sebastian Andrzej Siewior <bigeasy@linutronix.de>,
	linux-fsdevel@vger.kernel.org, linux-mm@kvack.org,
	apparmor@lists.ubuntu.com, linux-security-module@vger.kernel.org,
	linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org
References: <20240124192228.work.788-kees@kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20240124192228.work.788-kees@kernel.org>
X-Rspamd-Queue-Id: D333640019
X-Rspam-User: 
X-Rspamd-Server: rspam05
X-Stat-Signature: jar1ecqhwosuhsychx7i9ir6qqjko6p3
X-HE-Tag: 1706125185-892602
X-HE-Meta: U2FsdGVkX1/nHfYd8o2yaeeP0vEJkIVjWuwNrEs4DTqBiH/FD18MXcaKNVmJsnrGiOu6Mn5uJ0C677qkI4CcibggdeQxVR0mfQidkvQgBM3DOE8rm6vwFbuBNKDxbnKMATnWP7Ww1CPxlUxVFYfCxJ58lXHkB3FFb554RisCixRtkyieNXcwSVmYlemxSimLcdibR78TGlHmxzCWkNenB1PyMJZiDCORx9WT2Vrxni3FXR2v+jlV/iwaYzQg689bvOxJdXshso5U45SX13p3P/ImiqJl9UBvg2UqEY/atCQ8fhZyTmzGj5GBRYDcQc5b9l3QXMC7mq9+nZcj5dByAzse+1RJHeGdpW3TzY7XXhQyH3paiEGvQez8whCUtJfvdpz5ifRLCFqrkvYjkAyWALTBeJRoRpkf+9uhVXWRraZry9pjTCfytZSAzMeG9Gg8IwHR3VIc8bMTvArqZNtYC2p833PaPOwySXfMsNYAlnIIf8SeWK0iB7GBm5YnY8+BFo92lUUnlmFkrOGfVNV+g5M72jie4Zvuz6hJl3/WZkN8CUIwV2qjTIUZycI7vsGLXE+yEb0XjXyjDFJHjeFeWq16opg4WsGD2arkVldQOdsIIrEe1yOnWFv+9DaA+3GnUVOGwIqCFtkCvpak4yF5t1uTySso5aPPgivvDlU/jPl44jz2cV2k0RqzkrhCd4YMvUf5q9f7RqQhEMEvT74FJsi3WHnG6/B94bdIkJJcEYrOSiXadlTJ3VM8bBGAeGNsUWs2fjAdgzhxuPFiNs9li4vH51oEfX1jnOtItt6M2FekCgH5VS/ZB4n6/Gbo4cLkFb9+0RAVxyEsutfsxt+7AsNTqFliSPx1+FSx8ctFJYBmAEdkXMIFGp6KSMKh8nNSE6XgFszusu22q4MuU5bXkVrlCRpLKsZe6F899RSj0TwMjTQhRlwHyC+K4qfhndfY4NjfX5Aa0mCFi0iMWGe
 27R4bJeD
 kyGYzBaARaSXpL1TnoSEi0JJrAh2lp7TnUUl6fdDf/RobPfzA4rXhlH73bStr8R+m97dr2r8ivomKbOyTb965d/BojvCw2VSI/LGSwk09MaKUATExFkJfjQEP6O+vEPbavy2fCG1j/bws2DRqtL1oGkZbzAg38i7NUjy5V93WzeZnvF5POFGpx+PWAjXep7ryPvHaIlUDiIghOt/SFtdrZB6U7HxywViyy08sMgi26SIEzJf3RHuqlGlipg==
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

On Wed, 2024-01-24 at 11:22 -0800, Kees Cook wrote:
> After commit 978ffcbf00d8 ("execve: open the executable file before
> doing anything else"), current->in_execve was no longer in sync with the
> open(). This broke AppArmor and TOMOYO which depend on this flag to
> distinguish "open" operations from being "exec" operations.
> 
> Instead of moving around in_execve, switch to using __FMODE_EXEC, which
> is where the "is this an exec?" intent is stored. Note that TOMOYO still
> uses in_execve around cred handling.

It solves the AppArmor issue I was experiencing and I don't notice any
other issues.

Tested-by: Kevin Locke <kevin@kevinlocke.name>

Thanks!
Kevin