From: Linus Torvalds torvalds@linux-foundation.org
commit 9f834ec18defc369d73ccf9e87a2790bfa05bf46 upstream.
We used to delay switching to the new credentials until after we had mapped the executable (and possible elf interpreter). That was kind of odd to begin with, since the new executable will actually then _run_ with the new creds, but whatever.
The bigger problem was that we also want to make sure that we turn off prof events and tracing before we start mapping the new executable state. So while this is a cleanup, it's also a fix for a possible information leak.
Reported-by: Robert Święcki robert@swiecki.net Tested-by: Peter Zijlstra peterz@infradead.org Acked-by: David Howells dhowells@redhat.com Acked-by: Oleg Nesterov oleg@redhat.com Acked-by: Andy Lutomirski luto@amacapital.net Acked-by: Eric W. Biederman ebiederm@xmission.com Cc: Willy Tarreau w@1wt.eu Cc: Kees Cook keescook@chromium.org Cc: Al Viro viro@zeniv.linux.org.uk Signed-off-by: Linus Torvalds torvalds@linux-foundation.org Cc: Federico Manuel Bento up201407890@fc.up.pt Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org
--- fs/binfmt_elf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
--- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c @@ -850,6 +850,7 @@ static int load_elf_binary(struct linux_ current->flags |= PF_RANDOMIZE;
setup_new_exec(bprm); + install_exec_creds(bprm);
/* Do this so that we can load the interpreter, if need be. We will change some of these later */ @@ -1084,7 +1085,6 @@ static int load_elf_binary(struct linux_ goto out; #endif /* ARCH_HAS_SETUP_ADDITIONAL_PAGES */
- install_exec_creds(bprm); retval = create_elf_tables(bprm, &loc->elf_ex, load_addr, interp_load_addr); if (retval < 0)