Hi!
From: Kees Cook keescook@chromium.org
[ Upstream commit 90383cc07895183c75a0db2460301c2ffd912359 ]
Just to help distinguish the fs->in_exec flag from the current->in_execve flag, add comments in check_unsafe_exec() and copy_fs() for more context. Also note that in_execve is only used by TOMOYO now.
These are just a whitespace changes, we should not need them.
Best regards, Pavel
+++ b/fs/exec.c @@ -1565,6 +1565,7 @@ static void check_unsafe_exec(struct linux_binprm *bprm) } rcu_read_unlock();
- /* "users" and "in_exec" locked for copy_fs() */ if (p->fs->users > n_fs) bprm->unsafe |= LSM_UNSAFE_SHARE; else
diff --git a/include/linux/sched.h b/include/linux/sched.h index aa015416c569..65cfe85de8d5 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -806,7 +806,7 @@ struct task_struct { */ unsigned sched_remote_wakeup:1;
- /* Bit to tell LSMs we're in execve(): */
- /* Bit to tell TOMOYO we're in execve(): */ unsigned in_execve:1; unsigned in_iowait:1;
#ifndef TIF_RESTORE_SIGMASK diff --git a/kernel/fork.c b/kernel/fork.c index 633b0af1d1a7..906dbaf25058 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -1452,6 +1452,7 @@ static int copy_fs(unsigned long clone_flags, struct task_struct *tsk) if (clone_flags & CLONE_FS) { /* tsk->fs is already what we want */ spin_lock(&fs->lock);
if (fs->in_exec) { spin_unlock(&fs->lock); return -EAGAIN;/* "users" and "in_exec" locked for check_unsafe_exec() */