From: Kees Cook keescook@chromium.org
[ Upstream commit 90383cc07895183c75a0db2460301c2ffd912359 ]
Just to help distinguish the fs->in_exec flag from the current->in_execve flag, add comments in check_unsafe_exec() and copy_fs() for more context. Also note that in_execve is only used by TOMOYO now.
Cc: Kentaro Takeda takedakn@nttdata.co.jp Cc: Tetsuo Handa penguin-kernel@i-love.sakura.ne.jp Cc: Alexander Viro viro@zeniv.linux.org.uk Cc: Christian Brauner brauner@kernel.org Cc: Jan Kara jack@suse.cz Cc: Eric Biederman ebiederm@xmission.com Cc: Andrew Morton akpm@linux-foundation.org Cc: Sebastian Andrzej Siewior bigeasy@linutronix.de Cc: linux-fsdevel@vger.kernel.org Cc: linux-mm@kvack.org Signed-off-by: Kees Cook keescook@chromium.org Signed-off-by: Sasha Levin sashal@kernel.org --- fs/exec.c | 1 + include/linux/sched.h | 2 +- kernel/fork.c | 1 + 3 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/fs/exec.c b/fs/exec.c index 283012eb1aeb..541ae913e683 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -1584,6 +1584,7 @@ static void check_unsafe_exec(struct linux_binprm *bprm) } rcu_read_unlock();
+ /* "users" and "in_exec" locked for copy_fs() */ if (p->fs->users > n_fs) bprm->unsafe |= LSM_UNSAFE_SHARE; else diff --git a/include/linux/sched.h b/include/linux/sched.h index 0cac69902ec5..4f955709a4ae 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -912,7 +912,7 @@ struct task_struct { */ unsigned sched_remote_wakeup:1;
- /* Bit to tell LSMs we're in execve(): */ + /* Bit to tell TOMOYO we're in execve(): */ unsigned in_execve:1; unsigned in_iowait:1; #ifndef TIF_RESTORE_SIGMASK diff --git a/kernel/fork.c b/kernel/fork.c index 85617928041c..354c644b6deb 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -1602,6 +1602,7 @@ static int copy_fs(unsigned long clone_flags, struct task_struct *tsk) if (clone_flags & CLONE_FS) { /* tsk->fs is already what we want */ spin_lock(&fs->lock); + /* "users" and "in_exec" locked for check_unsafe_exec() */ if (fs->in_exec) { spin_unlock(&fs->lock); return -EAGAIN;