linux-kernel - [PATCH 3/6] exec: Stop open coding mutex_lock_killable of cred_guard

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives

Hash Suite: Windows password security audit tool. GUI, reports in PDF.

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Message-ID: <87blmy6zay.fsf_-_@x220.int.ebiederm.org>
Date:   Fri, 08 May 2020 13:45:25 -0500
From:   ebiederm@...ssion.com (Eric W. Biederman)
To:     <linux-kernel@...r.kernel.org>
Cc:     Linus Torvalds <torvalds@...ux-foundation.org>,
        Oleg Nesterov <oleg@...hat.com>, Jann Horn <jannh@...gle.com>,
        Kees Cook <keescook@...omium.org>,
        Greg Ungerer <gerg@...ux-m68k.org>,
        Rob Landley <rob@...dley.net>,
        Bernd Edlinger <bernd.edlinger@...mail.de>,
        <linux-fsdevel@...r.kernel.org>, Al Viro <viro@...IV.linux.org.uk>,
        Alexey Dobriyan <adobriyan@...il.com>,
        Andrew Morton <akpm@...ux-foundation.org>
Subject: [PATCH 3/6] exec: Stop open coding mutex_lock_killable of cred_guard_mutex


Oleg modified the code that did
"mutex_lock_interruptible(&current->cred_guard_mutex)" to return
-ERESTARTNOINTR instead of -EINTR, so that userspace will never see a
failure to grab the mutex.

Slightly earlier Liam R. Howlett defined mutex_lock_killable for
exactly the same situation but it does it a little more cleanly.

Switch the code to mutex_lock_killable so that it is clearer what the
code is doing.

Ref: ad776537cc6b ("Add mutex_lock_killable")
Ref: 793285fcafce ("cred_guard_mutex: do not return -EINTR to user-space")
Signed-off-by: "Eric W. Biederman" <ebiederm@...ssion.com>
---
 fs/exec.c       | 5 +++--
 kernel/ptrace.c | 4 ++--
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/fs/exec.c b/fs/exec.c
index 82106241ed53..11a5c073aa35 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1493,8 +1493,9 @@ EXPORT_SYMBOL(finalize_exec);
  */
 static int prepare_bprm_creds(struct linux_binprm *bprm)
 {
-	if (mutex_lock_interruptible(&current->signal->cred_guard_mutex))
-		return -ERESTARTNOINTR;
+	int retval = mutex_lock_killable(&current->signal->cred_guard_mutex);
+	if (retval)
+		return retval;
 
 	bprm->cred = prepare_exec_creds();
 	if (likely(bprm->cred))
diff --git a/kernel/ptrace.c b/kernel/ptrace.c
index 43d6179508d6..1876b3392488 100644
--- a/kernel/ptrace.c
+++ b/kernel/ptrace.c
@@ -391,8 +391,8 @@ static int ptrace_attach(struct task_struct *task, long request,
 	 * SUID, SGID and LSM creds get determined differently
 	 * under ptrace.
 	 */
-	retval = -ERESTARTNOINTR;
-	if (mutex_lock_interruptible(&task->signal->cred_guard_mutex))
+	retval = mutex_lock_killable(&task->signal->cred_guard_mutex);
+	if (retval)
 		goto out;
 
 	task_lock(task);
-- 
2.20.1