| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 06 Jun 2021 14:34:53 -0500
From: ebiederm@...ssion.com (Eric W. Biederman)
To: Bernd Edlinger <bernd.edlinger@...mail.de>
Cc: Alexander Viro <viro@...iv.linux.org.uk>,
Kees Cook <keescook@...omium.org>,
"linux-fsdevel\@vger.kernel.org" <linux-fsdevel@...r.kernel.org>,
"linux-kernel\@vger.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] Fix error handling in begin_new_exec
Bernd Edlinger <bernd.edlinger@...mail.de> writes:
> If get_unused_fd_flags() fails, the error handling is incomplete
> because bprm->cred is already set to NULL, and therefore
> free_bprm will not unlock the cred_guard_mutex.
> Note there are two error conditions which end up here,
> one before and one after bprm->cred is cleared.
Acked-by: "Eric W. Biederman" <ebiederm@...ssion.com>
Yuck. I wonder if there is a less error prone idiom we could be using
here than testing bprm->cred in free_bprm. Especially as this lock is
expected to stay held through setup_new_exec.
Something feels too clever here.
> Fixes: b8a61c9e7b4 ("exec: Generic execfd support")
>
> Signed-off-by: Bernd Edlinger <bernd.edlinger@...mail.de>
> ---
> fs/exec.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/fs/exec.c b/fs/exec.c
> index 18594f1..d8af85f 100644
> --- a/fs/exec.c
> +++ b/fs/exec.c
> @@ -1396,6 +1396,9 @@ int begin_new_exec(struct linux_binprm * bprm)
>
> out_unlock:
> up_write(&me->signal->exec_update_lock);
> + if (!bprm->cred)
> + mutex_unlock(&me->signal->cred_guard_mutex);
> +
> out:
> return retval;
> }
Powered by blists - more mailing lists