lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 31 Jan 2022 18:10:23 +0100 From: Christian Brauner <brauner@...nel.org> To: Eryu Guan <guan@...u.me>, fstests@...r.kernel.org Cc: Ariadne Conill <ariadne@...eferenced.org>, Kees Cook <keescook@...omium.org>, Rich Felker <dalias@...c.org>, Michael Kerrisk <mtk.manpages@...il.com>, Andrew Morton <akpm@...ux-foundation.org>, Matthew Wilcox <willy@...radead.org>, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org, Christian Brauner <brauner@...nel.org>, Eryu Guan <guaneryu@...il.com> Subject: [PATCH] generic/633: adapt execveat() invocations There's a push by Ariadne to enforce that argv[0] cannot be NULL. So far we've allowed this. Fix the execveat() invocations to set argv[0] to the name of the file we're about to execute. Cc: Ariadne Conill <ariadne@...eferenced.org> Cc: Kees Cook <keescook@...omium.org> Cc: Rich Felker <dalias@...c.org> Cc: Eryu Guan <guaneryu@...il.com> Cc: Michael Kerrisk <mtk.manpages@...il.com> Cc: Andrew Morton <akpm@...ux-foundation.org> Cc: Matthew Wilcox <willy@...radead.org> Cc: fstests@...r.kernel.org Cc: linux-fsdevel@...r.kernel.org Cc: linux-kernel@...r.kernel.org Link: https://lore.kernel.org/lkml/20220127000724.15106-1-ariadne@dereferenced.org Signed-off-by: Christian Brauner <brauner@...nel.org> --- src/idmapped-mounts/idmapped-mounts.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/idmapped-mounts/idmapped-mounts.c b/src/idmapped-mounts/idmapped-mounts.c index 4cf6c3bb..76b559ae 100644 --- a/src/idmapped-mounts/idmapped-mounts.c +++ b/src/idmapped-mounts/idmapped-mounts.c @@ -3598,7 +3598,7 @@ static int setid_binaries(void) NULL, }; static char *argv[] = { - NULL, + "", }; if (!expected_uid_gid(t_dir1_fd, FILE1, 0, 5000, 5000)) @@ -3726,7 +3726,7 @@ static int setid_binaries_idmapped_mounts(void) NULL, }; static char *argv[] = { - NULL, + "", }; if (!expected_uid_gid(open_tree_fd, FILE1, 0, 15000, 15000)) @@ -3865,7 +3865,7 @@ static int setid_binaries_idmapped_mounts_in_userns(void) NULL, }; static char *argv[] = { - NULL, + "", }; if (!switch_userns(attr.userns_fd, 0, 0, false)) @@ -3924,7 +3924,7 @@ static int setid_binaries_idmapped_mounts_in_userns(void) NULL, }; static char *argv[] = { - NULL, + "", }; if (!caps_supported()) { @@ -3992,7 +3992,7 @@ static int setid_binaries_idmapped_mounts_in_userns(void) NULL, }; static char *argv[] = { - NULL, + "", }; if (!switch_userns(attr.userns_fd, 0, 0, false)) @@ -4150,7 +4150,7 @@ static int setid_binaries_idmapped_mounts_in_userns_separate_userns(void) NULL, }; static char *argv[] = { - NULL, + "", }; userns_fd = get_userns_fd(0, 10000, 10000); @@ -4214,7 +4214,7 @@ static int setid_binaries_idmapped_mounts_in_userns_separate_userns(void) NULL, }; static char *argv[] = { - NULL, + "", }; userns_fd = get_userns_fd(0, 10000, 10000); @@ -4286,7 +4286,7 @@ static int setid_binaries_idmapped_mounts_in_userns_separate_userns(void) NULL, }; static char *argv[] = { - NULL, + "", }; userns_fd = get_userns_fd(0, 10000, 10000); base-commit: d8dee1222ecdfa1cff1386a61248e587eb3b275d -- 2.32.0
Powered by blists - more mailing lists