lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <AS8P193MB12857C4E9B8C7EEEA2506AF7E4A1A@AS8P193MB1285.EURP193.PROD.OUTLOOK.COM>
Date:   Mon, 30 Oct 2023 06:50:54 +0100
From:   Bernd Edlinger <bernd.edlinger@...mail.de>
To:     "Eric W. Biederman" <ebiederm@...ssion.com>
Cc:     Alexander Viro <viro@...iv.linux.org.uk>,
        Kees Cook <keescook@...omium.org>,
        "linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Christian Brauner <brauner@...nel.org>, linux-mm@...ck.org
Subject: Re: [PATCH] Fix error handling in begin_new_exec

Ping...

On 6/6/21 21:34, Eric W. Biederman wrote:
> Bernd Edlinger <bernd.edlinger@...mail.de> writes:
> 
>> If get_unused_fd_flags() fails, the error handling is incomplete
>> because bprm->cred is already set to NULL, and therefore
>> free_bprm will not unlock the cred_guard_mutex.
>> Note there are two error conditions which end up here,
>> one before and one after bprm->cred is cleared.
> 
> Acked-by: "Eric W. Biederman" <ebiederm@...ssion.com>
> 
> Yuck.  I wonder if there is a less error prone idiom we could be using
> here than testing bprm->cred in free_bprm.  Especially as this lock is
> expected to stay held through setup_new_exec.
> 
> Something feels too clever here.
> 
>> Fixes: b8a61c9e7b4 ("exec: Generic execfd support")

Note, ./scripts/checkpatch.pl complains about the too
short commit hash here, I overlooked that previously: 
WARNING: Please use correct Fixes: style 'Fixes: <12 chars of sha1> ("<title line>")'
 - ie: 'Fixes: b8a61c9e7b4a ("exec: Generic execfd support")'

Could you please fix that before merging,
the correct Fixes reference would be:
Fixes: b8a61c9e7b4a ("exec: Generic execfd support")


Thanks
Bernd.

>>
>> Signed-off-by: Bernd Edlinger <bernd.edlinger@...mail.de>
>> ---
>>  fs/exec.c | 3 +++
>>  1 file changed, 3 insertions(+)
>>
>> diff --git a/fs/exec.c b/fs/exec.c
>> index 18594f1..d8af85f 100644
>> --- a/fs/exec.c
>> +++ b/fs/exec.c
>> @@ -1396,6 +1396,9 @@ int begin_new_exec(struct linux_binprm * bprm)
>>  
>>  out_unlock:
>>  	up_write(&me->signal->exec_update_lock);
>> +	if (!bprm->cred)
>> +		mutex_unlock(&me->signal->cred_guard_mutex);
>> +
>>  out:
>>  	return retval;
>>  }

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ