| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHk-=wiZj-C-ZjiJdhyCDGK07WXfeROj1ACaSy7OrxtpqQVe-g@mail.gmail.com>
Date: Wed, 24 Jan 2024 09:10:58 -0800
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Kees Cook <keescook@...omium.org>
Cc: Kevin Locke <kevin@...inlocke.name>, John Johansen <john.johansen@...onical.com>,
Josh Triplett <josh@...htriplett.org>, Mateusz Guzik <mjguzik@...il.com>,
Al Viro <viro@...iv.linux.org.uk>, linux-mm@...ck.org, linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org
Subject: Re: [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper
On Wed, 24 Jan 2024 at 08:54, Linus Torvalds
<torvalds@...ux-foundation.org> wrote:
>
> Hmm. That whole thing is disgusting. I think it should have checked
> FMODE_EXEC, and I have no idea why it doesn't.
Maybe because FMODE_EXEC gets set for uselib() calls too? I dunno. I
think it would be even better if we had the 'intent' flags from
'struct open_flags' available, but they aren't there in the
file_open() security chain.
Anyway, moving current->in_execve earlier looks fairly trivial, but I
worry about the randomness. I'd be *so*( much happier if this crazy
flag went away, and it got changed to look at the open intent instead.
Attached patch is ENTIRELY UNTESTED. And disgusting.
I went back and looked. This whole disgusting thing goes back to 2009
and commit f9ce1f1cda8b ("Add in_execve flag into task_struct").
Linus
View attachment "patch.diff" of type "text/x-patch" (1795 bytes)
Powered by blists - more mailing lists