Bernd Edlinger <[email protected]> writes:
> If get_unused_fd_flags() fails, the error handling is incomplete
> because bprm->cred is already set to NULL, and therefore
> free_bprm will not unlock the cred_guard_mutex.
> Note there are two error conditions which end up here,
> one before and one after bprm->cred is cleared.
Acked-by: "Eric W. Biederman" <[email protected]>
Yuck. I wonder if there is a less error prone idiom we could be using
here than testing bprm->cred in free_bprm. Especially as this lock is
expected to stay held through setup_new_exec.
Something feels too clever here.
> Fixes: b8a61c9e7b4 ("exec: Generic execfd support")
>
> Signed-off-by: Bernd Edlinger <[email protected]>
> ---
> fs/exec.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/fs/exec.c b/fs/exec.c
> index 18594f1..d8af85f 100644
> --- a/fs/exec.c
> +++ b/fs/exec.c
> @@ -1396,6 +1396,9 @@ int begin_new_exec(struct linux_binprm * bprm)
>
> out_unlock:
> up_write(&me->signal->exec_update_lock);
> + if (!bprm->cred)
> + mutex_unlock(&me->signal->cred_guard_mutex);
> +
> out:
> return retval;
> }
Ping...
On 6/6/21 21:34, Eric W. Biederman wrote:
> Bernd Edlinger <[email protected]> writes:
>
>> If get_unused_fd_flags() fails, the error handling is incomplete
>> because bprm->cred is already set to NULL, and therefore
>> free_bprm will not unlock the cred_guard_mutex.
>> Note there are two error conditions which end up here,
>> one before and one after bprm->cred is cleared.
>
> Acked-by: "Eric W. Biederman" <[email protected]>
>
> Yuck. I wonder if there is a less error prone idiom we could be using
> here than testing bprm->cred in free_bprm. Especially as this lock is
> expected to stay held through setup_new_exec.
>
> Something feels too clever here.
>
>> Fixes: b8a61c9e7b4 ("exec: Generic execfd support")
Note, ./scripts/checkpatch.pl complains about the too
short commit hash here, I overlooked that previously:
WARNING: Please use correct Fixes: style 'Fixes: <12 chars of sha1> ("<title line>")'
- ie: 'Fixes: b8a61c9e7b4a ("exec: Generic execfd support")'
Could you please fix that before merging,
the correct Fixes reference would be:
Fixes: b8a61c9e7b4a ("exec: Generic execfd support")
Thanks
Bernd.
>>
>> Signed-off-by: Bernd Edlinger <[email protected]>
>> ---
>> fs/exec.c | 3 +++
>> 1 file changed, 3 insertions(+)
>>
>> diff --git a/fs/exec.c b/fs/exec.c
>> index 18594f1..d8af85f 100644
>> --- a/fs/exec.c
>> +++ b/fs/exec.c
>> @@ -1396,6 +1396,9 @@ int begin_new_exec(struct linux_binprm * bprm)
>>
>> out_unlock:
>> up_write(&me->signal->exec_update_lock);
>> + if (!bprm->cred)
>> + mutex_unlock(&me->signal->cred_guard_mutex);
>> +
>> out:
>> return retval;
>> }