Received: by 2002:a25:868d:0:0:0:0:0 with SMTP id z13csp614549ybk; Sat, 9 May 2020 12:45:42 -0700 (PDT) X-Google-Smtp-Source: APiQypIpHaWEq0PjRYJB4hhLxQp444wV58c+v/vMfrkSHRUfvaFJSq9zpEK1nAfDR4WY4e+5HyHJ X-Received: by 2002:aa7:d30c:: with SMTP id p12mr7229036edq.19.1589053542386; Sat, 09 May 2020 12:45:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1589053542; cv=none; d=google.com; s=arc-20160816; b=n/DNlY41hdHKAqRfm5yTIwLnReZ18H/TcJwvULpZJ0UhQN8BOPgzuBJXqu+RkB6wwG rzZ16E+iQv6YMzrbR+45PiZlKBM+7E3C1PBae/BGmSP3Q2vJ4s6Ve6rEC1liI94Z+QX4 jXJMrurN1fRcbZbWGcLITQtOh16toJrJgw7efGtXr3uoxspfa25Kk+/NdshzMrwTr2bH Ec45je8bB4BASlYADWthIYhEY7qycl4o9tuUflrmnJ2NlW+52+z1IR8/8xTMfBDnRHLv ijLj5h7neqkt90sxC9UKBrzHfXml9uO9QZhJB43RXe83V05Pxq/VipO8uoz4IwjH15BD Kipg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:subject:mime-version:user-agent :message-id:in-reply-to:date:references:cc:to:from; bh=SJhUBWVNP0FJ1EoRd2PuxJyENzcwgTjee+yrCsR/2mA=; b=HS4n7urrv/wIhyeNrqqxBCG1k9aihqEGNRaTPCAooxaPSU4m6P2V1YxNbRvspuhb7v IG5FVicXkqoC5+/HV2SuuQWyiefmujbyODE1cJFGVbgVRWam1bsKii66ntfrM2eTXYV1 jrdkslZMfJTY07Mubz5uzrwVM/J/FWrWGBZfQ/tkm8Y7cMr7fRXGHP3QhtyuwLXDbp9Y JTIg0MdaUOIlzHVkpsdTzr1g51IKgYnc1U5TOWy2m2E1ZEkBe/CamK142BNQhnZWQhKK 72sIOFKFt9/GUQaMjohX9ZXsRoz4VTq5jP+IDUgth9LPPQALXUUAhZkV+KT8bSTDhwHq cdFQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=xmission.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id a24si3028243eds.168.2020.05.09.12.45.19; Sat, 09 May 2020 12:45:42 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=xmission.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728332AbgEITnz (ORCPT + 99 others); Sat, 9 May 2020 15:43:55 -0400 Received: from out01.mta.xmission.com ([166.70.13.231]:53792 "EHLO out01.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727938AbgEITny (ORCPT ); Sat, 9 May 2020 15:43:54 -0400 Received: from in01.mta.xmission.com ([166.70.13.51]) by out01.mta.xmission.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1jXVNz-0002uX-Fb; Sat, 09 May 2020 13:43:47 -0600 Received: from ip68-227-160-95.om.om.cox.net ([68.227.160.95] helo=x220.xmission.com) by in01.mta.xmission.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.87) (envelope-from ) id 1jXVNy-0006US-Ht; Sat, 09 May 2020 13:43:47 -0600 From: ebiederm@xmission.com (Eric W. Biederman) To: Cc: Linus Torvalds , Oleg Nesterov , Jann Horn , Kees Cook , Greg Ungerer , Rob Landley , Bernd Edlinger , , Al Viro , Alexey Dobriyan , Andrew Morton , Casey Schaufler , linux-security-module@vger.kernel.org, James Morris , "Serge E. Hallyn" , Andy Lutomirski References: <87h7wujhmz.fsf@x220.int.ebiederm.org> <87sgga6ze4.fsf@x220.int.ebiederm.org> Date: Sat, 09 May 2020 14:40:17 -0500 In-Reply-To: <87sgga6ze4.fsf@x220.int.ebiederm.org> (Eric W. Biederman's message of "Fri, 08 May 2020 13:43:31 -0500") Message-ID: <87v9l4zyla.fsf_-_@x220.int.ebiederm.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-XM-SPF: eid=1jXVNy-0006US-Ht;;;mid=<87v9l4zyla.fsf_-_@x220.int.ebiederm.org>;;;hst=in01.mta.xmission.com;;;ip=68.227.160.95;;;frm=ebiederm@xmission.com;;;spf=neutral X-XM-AID: U2FsdGVkX19IOND8rj4bMCGwxstKDUfSmpiOWIeGpr4= X-SA-Exim-Connect-IP: 68.227.160.95 X-SA-Exim-Mail-From: ebiederm@xmission.com X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on sa08.xmission.com X-Spam-Level: * X-Spam-Status: No, score=1.3 required=8.0 tests=ALL_TRUSTED,BAYES_50, DCC_CHECK_NEGATIVE,XMNoVowels autolearn=disabled version=3.4.2 X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.4998] * 1.5 XMNoVowels Alpha-numberic number with no vowels * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa08 0; Body=1 Fuz1=1 Fuz2=1] X-Spam-DCC: ; sa08 0; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: *; X-Spam-Relay-Country: X-Spam-Timing: total 511 ms - load_scoreonly_sql: 0.03 (0.0%), signal_user_changed: 13 (2.6%), b_tie_ro: 12 (2.3%), parse: 0.81 (0.2%), extract_message_metadata: 2.3 (0.5%), get_uri_detail_list: 0.70 (0.1%), tests_pri_-1000: 3.6 (0.7%), tests_pri_-950: 1.26 (0.2%), tests_pri_-900: 1.10 (0.2%), tests_pri_-90: 160 (31.3%), check_bayes: 158 (31.0%), b_tokenize: 6 (1.1%), b_tok_get_all: 8 (1.6%), b_comp_prob: 2.2 (0.4%), b_tok_touch_all: 138 (26.9%), b_finish: 1.17 (0.2%), tests_pri_0: 311 (60.8%), check_dkim_signature: 0.43 (0.1%), check_dkim_adsp: 2.7 (0.5%), poll_dns_idle: 1.13 (0.2%), tests_pri_10: 3.8 (0.7%), tests_pri_500: 7 (1.4%), rewrite_mail: 0.00 (0.0%) Subject: [PATCH 0/5] exec: Control flow simplifications X-Spam-Flag: No X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600) X-SA-Exim-Scanned: Yes (on in01.mta.xmission.com) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org It is hard to follow the control flow in exec.c as the code has evolved over time and something that used to work one way now works another. This set of changes attempts to address the worst of that, to remove unnecessary work and to make the code a little easier to follow. The one rough point in my changes is cap_bprm_set_creds propbably needs a new name as I have taken it out of security_bprm_set_creds but my imagination failed to come up with anything better. Eric W. Biederman (5): exec: Call cap_bprm_set_creds directly from prepare_binprm exec: Directly call security_bprm_set_creds from __do_execve_file exec: Remove recursion from search_binary_handler exec: Allow load_misc_binary to call prepare_binfmt unconditionally exec: Move the call of prepare_binprm into search_binary_handler arch/alpha/kernel/binfmt_loader.c | 5 +---- fs/binfmt_em86.c | 7 +----- fs/binfmt_misc.c | 22 +++--------------- fs/binfmt_script.c | 5 +---- fs/exec.c | 47 +++++++++++++++++++++------------------ include/linux/binfmts.h | 11 ++------- include/linux/security.h | 2 +- security/apparmor/domain.c | 3 --- security/commoncap.c | 1 - security/selinux/hooks.c | 2 -- security/smack/smack_lsm.c | 3 --- security/tomoyo/tomoyo.c | 6 ----- 12 files changed, 34 insertions(+), 80 deletions(-) --- I think this is correct set of changes that makes things better but please look things over/review this code if you have any expertise in anything I am touching. Thank you, Eric