Received: by 2002:a25:e74b:0:0:0:0:0 with SMTP id e72csp1152744ybh; Sun, 19 Jul 2020 10:07:21 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzK4zCPTP/Hqjv0+VnivNULMQHtttoE9uoA/68apTLRZF881DcCW5Hho2oKDmcyEYkCSOba X-Received: by 2002:a05:6402:a58:: with SMTP id bt24mr18552162edb.333.1595178441556; Sun, 19 Jul 2020 10:07:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1595178441; cv=none; d=google.com; s=arc-20160816; b=PY09gOHP/TZGqE50Qf0Va5VWWNlUJxy19jYsGkKOB+Nzy5SuBZYfOoGh2rYZT8oyxj XlX2nsGw2haspcCMWIQ9yCWDOkIYb4hDlIEDbqMR7ny1RvBXL/fdlZaM2sbRsma2mLEk redHWTUyF/wzD+n40mE1kc2X/oidRPfxRcL8IETZ6BnHUqYaTJFC8lzlCJkyA1jYA1pG i5y2hAngfeExu0bR8Sqhycgwc5mwrvWjX4pYlmvxvu0QqZrK5HGFhiyDuj6Iauk5cY+y O4f12jiRUtlq5Eo0D5Huey23A4BIAMWzDPVxIZ+YP6t6jCzRkA+eYEwZ+e1Ihm3+XnHN 53rg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=0OX2k7XM0DPUCfeGXYRJ71jNPnIfTRUXpzgbco8pBXM=; b=QZC6DlAfkWBaG2dSkZlo2M9x2HpiVneQAOirnAEkH/Yn9XvwGZ46o+HdgI7oUsI5+U 5nLjaX/qQN9D35ewuEeT4krhAnOZOS9PWzXBt+bKLomnPjewd4GFxsjyCDglqf5iMhkc Ho9rodWzH1yPoyfQADWjMr044EpnyOpGl4pp8HRTPKCOuuwNe0m46vyah/fN5eDVpzIB nAkDHFsHjLEoS9e+QeGgL0YQ1ehXATYodkMSNq65DeTXwst13W7JGJgkEhjBGmigxeEz 2dQ9Su9YdJd3jl5LEzLIptNbfGo77jchOxeppiqAWjsmnE54aRePZhJnNwqAY3xvTLNs Qbbw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id by7si8739968edb.303.2020.07.19.10.06.59; Sun, 19 Jul 2020 10:07:21 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726508AbgGSRFs (ORCPT + 99 others); Sun, 19 Jul 2020 13:05:48 -0400 Received: from mail.hallyn.com ([178.63.66.53]:53560 "EHLO mail.hallyn.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726085AbgGSRFr (ORCPT ); Sun, 19 Jul 2020 13:05:47 -0400 Received: by mail.hallyn.com (Postfix, from userid 1001) id 612ACE93; Sun, 19 Jul 2020 12:05:45 -0500 (CDT) Date: Sun, 19 Jul 2020 12:05:45 -0500 From: "Serge E. Hallyn" To: Adrian Reber Cc: Christian Brauner , Eric Biederman , Pavel Emelyanov , Oleg Nesterov , Dmitry Safonov <0x7f454c46@gmail.com>, Andrei Vagin , Nicolas Viennot , =?utf-8?B?TWljaGHFgiBDxYJhcGnFhHNraQ==?= , Kamil Yurtsever , Dirk Petersen , Christine Flood , Casey Schaufler , Mike Rapoport , Radostin Stoyanov , Cyrill Gorcunov , Serge Hallyn , Stephen Smalley , Sargun Dhillon , Arnd Bergmann , linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, Eric Paris , Jann Horn , linux-fsdevel@vger.kernel.org Subject: Re: [PATCH v6 6/7] prctl: exe link permission error changed from -EINVAL to -EPERM Message-ID: <20200719170545.GB3936@mail.hallyn.com> References: <20200719100418.2112740-1-areber@redhat.com> <20200719100418.2112740-7-areber@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200719100418.2112740-7-areber@redhat.com> User-Agent: Mutt/1.9.4 (2018-02-28) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Jul 19, 2020 at 12:04:16PM +0200, Adrian Reber wrote: > From: Nicolas Viennot > > This brings consistency with the rest of the prctl() syscall where > -EPERM is returned when failing a capability check. > > Signed-off-by: Nicolas Viennot > Signed-off-by: Adrian Reber Ok, i see how EINVAL snuck its way in there through validate_prctl_map()s evolution :) Reviewed-by: Serge Hallyn > --- > kernel/sys.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/kernel/sys.c b/kernel/sys.c > index a3f4ef0bbda3..ca11af9d815d 100644 > --- a/kernel/sys.c > +++ b/kernel/sys.c > @@ -2015,7 +2015,7 @@ static int prctl_set_mm_map(int opt, const void __user *addr, unsigned long data > * This may have implications in the tomoyo subsystem. > */ > if (!checkpoint_restore_ns_capable(current_user_ns())) > - return -EINVAL; > + return -EPERM; > > error = prctl_set_mm_exe_file(mm, prctl_map.exe_fd); > if (error) > -- > 2.26.2