Received: by 2002:a05:6a10:6744:0:0:0:0 with SMTP id w4csp4200590pxu; Mon, 12 Oct 2020 12:05:10 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw9zUigyjtaGgs8mK0/BUyh4x/J8DD63w3dpRgSF4if/oHl0p+YIr2Iwg+0u/sv4gdtmAWS X-Received: by 2002:a17:906:c35a:: with SMTP id ci26mr28204992ejb.98.1602529509792; Mon, 12 Oct 2020 12:05:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1602529509; cv=none; d=google.com; s=arc-20160816; b=TJp1kgUL2+B6FXSdBTklwNKwPb36K519g/kJayJRSVpkjc4tpj+yx/VthSttM7P3TI jD9W/L5xlAy+3OMQbE0fGfdrc3IePCXyTdeNF/IxE5udesvb3kup0EZ/1nOZn6v8nz4e eyvYNI+2yG1VWGI3/F6pQldpAC6yd2GS5agjSrrFKWT/zeibJdUxq0Bkhn5MckrlGDYv vxr62oqANlc2tasG4CWDHX+64kDPwtD9Frh+4rGA1jt3oVRaO5y7ow73/zaHmtERrqkz 3NiLIAV/TcyAb36uj+koepkriCnfpaynBlatdMWE7XBnUIOx+s7BVcw2A8ZadkxTWW24 yHtQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=oSKr0mwhazjCPnyxHTuAhT2qA0gpLPxfXi9KwQMayqI=; b=T1ssKEKdZETktU7opBeX1ATsNP4bcXouFm6dgF03btWWnf97Om6qjTNHpGdxce8rFx xVUcRsfqmDw8RFp0OJuDaeW1ah2f96GndevR0KRk1K+W3nd+nodNWiHzTNud4gfr9J1U 0zm5ewTTkHc6haJ9BmFEye02l9SBg6IXMAbPUVpMWK2CxLjTKmp6mpGxJFrVGeBcTdJL xGOeonmXIwRQRXToTHcVMUkhNLrrDB0njoTAVOxhpkU8u+HTiOg5yyv15RtqF26a807c Mb0K30viIk4SCQSi4O1mX0ddiaMKP2qRXEoBRyvLJvVz+93khT9tuP5V76bPufPvdFXS SmMQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=cN0Uet3O; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id dr21si15805007ejc.186.2020.10.12.12.04.33; Mon, 12 Oct 2020 12:05:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=cN0Uet3O; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389916AbgJLTDH (ORCPT + 99 others); Mon, 12 Oct 2020 15:03:07 -0400 Received: from mail.kernel.org ([198.145.29.99]:52452 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2389663AbgJLTDF (ORCPT ); Mon, 12 Oct 2020 15:03:05 -0400 Received: from sasha-vm.mshome.net (c-73-47-72-35.hsd1.nh.comcast.net [73.47.72.35]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id B65CE2067C; Mon, 12 Oct 2020 19:03:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1602529384; bh=Kmkb6hRz4+TOx950kSgcQvZxH2dY+imBL1JTQWpMf0U=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=cN0Uet3OrcpMUSngD93Gtf4JFcQi6O0V2BY6+3G1bZTykpg6+ioj6I3XSeKDqF76C J1T8ivBI1RFwD1U1+++LXR6WIKOMF4XERkBuPyhG+xKulD7u2NpiYqKwU1eaqCtKNA yiknElqhGODxzdePxmCdaVPxEsu+M17cxgp9RjdM= From: Sasha Levin To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Linus Torvalds , Vegard Nossum , Al Viro , "Eric W . Biederman" , Sasha Levin Subject: [PATCH AUTOSEL 5.8 19/24] usermodehelper: reset umask to default before executing user process Date: Mon, 12 Oct 2020 15:02:34 -0400 Message-Id: <20201012190239.3279198-19-sashal@kernel.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20201012190239.3279198-1-sashal@kernel.org> References: <20201012190239.3279198-1-sashal@kernel.org> MIME-Version: 1.0 X-stable: review X-Patchwork-Hint: Ignore Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Linus Torvalds [ Upstream commit 4013c1496c49615d90d36b9d513eee8e369778e9 ] Kernel threads intentionally do CLONE_FS in order to follow any changes that 'init' does to set up the root directory (or cwd). It is admittedly a bit odd, but it avoids the situation where 'init' does some extensive setup to initialize the system environment, and then we execute a usermode helper program, and it uses the original FS setup from boot time that may be very limited and incomplete. [ Both Al Viro and Eric Biederman point out that 'pivot_root()' will follow the root regardless, since it fixes up other users of root (see chroot_fs_refs() for details), but overmounting root and doing a chroot() would not. ] However, Vegard Nossum noticed that the CLONE_FS not only means that we follow the root and current working directories, it also means we share umask with whatever init changed it to. That wasn't intentional. Just reset umask to the original default (0022) before actually starting the usermode helper program. Reported-by: Vegard Nossum Cc: Al Viro Acked-by: Eric W. Biederman Signed-off-by: Linus Torvalds Signed-off-by: Sasha Levin --- kernel/umh.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/kernel/umh.c b/kernel/umh.c index 79f139a7ca03c..6aaf456d402d9 100644 --- a/kernel/umh.c +++ b/kernel/umh.c @@ -14,6 +14,7 @@ #include #include #include +#include #include #include #include @@ -75,6 +76,14 @@ static int call_usermodehelper_exec_async(void *data) flush_signal_handlers(current, 1); spin_unlock_irq(¤t->sighand->siglock); + /* + * Initial kernel threads share ther FS with init, in order to + * get the init root directory. But we've now created a new + * thread that is going to execve a user process and has its own + * 'struct fs_struct'. Reset umask to the default. + */ + current->fs->umask = 0022; + /* * Our parent (unbound workqueue) runs with elevated scheduling * priority. Avoid propagating that into the userspace child. -- 2.25.1