Received: by 2002:a05:6a10:6744:0:0:0:0 with SMTP id w4csp4299027pxu; Mon, 12 Oct 2020 15:24:01 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzRdIkyC24T0a6uShfqUfEi1B3ByvA3h9KAogaM45BWnqPTLHEHg6uY5HtfDBG951l4Zg8/ X-Received: by 2002:aa7:c358:: with SMTP id j24mr16805778edr.265.1602541441027; Mon, 12 Oct 2020 15:24:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1602541441; cv=none; d=google.com; s=arc-20160816; b=tP0O82d6qyK9He316DfaNyVNxoLsTNeb7AJcdiD4+Dq4gJWkuExNJWXVejL72QJDVR ro3Rg8CcjikZo2t0+a+VqAgnpLCKO9NJzHLLD8oFwTf3d4I1cKpTHlLvoCdQMvZ1/R/Y GfD/6OScuFW9wRvz3jxGg7PcPT78Nf8qG+RP9myIP2GCz2h3Je3vJ9O1FmymOWJQ0LcL iAyFBoRGjX1AONanipqCSc+ewfqGz3chwUOoiEexKoXzzf6AZtUZeDjjpUWc34HU7mLv SkrAJ8w01r/yjqleBhRG6e3vwREACFqsj2zhqkbXc21Ufskp/CklZ/pr4O2RRWkbBTrE wwQQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=xdT9i5aLV+Y19C467oImnAnOaIl3tmLm31tztQOkbG0=; b=omToFGHMMrqXJOLqCIMzeyfxgOT60dk7jVRmHofNpt/X54aJ/bR2VISq5bcwNd7+2W ak7OMy+p3e6Gs2TsupM3P/bPhRZV/R1JkAaKCKMV7v7TOQQTv9eOd3y9ldKp+hHJKjIO 7YlhWqlkK4JNBHOc8i2eZ+kHS0JgUMfxOUoXylCYGJwW3kip7u1UEuZ9bABdk4TdOLFZ QHrMvbytUnwVXHjOu0XYj4SkahSQu4N1rC1CQLNwnYjqbQ5sTf9KgleWXsPsfgseFDbU 2J6Pyudnhy0PzUR+8jUNgdBbvooeaQDApXiRGR1bYZT/tGzszFPHS+YHqKiGTo7CZF6k Gv+Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=QyfDznoA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id f15si9694407ejr.2.2020.10.12.15.23.38; Mon, 12 Oct 2020 15:24:01 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=QyfDznoA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731462AbgJLNjz (ORCPT + 99 others); Mon, 12 Oct 2020 09:39:55 -0400 Received: from mail.kernel.org ([198.145.29.99]:43286 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731381AbgJLNj2 (ORCPT ); Mon, 12 Oct 2020 09:39:28 -0400 Received: from localhost (83-86-74-64.cable.dynamic.v4.ziggo.nl [83.86.74.64]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id D7228208B8; Mon, 12 Oct 2020 13:39:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1602509967; bh=NNZpRMHriMNBLP4EVT7c93Yff+/E3IMH4NmTOZjyO8E=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=QyfDznoAtpDn3yG6hxamtMTlz8gngnHCMTbGGcGyNAAUyYHsgU8ad0OrzPfHHb4y2 ypVaVGC8lw2dSYTLCJ7ifo7woS783RPkqPzewUEgsbuMeypHcAMFUr10uk9/86TlWl ga2tTrMMq0x+Nv6h0fLx/KCwvhrhxAYvYmqkNZJE= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Vegard Nossum , Al Viro , "Eric W. Biederman" , Linus Torvalds Subject: [PATCH 4.19 07/49] usermodehelper: reset umask to default before executing user process Date: Mon, 12 Oct 2020 15:26:53 +0200 Message-Id: <20201012132629.781003771@linuxfoundation.org> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20201012132629.469542486@linuxfoundation.org> References: <20201012132629.469542486@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Linus Torvalds commit 4013c1496c49615d90d36b9d513eee8e369778e9 upstream. Kernel threads intentionally do CLONE_FS in order to follow any changes that 'init' does to set up the root directory (or cwd). It is admittedly a bit odd, but it avoids the situation where 'init' does some extensive setup to initialize the system environment, and then we execute a usermode helper program, and it uses the original FS setup from boot time that may be very limited and incomplete. [ Both Al Viro and Eric Biederman point out that 'pivot_root()' will follow the root regardless, since it fixes up other users of root (see chroot_fs_refs() for details), but overmounting root and doing a chroot() would not. ] However, Vegard Nossum noticed that the CLONE_FS not only means that we follow the root and current working directories, it also means we share umask with whatever init changed it to. That wasn't intentional. Just reset umask to the original default (0022) before actually starting the usermode helper program. Reported-by: Vegard Nossum Cc: Al Viro Acked-by: Eric W. Biederman Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman --- kernel/umh.c | 9 +++++++++ 1 file changed, 9 insertions(+) --- a/kernel/umh.c +++ b/kernel/umh.c @@ -13,6 +13,7 @@ #include #include #include +#include #include #include #include @@ -73,6 +74,14 @@ static int call_usermodehelper_exec_asyn spin_unlock_irq(¤t->sighand->siglock); /* + * Initial kernel threads share ther FS with init, in order to + * get the init root directory. But we've now created a new + * thread that is going to execve a user process and has its own + * 'struct fs_struct'. Reset umask to the default. + */ + current->fs->umask = 0022; + + /* * Our parent (unbound workqueue) runs with elevated scheduling * priority. Avoid propagating that into the userspace child. */