Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp4218857pxb; Tue, 17 Nov 2020 14:49:48 -0800 (PST) X-Google-Smtp-Source: ABdhPJwJwBqIE4laihRb8qKRaE9SXN/oodN8gaIgFJIgVhhCkpGiH7JDXX6Ctpu3gKwku6RTsNC5 X-Received: by 2002:aa7:d607:: with SMTP id c7mr22687101edr.70.1605653388281; Tue, 17 Nov 2020 14:49:48 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1605653388; cv=none; d=google.com; s=arc-20160816; b=ZjGRbPLK9i6rofZJiqupgeiSp+YImZAHH4z2BuHSELZfM5Ry57ZtyMMzTGw4WWe/pD /eOcFlhnjuiEHLmEPtUx+rslNO4C1CZqbNiuc5crrtJOpCclLFiqPUHfWN87HrjiQqtF pSl27czXj8zVDcHOUJUv1/v/ObXDQ1pHFK+2Y68oiYzwS/alry/wofQ5OtEuy3AUBvLH k0QcQLb96+IEFCeo0+rLEjv6OARXdqwersmcDT1k89lBU/27nP/WOlXzWm/pKjlPLlFj eomfEVDqUGakFzwUsvrCsWnDiXm+MaOdupS5vOGO6qWO/3QHt9XsPNnskLOTflVo9SxV qmYQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject; bh=YCHduxcT3imyrdyrszGQ0WJhUkXbX0HyEpZeXMiql7Q=; b=d8mtIb/9Cn4JcQou2OpPu5pZEp6JgzCDTiWP8wmvTD80RyUUz8V0qgOYOmyUodBdMf 2wKyvrX0LPb/RL5oxFe3uvU7zjVkryqbIAaNNCzwyr9B09opfF1JuhvHYyYSMsANKMwu AjlXlPNWjcAgJNbtrD92Dk6uFOSORbp9XE5yunB6ayyCBmXo6mazEDGC99ZNrzieZDsm HdbJwozoPUJx9O4DUZGSNrUGMeLt76uY+YIZyE+yzh0QwYqwGo4uzAQw6QMtKPOoNOns nF5AXTKHSNGSZgKFx5GTIsMnZYI8vffduymbIpxCiZ2d5AlCAhjS+9ZFc+d8zKI+AfgW 686g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b8si230046ejp.173.2020.11.17.14.49.25; Tue, 17 Nov 2020 14:49:48 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728924AbgKQWrn (ORCPT + 99 others); Tue, 17 Nov 2020 17:47:43 -0500 Received: from www62.your-server.de ([213.133.104.62]:60098 "EHLO www62.your-server.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726498AbgKQWrn (ORCPT ); Tue, 17 Nov 2020 17:47:43 -0500 Received: from sslproxy03.your-server.de ([88.198.220.132]) by www62.your-server.de with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256) (Exim 4.92.3) (envelope-from ) id 1kf9lF-00070i-5Z; Tue, 17 Nov 2020 23:47:41 +0100 Received: from [85.7.101.30] (helo=pc-9.home) by sslproxy03.your-server.de with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1kf9lE-000Muh-Ve; Tue, 17 Nov 2020 23:47:41 +0100 Subject: Re: [PATCH bpf-next v3 2/2] bpf: Add tests for bpf_lsm_set_bprm_opts To: KP Singh , linux-kernel@vger.kernel.org, bpf@vger.kernel.org Cc: Alexei Starovoitov , Florent Revest , Brendan Jackman , Pauline Middelink References: <20201117021307.1846300-1-kpsingh@chromium.org> <20201117021307.1846300-2-kpsingh@chromium.org> From: Daniel Borkmann Message-ID: Date: Tue, 17 Nov 2020 23:47:40 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.2 MIME-Version: 1.0 In-Reply-To: <20201117021307.1846300-2-kpsingh@chromium.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Authenticated-Sender: daniel@iogearbox.net X-Virus-Scanned: Clear (ClamAV 0.102.4/25991/Tue Nov 17 14:12:35 2020) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 11/17/20 3:13 AM, KP Singh wrote: [...] > + > +static int run_set_secureexec(int map_fd, int secureexec) > +{ > + ^ same here > + int child_pid, child_status, ret, null_fd; > + > + child_pid = fork(); > + if (child_pid == 0) { > + null_fd = open("/dev/null", O_WRONLY); > + if (null_fd == -1) > + exit(errno); > + dup2(null_fd, STDOUT_FILENO); > + dup2(null_fd, STDERR_FILENO); > + close(null_fd); > + > + /* Ensure that all executions from hereon are > + * secure by setting a local storage which is read by > + * the bprm_creds_for_exec hook and sets bprm->secureexec. > + */ > + ret = update_storage(map_fd, secureexec); > + if (ret) > + exit(ret); > + > + /* If the binary is executed with securexec=1, the dynamic > + * loader ingores and unsets certain variables like LD_PRELOAD, > + * TMPDIR etc. TMPDIR is used here to simplify the example, as > + * LD_PRELOAD requires a real .so file. > + * > + * If the value of TMPDIR is set, the bash command returns 10 > + * and if the value is unset, it returns 20. > + */ > + execle("/bin/bash", "bash", "-c", > + "[[ -z \"${TMPDIR}\" ]] || exit 10 && exit 20", NULL, > + bash_envp); > + exit(errno); > + } else if (child_pid > 0) { > + waitpid(child_pid, &child_status, 0); > + ret = WEXITSTATUS(child_status); > + > + /* If a secureexec occured, the exit status should be 20. > + */ > + if (secureexec && ret == 20) > + return 0; > + > + /* If normal execution happened the exit code should be 10. > + */ > + if (!secureexec && ret == 10) > + return 0; > + and here (rest looks good to me) > + } > + > + return -EINVAL; > +} > +