Re: [PATCH v2 0/3] Relocate execve() sanity checks
On Fri, Jun 05, 2020 at 05:40:53PM -0700, Andrew Morton wrote: > On Fri, 5 Jun 2020 09:00:10 -0700 Kees Cook wrote: > > > While looking at the code paths for the proposed O_MAYEXEC flag, I saw > > some things that looked like they should be fixed up. > > > > exec: Change uselib(2) IS_SREG() failure to EACCES > > This just regularizes the return code on uselib(2). > > > > exec: Move S_ISREG() check earlier > > This moves the S_ISREG() check even earlier than it was already. > > > > exec: Move path_noexec() check earlier > > This adds the path_noexec() check to the same place as the > > S_ISREG() check. > > Thanks. > > These don't seem super-urgent and they aren't super-reviewed, so I > suggest we hold them off until the next cycle? Agreed; that's fine by me. It's mostly clean up and preparation for performing future checking through the MAY_EXEC path. And I'd love to get an Ack from Al or Aleksa, nudge nudge. :) -- Kees Cook
Re: [PATCH v2 0/3] Relocate execve() sanity checks
On Fri, 5 Jun 2020 09:00:10 -0700 Kees Cook wrote: > While looking at the code paths for the proposed O_MAYEXEC flag, I saw > some things that looked like they should be fixed up. > > exec: Change uselib(2) IS_SREG() failure to EACCES > This just regularizes the return code on uselib(2). > > exec: Move S_ISREG() check earlier > This moves the S_ISREG() check even earlier than it was already. > > exec: Move path_noexec() check earlier > This adds the path_noexec() check to the same place as the > S_ISREG() check. Thanks. These don't seem super-urgent and they aren't super-reviewed, so I suggest we hold them off until the next cycle?
[PATCH v2 0/3] Relocate execve() sanity checks
Hi, While looking at the code paths for the proposed O_MAYEXEC flag, I saw some things that looked like they should be fixed up. exec: Change uselib(2) IS_SREG() failure to EACCES This just regularizes the return code on uselib(2). exec: Move S_ISREG() check earlier This moves the S_ISREG() check even earlier than it was already. exec: Move path_noexec() check earlier This adds the path_noexec() check to the same place as the S_ISREG() check. v2: - move checks into may_open() using acc_mode instead of f_mode to correctly compose with other inode file type tests[1]. - drop the FMODE_EXEC f_flags -> f_mode change for now since it remains unclear if it's useful (and is not needed any more for this series). v1: https://lore.kernel.org/linux-api/20200518055457.12302-1-keesc...@chromium.org/ Thanks! -Kees [1] https://lore.kernel.org/lkml/202006041910.9EF0C602@keescook/ Kees Cook (3): exec: Change uselib(2) IS_SREG() failure to EACCES exec: Move S_ISREG() check earlier exec: Move path_noexec() check earlier fs/exec.c | 23 ++- fs/namei.c | 10 -- fs/open.c | 6 -- 3 files changed, 22 insertions(+), 17 deletions(-) -- 2.25.1