]>
Commit | Line | Data |
---|---|---|
e1676b55 GKH |
1 | From 9f834ec18defc369d73ccf9e87a2790bfa05bf46 Mon Sep 17 00:00:00 2001 |
2 | From: Linus Torvalds <torvalds@linux-foundation.org> | |
3 | Date: Mon, 22 Aug 2016 16:41:46 -0700 | |
4 | Subject: binfmt_elf: switch to new creds when switching to new mm | |
5 | MIME-Version: 1.0 | |
6 | Content-Type: text/plain; charset=UTF-8 | |
7 | Content-Transfer-Encoding: 8bit | |
8 | ||
9 | From: Linus Torvalds <torvalds@linux-foundation.org> | |
10 | ||
11 | commit 9f834ec18defc369d73ccf9e87a2790bfa05bf46 upstream. | |
12 | ||
13 | We used to delay switching to the new credentials until after we had | |
14 | mapped the executable (and possible elf interpreter). That was kind of | |
15 | odd to begin with, since the new executable will actually then _run_ | |
16 | with the new creds, but whatever. | |
17 | ||
18 | The bigger problem was that we also want to make sure that we turn off | |
19 | prof events and tracing before we start mapping the new executable | |
20 | state. So while this is a cleanup, it's also a fix for a possible | |
21 | information leak. | |
22 | ||
23 | Reported-by: Robert Święcki <robert@swiecki.net> | |
24 | Tested-by: Peter Zijlstra <peterz@infradead.org> | |
25 | Acked-by: David Howells <dhowells@redhat.com> | |
26 | Acked-by: Oleg Nesterov <oleg@redhat.com> | |
27 | Acked-by: Andy Lutomirski <luto@amacapital.net> | |
28 | Acked-by: Eric W. Biederman <ebiederm@xmission.com> | |
29 | Cc: Willy Tarreau <w@1wt.eu> | |
30 | Cc: Kees Cook <keescook@chromium.org> | |
31 | Cc: Al Viro <viro@zeniv.linux.org.uk> | |
32 | Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | |
33 | Cc: Federico Manuel Bento <up201407890@fc.up.pt> | |
34 | Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | |
35 | ||
36 | --- | |
37 | fs/binfmt_elf.c | 2 +- | |
38 | 1 file changed, 1 insertion(+), 1 deletion(-) | |
39 | ||
40 | --- a/fs/binfmt_elf.c | |
41 | +++ b/fs/binfmt_elf.c | |
42 | @@ -850,6 +850,7 @@ static int load_elf_binary(struct linux_ | |
43 | current->flags |= PF_RANDOMIZE; | |
44 | ||
45 | setup_new_exec(bprm); | |
46 | + install_exec_creds(bprm); | |
47 | ||
48 | /* Do this so that we can load the interpreter, if need be. We will | |
49 | change some of these later */ | |
50 | @@ -1084,7 +1085,6 @@ static int load_elf_binary(struct linux_ | |
51 | goto out; | |
52 | #endif /* ARCH_HAS_SETUP_ADDITIONAL_PAGES */ | |
53 | ||
54 | - install_exec_creds(bprm); | |
55 | retval = create_elf_tables(bprm, &loc->elf_ex, | |
56 | load_addr, interp_load_addr); | |
57 | if (retval < 0) |