[thirdparty/kernel/stable-queue.git] / queue-4.4 / binfmt_elf-switch-to-new-creds-when-switching-to-new-mm.patch

From 9f834ec18defc369d73ccf9e87a2790bfa05bf46 Mon Sep 17 00:00:00 2001
From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Mon, 22 Aug 2016 16:41:46 -0700
Subject: binfmt_elf: switch to new creds when switching to new mm
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

From: Linus Torvalds <torvalds@linux-foundation.org>

commit 9f834ec18defc369d73ccf9e87a2790bfa05bf46 upstream.

We used to delay switching to the new credentials until after we had
mapped the executable (and possible elf interpreter).  That was kind of
odd to begin with, since the new executable will actually then _run_
with the new creds, but whatever.

The bigger problem was that we also want to make sure that we turn off
prof events and tracing before we start mapping the new executable
state.  So while this is a cleanup, it's also a fix for a possible
information leak.

Reported-by: Robert Święcki <robert@swiecki.net>
Tested-by: Peter Zijlstra <peterz@infradead.org>
Acked-by: David Howells <dhowells@redhat.com>
Acked-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Andy Lutomirski <luto@amacapital.net>
Acked-by: Eric W. Biederman <ebiederm@xmission.com>
Cc: Willy Tarreau <w@1wt.eu>
Cc: Kees Cook <keescook@chromium.org>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Federico Manuel Bento <up201407890@fc.up.pt>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 fs/binfmt_elf.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/fs/binfmt_elf.c
+++ b/fs/binfmt_elf.c
@@ -850,6 +850,7 @@ static int load_elf_binary(struct linux_
 		current->flags |= PF_RANDOMIZE;
 
 	setup_new_exec(bprm);
+	install_exec_creds(bprm);
 
 	/* Do this so that we can load the interpreter, if need be.  We will
 	   change some of these later */
@@ -1084,7 +1085,6 @@ static int load_elf_binary(struct linux_
 		goto out;
 #endif /* ARCH_HAS_SETUP_ADDITIONAL_PAGES */
 
-	install_exec_creds(bprm);
 	retval = create_elf_tables(bprm, &loc->elf_ex,
 			  load_addr, interp_load_addr);
 	if (retval < 0)
Commit	Line	Data
e1676b55 GKH	1	From 9f834ec18defc369d73ccf9e87a2790bfa05bf46 Mon Sep 17 00:00:00 2001
	2	From: Linus Torvalds <torvalds@linux-foundation.org>
	3	Date: Mon, 22 Aug 2016 16:41:46 -0700
	4	Subject: binfmt_elf: switch to new creds when switching to new mm
	5	MIME-Version: 1.0
	6	Content-Type: text/plain; charset=UTF-8
	7	Content-Transfer-Encoding: 8bit
	8
	9	From: Linus Torvalds <torvalds@linux-foundation.org>
	10
	11	commit 9f834ec18defc369d73ccf9e87a2790bfa05bf46 upstream.
	12
	13	We used to delay switching to the new credentials until after we had
	14	mapped the executable (and possible elf interpreter). That was kind of
	15	odd to begin with, since the new executable will actually then _run_
	16	with the new creds, but whatever.
	17
	18	The bigger problem was that we also want to make sure that we turn off
	19	prof events and tracing before we start mapping the new executable
	20	state. So while this is a cleanup, it's also a fix for a possible
	21	information leak.
	22
	23	Reported-by: Robert Święcki <robert@swiecki.net>
	24	Tested-by: Peter Zijlstra <peterz@infradead.org>
	25	Acked-by: David Howells <dhowells@redhat.com>
	26	Acked-by: Oleg Nesterov <oleg@redhat.com>
	27	Acked-by: Andy Lutomirski <luto@amacapital.net>
	28	Acked-by: Eric W. Biederman <ebiederm@xmission.com>
	29	Cc: Willy Tarreau <w@1wt.eu>
	30	Cc: Kees Cook <keescook@chromium.org>
	31	Cc: Al Viro <viro@zeniv.linux.org.uk>
	32	Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
	33	Cc: Federico Manuel Bento <up201407890@fc.up.pt>
	34	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	35
	36	---
	37	fs/binfmt_elf.c \| 2 +-
	38	1 file changed, 1 insertion(+), 1 deletion(-)
	39
	40	--- a/fs/binfmt_elf.c
	41	+++ b/fs/binfmt_elf.c
	42	@@ -850,6 +850,7 @@ static int load_elf_binary(struct linux_
	43	current->flags \|= PF_RANDOMIZE;
	44
	45	setup_new_exec(bprm);
	46	+ install_exec_creds(bprm);
	47
	48	/* Do this so that we can load the interpreter, if need be. We will
	49	change some of these later */
	50	@@ -1084,7 +1085,6 @@ static int load_elf_binary(struct linux_
	51	goto out;
	52	#endif /* ARCH_HAS_SETUP_ADDITIONAL_PAGES */
	53
	54	- install_exec_creds(bprm);
	55	retval = create_elf_tables(bprm, &loc->elf_ex,
	56	load_addr, interp_load_addr);
	57	if (retval < 0)