Linux-Fsdevel Archive on lore.kernel.org
 help / Atom feed
From: Al Viro <viro@zeniv.linux.org.uk>
To: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
Cc: Eric Biggers <ebiggers3@gmail.com>,
	Dmitry Vyukov <dvyukov@google.com>,
	Kees Cook <keescook@chromium.org>,
	syzbot 
	<bot+e93a80c1bb7c5c56e522461c149f8bf55eab1b2b@syzkaller.appspotmail.com>,
	"linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>,
	LKML <linux-kernel@vger.kernel.org>,
	syzkaller-bugs <syzkaller-bugs@googlegroups.com>
Subject: Re: [PATCH] fs: Allow opening only regular files during execve().
Date: Mon, 21 Jan 2019 21:18:01 +0000
Message-ID: <20190121211800.GC2217@ZenIV.linux.org.uk> (raw)
In-Reply-To: <d1e2488f-a969-30d4-5023-6fa85a4e3833@I-love.SAKURA.ne.jp>

On Mon, Jan 21, 2019 at 07:14:39PM +0900, Tetsuo Handa wrote:
> On Tue, Dec 12, 2017 at 2:06 PM, Eric Biggers <ebiggers3@gmail.com> wrote:
> > I'm not sure what the fix will be.  Maybe the proc handlers should take a
> > different lock instead of cred_guard_mutex.  Or perhaps execve should check that
> > the file is a regular file before it attempts to open it.
> 
> We can easily distinguish open() from execve() and open() from others. ;-)

> +	/* The file or a script interpreter has to be a regular file. */
> +	if (unlikely(current->in_execve && !S_ISREG(inode->i_mode))) {
> +		error = -EACCES;
> +		goto cleanup_file;
> +	}

We are *NOT* going to use current->in_execve to propagate that information.
Come up with a cleaner solution, if you care, but this one is a non-starter.
Too ugly to live.  Sorry.

  parent reply index

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <001a113f711ae2110c055f45acb8@google.com>
2017-12-02  8:12 ` possible deadlock in seq_read syzbot
2017-12-03 22:02 ` syzbot
2017-12-12 22:06 ` Eric Biggers
2017-12-27 18:30   ` Dmitry Vyukov
2018-08-27 18:20   ` Kees Cook
2018-08-27 20:57     ` Dmitry Vyukov
2019-01-21 10:14       ` [PATCH] fs: Allow opening only regular files during execve() Tetsuo Handa
2019-01-21 20:24         ` Kees Cook
2019-01-21 21:18         ` Al Viro [this message]
2019-01-22  0:50           ` [PATCH v2] " Tetsuo Handa
2019-01-28 23:42             ` Andrew Morton
2019-02-12  2:01               ` Tetsuo Handa
2019-02-12  5:26               ` Tetsuo Handa
2019-02-19  9:51                 ` Tetsuo Handa
2019-01-22  0:51           ` [PATCH] " Kees Cook

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190121211800.GC2217@ZenIV.linux.org.uk \
    --to=viro@zeniv.linux.org.uk \
    --cc=bot+e93a80c1bb7c5c56e522461c149f8bf55eab1b2b@syzkaller.appspotmail.com \
    --cc=dvyukov@google.com \
    --cc=ebiggers3@gmail.com \
    --cc=keescook@chromium.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=penguin-kernel@i-love.sakura.ne.jp \
    --cc=syzkaller-bugs@googlegroups.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-Fsdevel Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-fsdevel/0 linux-fsdevel/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-fsdevel linux-fsdevel/ https://lore.kernel.org/linux-fsdevel \
		linux-fsdevel@vger.kernel.org linux-fsdevel@archiver.kernel.org
	public-inbox-index linux-fsdevel


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-fsdevel


AGPL code for this site: git clone https://public-inbox.org/ public-inbox