From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
Vegard Nossum <vegard.nossum@oracle.com>,
Al Viro <viro@zeniv.linux.org.uk>,
"Eric W . Biederman" <ebiederm@xmission.com>,
Sasha Levin <sashal@kernel.org>
Subject: [PATCH AUTOSEL 4.19 10/12] usermodehelper: reset umask to default before executing user process
Date: Mon, 12 Oct 2020 15:03:33 -0400 [thread overview]
Message-ID: <20201012190335.3279538-10-sashal@kernel.org> (raw)
In-Reply-To: <20201012190335.3279538-1-sashal@kernel.org>
From: Linus Torvalds <torvalds@linux-foundation.org>
[ Upstream commit 4013c1496c49615d90d36b9d513eee8e369778e9 ]
Kernel threads intentionally do CLONE_FS in order to follow any changes
that 'init' does to set up the root directory (or cwd).
It is admittedly a bit odd, but it avoids the situation where 'init'
does some extensive setup to initialize the system environment, and then
we execute a usermode helper program, and it uses the original FS setup
from boot time that may be very limited and incomplete.
[ Both Al Viro and Eric Biederman point out that 'pivot_root()' will
follow the root regardless, since it fixes up other users of root (see
chroot_fs_refs() for details), but overmounting root and doing a
chroot() would not. ]
However, Vegard Nossum noticed that the CLONE_FS not only means that we
follow the root and current working directories, it also means we share
umask with whatever init changed it to. That wasn't intentional.
Just reset umask to the original default (0022) before actually starting
the usermode helper program.
Reported-by: Vegard Nossum <vegard.nossum@oracle.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Acked-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
kernel/umh.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/kernel/umh.c b/kernel/umh.c
index 52a9084f85419..16653319c8ce8 100644
--- a/kernel/umh.c
+++ b/kernel/umh.c
@@ -13,6 +13,7 @@
#include <linux/cred.h>
#include <linux/file.h>
#include <linux/fdtable.h>
+#include <linux/fs_struct.h>
#include <linux/workqueue.h>
#include <linux/security.h>
#include <linux/mount.h>
@@ -72,6 +73,14 @@ static int call_usermodehelper_exec_async(void *data)
flush_signal_handlers(current, 1);
spin_unlock_irq(¤t->sighand->siglock);
+ /*
+ * Initial kernel threads share ther FS with init, in order to
+ * get the init root directory. But we've now created a new
+ * thread that is going to execve a user process and has its own
+ * 'struct fs_struct'. Reset umask to the default.
+ */
+ current->fs->umask = 0022;
+
/*
* Our parent (unbound workqueue) runs with elevated scheduling
* priority. Avoid propagating that into the userspace child.
--
2.25.1
next prev parent reply other threads:[~2020-10-12 19:07 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-12 19:03 [PATCH AUTOSEL 4.19 01/12] platform/x86: asus-nb-wmi: Revert "Do not load on Asus T100TA and T200TA" Sasha Levin
2020-10-12 19:03 ` [PATCH AUTOSEL 4.19 02/12] net: mscc: ocelot: fix fields offset in SG_CONFIG_REG_3 Sasha Levin
2020-10-12 19:03 ` [PATCH AUTOSEL 4.19 03/12] net/fsl: quieten expected MDIO access failures Sasha Levin
2020-10-12 19:03 ` [PATCH AUTOSEL 4.19 04/12] net: usb: ax88179_178a: add Toshiba usb 3.0 adapter Sasha Levin
2020-10-12 19:03 ` [PATCH AUTOSEL 4.19 05/12] net: usb: ax88179_178a: add MCT " Sasha Levin
2020-10-12 19:03 ` [PATCH AUTOSEL 4.19 06/12] via-rhine: Fix for the hardware having a reset failure after resume Sasha Levin
2020-10-12 19:03 ` [PATCH AUTOSEL 4.19 07/12] via-rhine: VTunknown1 device is really VT8251 South Bridge Sasha Levin
2020-10-12 19:03 ` [PATCH AUTOSEL 4.19 08/12] net: usb: pegasus: Proper error handing when setting pegasus' MAC address Sasha Levin
2020-10-12 19:03 ` [PATCH AUTOSEL 4.19 09/12] net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails Sasha Levin
2020-10-12 19:03 ` Sasha Levin [this message]
2020-10-12 19:03 ` [PATCH AUTOSEL 4.19 11/12] arm/arm64: xen: Fix to convert percpu address to gfn correctly Sasha Levin
2020-10-12 19:03 ` [PATCH AUTOSEL 4.19 12/12] net: usb: qmi_wwan: add Cellient MPL200 card Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201012190335.3279538-10-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=ebiederm@xmission.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=vegard.nossum@oracle.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).