projects / profile / wearable / platform / kernel / linux-3.18-exynos7270.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0ab5ab2)
Revert "exec: Ensure mm->user_ns contains the execed files" 09/201909/1 accepted/tizen/unified/20190322.075500 submit/tizen/20190321.041604
authorSeung-Woo Kim <sw0312.kim@samsung.com>
Thu, 21 Mar 2019 01:22:37 +0000 (10:22 +0900)
committerSeung-Woo Kim <sw0312.kim@samsung.com>
Thu, 21 Mar 2019 01:22:41 +0000 (10:22 +0900)
This reverts commit 92c624bbcc160397fcd6127cdbece1f0f20a2b97.

It was backported for fixing smack deny issue for user process
exec from kthread, but this series causes unexpected NULL pointer
deference as like following so rervert:

  Unable to handle kernel NULL pointer dereference at virtual address 000002e8
  pgd = ffffffc0127b6000
  [000002e8] *pgd=00000000527b7003, *pud=00000000527b7003, *pmd=0800000049c67003, *pte=0000000000000000
  ------------[ cut here ]------------
  Kernel BUG at ffffffc00018b4e4 [verbose debug info unavailable]
  Internal error: Oops - BUG: 96000007 [#1] PREEMPT SMP
  [...]
  PC is at would_dump+0x3c/0x9c
  LR is at would_dump+0x28/0x9c
  [...]
  Call trace:
  [<ffffffc00018b4e4>] would_dump+0x3c/0x9c
  [<ffffffc00018cd44>] do_execve_common.isra.15+0x4c8/0x568
  [<ffffffc00018d038>] compat_SyS_execve+0x28/0x3c
  Code: b940daa0 32000000 b900daa0 f9404aa0 (f9417416)
  ---[ end trace ddbe8141f552b6aa ]---

Change-Id: Ic520eb2a9936ff55e8551ef2af90b9986a3f1aba
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
fs/exec.c patch | blob | history
include/linux/capability.h patch | blob | history
kernel/capability.c patch | blob | history

diff --git a/fs/exec.c b/fs/exec.c
index 542f6f93c826529df8fc157c18b8d4e4252a9883..6caf829c0fed6c5d06aad869799159b4f4342172 100644 (file)
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -56,7 +56,6 @@
 #include <linux/pipe_fs_i.h>
 #include <linux/oom.h>
 #include <linux/compat.h>
-#include <linux/user_namespace.h>
 #include <swap/swap_us_hooks.h>
 
 #include <asm/uaccess.h>
@@ -1093,22 +1092,8 @@ EXPORT_SYMBOL(flush_old_exec);
 
 void would_dump(struct linux_binprm *bprm, struct file *file)
 {
-       struct inode *inode = file_inode(file);
-       if (inode_permission(inode, MAY_READ) < 0) {
-               struct user_namespace *old, *user_ns;
+       if (inode_permission(file_inode(file), MAY_READ) < 0)
                bprm->interp_flags |= BINPRM_FLAGS_ENFORCE_NONDUMP;
-
-               /* Ensure mm->user_ns contains the executable */
-               user_ns = old = bprm->mm->user_ns;
-               while ((user_ns != &init_user_ns) &&
-                      !privileged_wrt_inode_uidgid(user_ns, inode))
-                       user_ns = user_ns->parent;
-
-               if (old != user_ns) {
-                       bprm->mm->user_ns = get_user_ns(user_ns);
-                       put_user_ns(old);
-               }
-       }
 }
 EXPORT_SYMBOL(would_dump);
 
@@ -1138,6 +1123,7 @@ void setup_new_exec(struct linux_binprm * bprm)
            !gid_eq(bprm->cred->gid, current_egid())) {
                current->pdeath_signal = 0;
        } else {
+               would_dump(bprm, bprm->file);
                if (bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP)
                        set_dumpable(current->mm, suid_dumpable);
        }
@@ -1551,8 +1537,6 @@ static int do_execve_common(struct filename *filename,
        if (retval < 0)
                goto out;
 
-       would_dump(bprm, bprm->file);
-
        /* execve succeeded */
        current->fs->in_exec = 0;
        current->in_execve = 0;
diff --git a/include/linux/capability.h b/include/linux/capability.h
index 135d0a47a7cdc11cfcec19c0e3fd09f34a2d3c52..aa93e5ef594c15eb5a733c005dd7c5590e56b00e 100644 (file)
--- a/include/linux/capability.h
+++ b/include/linux/capability.h
@@ -213,7 +213,6 @@ extern bool has_ns_capability_noaudit(struct task_struct *t,
                                      struct user_namespace *ns, int cap);
 extern bool capable(int cap);
 extern bool ns_capable(struct user_namespace *ns, int cap);
-extern bool privileged_wrt_inode_uidgid(struct user_namespace *ns, const struct inode *inode);
 extern bool capable_wrt_inode_uidgid(const struct inode *inode, int cap);
 extern bool file_ns_capable(const struct file *file, struct user_namespace *ns, int cap);
 
diff --git a/kernel/capability.c b/kernel/capability.c
index c8b748919fd50ac5c52e4f542d257673350a475f..989f5bfc57dcfde3046b2756ddd2aac59da1ec73 100644 (file)
--- a/kernel/capability.c
+++ b/kernel/capability.c
@@ -427,19 +427,6 @@ bool capable(int cap)
 }
 EXPORT_SYMBOL(capable);
 
-/**
- * privileged_wrt_inode_uidgid - Do capabilities in the namespace work over the inode?
- * @ns: The user namespace in question
- * @inode: The inode in question
- *
- * Return true if the inode uid and gid are within the namespace.
- */
-bool privileged_wrt_inode_uidgid(struct user_namespace *ns, const struct inode *inode)
-{
-       return kuid_has_mapping(ns, inode->i_uid) &&
-               kgid_has_mapping(ns, inode->i_gid);
-}
-
 /**
  * capable_wrt_inode_uidgid - Check nsown_capable and uid and gid mapped
  * @inode: The inode in question
@@ -453,6 +440,7 @@ bool capable_wrt_inode_uidgid(const struct inode *inode, int cap)
 {
        struct user_namespace *ns = current_user_ns();
 
-       return ns_capable(ns, cap) && privileged_wrt_inode_uidgid(ns, inode);
+       return ns_capable(ns, cap) && kuid_has_mapping(ns, inode->i_uid) &&
+               kgid_has_mapping(ns, inode->i_gid);
 }
 EXPORT_SYMBOL(capable_wrt_inode_uidgid);
Domain: System / Kernel;