diff options
author | Stefan Agner <stefan@agner.ch> | 2017-03-14 13:59:28 -0700 |
---|---|---|
committer | Max Krummenacher <max.krummenacher@toradex.com> | 2017-03-15 18:35:51 +0100 |
commit | 39ac0033f2345ce7b5d8ca4439192407dacb2355 (patch) | |
tree | 51dc588baa63d31bc406388885f62c1cae068fa3 /fs/exec.c | |
parent | 13f2767f31803754aa883f298737aff866f04628 (diff) | |
parent | d9e0350d2575a20ee7783427da9bd6b6107eb983 (diff) |
Merge tag 'v4.1.39' into toradex_vf_4.1-nexttoradex_vf_4.1
Linux 4.1.39
Diffstat (limited to 'fs/exec.c')
-rw-r--r-- | fs/exec.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/fs/exec.c b/fs/exec.c index 1977c2a553ac..04c9cab4d4d3 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -19,7 +19,7 @@ * current->executable is only used by the procfs. This allows a dispatch * table to check for several different types of binary formats. We keep * trying until we recognize the file or we run out of supported binary - * formats. + * formats. */ #include <linux/slab.h> @@ -1108,6 +1108,13 @@ int flush_old_exec(struct linux_binprm * bprm) flush_thread(); current->personality &= ~bprm->per_clear; + /* + * We have to apply CLOEXEC before we change whether the process is + * dumpable (in setup_new_exec) to avoid a race with a process in userspace + * trying to access the should-be-closed file descriptors of a process + * undergoing exec(2). + */ + do_close_on_exec(current->files); return 0; out: @@ -1157,7 +1164,6 @@ void setup_new_exec(struct linux_binprm * bprm) group */ current->self_exec_id++; flush_signal_handlers(current, 0); - do_close_on_exec(current->files); } EXPORT_SYMBOL(setup_new_exec); @@ -1248,7 +1254,7 @@ static void check_unsafe_exec(struct linux_binprm *bprm) unsigned n_fs; if (p->ptrace) { - if (p->ptrace & PT_PTRACE_CAP) + if (ptracer_capable(p, current_user_ns())) bprm->unsafe |= LSM_UNSAFE_PTRACE_CAP; else bprm->unsafe |= LSM_UNSAFE_PTRACE; |