exec: Don't open code get_close_on_exec

Submitted by Eric W. Biederman on Dec. 8, 2020, 11:20 p.m.


Message ID 87lfe7ubpo.fsf_-_@x220.int.ebiederm.org
State New
Series "exec: Move unshare_files and guarantee files_struct.count is correct"
Headers show

Commit Message

Eric W. Biederman Dec. 8, 2020, 11:20 p.m.
Al Viro pointed out that moving unshare_files makes the close_on_exec
test in bprm_exec unsafe because the rcu_read_lock is not held[1].

Fix this by using the helper get_close_on_exec, which is safe in the
presence of a shared files_struct.

[1] https://lkml.kernel.org/r/20201207222214.GA4115853@ZenIV.linux.org.uk
Fixes: 030a5fcfda42 ("exec: Move unshare_files to fix posix file locking during exec")
Suggested-by: Al Viro <viro@ftp.linux.org.uk>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
 fs/exec.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

Patch hide | download patch | download mbox

diff --git a/fs/exec.c b/fs/exec.c
index 9e9368603168..9917ebcd0fe5 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1812,8 +1812,7 @@  static int bprm_execve(struct linux_binprm *bprm,
 	 * than having the interpreter start and then immediately fail
 	 * when it finds the executable is inaccessible.
-	if (bprm->fdpath &&
-	    close_on_exec(fd, rcu_dereference_raw(current->files->fdt)))
+	if (bprm->fdpath && get_close_on_exec(fd))
 		bprm->interp_flags |= BINPRM_FLAGS_PATH_INACCESSIBLE;
 	/* Set the unchanging part of bprm->cred */