linux-sg2042/security
Eric W. Biederman a7868323c2 exec: Add a per bprm->file version of per_clear
There is a small bug in the code that recomputes parts of bprm->cred
for every bprm->file.  The code never recomputes the part of
clear_dangerous_personality_flags it is responsible for.

Which means that in practice if someone creates a sgid script
the interpreter will not be able to use any of:
	READ_IMPLIES_EXEC
	ADDR_NO_RANDOMIZE
	ADDR_COMPAT_LAYOUT
	MMAP_PAGE_ZERO.

This accentially clearing of personality flags probably does
not matter in practice because no one has complained
but it does make the code more difficult to understand.

Further remaining bug compatible prevents the recomputation from being
removed and replaced by simply computing bprm->cred once from the
final bprm->file.

Making this change removes the last behavior difference between
computing bprm->creds from the final file and recomputing
bprm->cred several times.  Which allows this behavior change
to be justified for it's own reasons, and for any but hunts
looking into why the behavior changed to wind up here instead
of in the code that will follow that computes bprm->cred
from the final bprm->file.

This small logic bug appears to have existed since the code
started clearing dangerous personality bits.

History Tree: git://git.kernel.org/pub/scm/linux/kernel/git/tglx/history.git
Fixes: 1bb0fa189c6a ("[PATCH] NX: clean up legacy binary support")
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
2020-05-29 21:06:48 -05:00
..
apparmor exec: Factor security_bprm_creds_for_exec out of security_bprm_set_creds 2020-05-20 14:45:31 -05:00
bpf bpf: lsm: Initialize the BPF LSM hooks 2020-03-30 01:34:00 +02:00
integrity Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity 2020-04-02 14:49:46 -07:00
keys keys: Fix proc_keys_next to increase position index 2020-04-16 10:10:50 -07:00
loadpin proc/sysctl: add shared variables for range check 2019-07-18 17:08:07 -07:00
lockdown security,lockdown,selinux: implement SELinux lockdown 2019-12-09 17:53:58 -05:00
safesetid security/safesetid: Replace rcu_swap_protected() with rcu_replace_pointer() 2019-10-30 08:45:57 -07:00
selinux exec: Factor security_bprm_creds_for_exec out of security_bprm_set_creds 2020-05-20 14:45:31 -05:00
smack exec: Factor security_bprm_creds_for_exec out of security_bprm_set_creds 2020-05-20 14:45:31 -05:00
tomoyo exec: Factor security_bprm_creds_for_exec out of security_bprm_set_creds 2020-05-20 14:45:31 -05:00
yama proc/sysctl: add shared variables for range check 2019-07-18 17:08:07 -07:00
Kconfig bpf: lsm: Initialize the BPF LSM hooks 2020-03-30 01:34:00 +02:00
Kconfig.hardening meminit fix 2019-07-28 12:33:15 -07:00
Makefile bpf: lsm: Initialize the BPF LSM hooks 2020-03-30 01:34:00 +02:00
commoncap.c exec: Add a per bprm->file version of per_clear 2020-05-29 21:06:48 -05:00
device_cgroup.c device_cgroup: Export devcgroup_check_permission 2019-10-07 15:11:38 -05:00
inode.c Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
lsm_audit.c security,lockdown,selinux: implement SELinux lockdown 2019-12-09 17:53:58 -05:00
min_addr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
security.c exec: Convert security_bprm_set_creds into security_bprm_repopulate_creds 2020-05-21 10:16:50 -05:00