[GIT PULL] exec cleanups for v5.8-rc1
From: Eric W. Biederman
Date: Thu Jun 04 2020 - 16:13:20 EST
Please pull the proc-linus branch from the git tree:
git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git exec-linus
HEAD: 3977e285ee89a94699255dbbf6eeea13889a1083 exec: Remove the recomputation of bprm->cred
Last cycle for the Nth time I ran into bugs and quality of
implementation issues related to exec that could not be easily be fixed
because of the way exec is implemented. So I have been digging into
exec and cleanup up what I can.
I don't think I have exec sorted out enough to fix the issues I started
with but I have made some headway this cycle with 4 sets of changes.
exec: Promised cleanups after introducing exec_update_mutex
exec: Trivial cleanups for exec
exec: Control flow simplifications
exec: Remove the recomputation of bprm->cred
The net result is code that is a bit easier to understand and work with
and a decrease in the number of lines of code (if you don't count the
added tests).
There is a trivial conflict with the transformation of
copy_strings_kernel into copy_string_kernel by Christoph Hellwig. These
changes touch adjacent lines.
Arnd Bergmann (1):
binfmt_elf_fdpic: fix execfd build regression
Eric W. Biederman (30):
binfmt: Move install_exec_creds after setup_new_exec to match binfmt_elf
exec: Make unlocking exec_update_mutex explict
exec: Rename the flag called_exec_mmap point_of_no_return
exec: Merge install_exec_creds into setup_new_exec
exec: In setup_new_exec cache current in the local variable me
exec: Move most of setup_new_exec into flush_old_exec
exec: Rename flush_old_exec begin_new_exec
exec: Promised cleanups after introducing exec_update_mutex
exec: Move the comment from above de_thread to above unshare_sighand
exec: Fix spelling of search_binary_handler in a comment
exec: Run sync_mm_rss before taking exec_update_mutex
exec: Move handling of the point of no return to the top level
exec: Set the point of no return sooner
exec: Trivial cleanups for exec
exec: Move would_dump into flush_old_exec
Merge f87d1c955916 ("exec: Move would_dump into flush_old_exec")
exec: Teach prepare_exec_creds how exec treats uids & gids
exec: Factor security_bprm_creds_for_exec out of security_bprm_set_creds
exec: Convert security_bprm_set_creds into security_bprm_repopulate_creds
exec: Allow load_misc_binary to call prepare_binprm unconditionally
exec: Move the call of prepare_binprm into search_binary_handler
exec/binfmt_script: Don't modify bprm->buf and then return -ENOEXEC
exec: Generic execfd support
exec: Remove recursion from search_binary_handler
exec: Control flow simplifications
exec: Always set cap_ambient in cap_bprm_set_creds
Merge commit a4ae32c71fe9 ("exec: Always set cap_ambient in cap_bprm_set_creds")
exec: Add a per bprm->file version of per_clear
exec: Compute file based creds only once
exec: Remove the recomputation of bprm->cred
Kees Cook (1):
selftests/exec: Add binfmt_script regression test
Documentation/trace/ftrace.rst | 2 +-
arch/alpha/kernel/binfmt_loader.c | 11 +-
arch/x86/ia32/ia32_aout.c | 4 +-
fs/binfmt_aout.c | 3 +-
fs/binfmt_elf.c | 7 +-
fs/binfmt_elf_fdpic.c | 9 +-
fs/binfmt_em86.c | 13 +-
fs/binfmt_flat.c | 4 +-
fs/binfmt_misc.c | 69 +------
fs/binfmt_script.c | 82 ++++----
fs/exec.c | 320 ++++++++++++++++-------------
include/linux/binfmts.h | 45 ++--
include/linux/lsm_hook_defs.h | 3 +-
include/linux/lsm_hooks.h | 56 ++---
include/linux/security.h | 15 +-
kernel/cred.c | 3 +
kernel/events/core.c | 2 +-
security/apparmor/domain.c | 7 +-
security/apparmor/include/domain.h | 2 +-
security/apparmor/lsm.c | 2 +-
security/commoncap.c | 22 +-
security/security.c | 9 +-
security/selinux/hooks.c | 8 +-
security/smack/smack_lsm.c | 9 +-
security/tomoyo/tomoyo.c | 12 +-
tools/testing/selftests/exec/Makefile | 1 +
tools/testing/selftests/exec/binfmt_script | 171 +++++++++++++++
27 files changed, 503 insertions(+), 388 deletions(-)
Eric