[RFC][PATCH 1/3] exec: Move unshare_files down to avoid locks being dropped on exec.

From: Eric W. Biederman
Date: Sun Sep 16 2018 - 13:40:09 EST



Signed-off-by: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
---
fs/exec.c | 19 ++++++++-----------
1 file changed, 8 insertions(+), 11 deletions(-)

diff --git a/fs/exec.c b/fs/exec.c
index 1ebf6e5a521d..6f6167ec08eb 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1252,6 +1252,7 @@ void __set_task_comm(struct task_struct *tsk, const char *buf, bool exec)
*/
int flush_old_exec(struct linux_binprm * bprm)
{
+ struct files_struct *displaced;
int retval;

/*
@@ -1291,6 +1292,12 @@ int flush_old_exec(struct linux_binprm * bprm)
flush_thread();
current->personality &= ~bprm->per_clear;

+ retval = unshare_files(&displaced);
+ if (retval)
+ goto out;
+ if (displaced)
+ put_files_struct(displaced);
+
/*
* We have to apply CLOEXEC before we change whether the process is
* dumpable (in setup_new_exec) to avoid a race with a process in userspace
@@ -1713,7 +1720,6 @@ static int __do_execve_file(int fd, struct filename *filename,
{
char *pathbuf = NULL;
struct linux_binprm *bprm;
- struct files_struct *displaced;
int retval;

if (IS_ERR(filename))
@@ -1735,14 +1741,10 @@ static int __do_execve_file(int fd, struct filename *filename,
* further execve() calls fail. */
current->flags &= ~PF_NPROC_EXCEEDED;

- retval = unshare_files(&displaced);
- if (retval)
- goto out_ret;
-
retval = -ENOMEM;
bprm = kzalloc(sizeof(*bprm), GFP_KERNEL);
if (!bprm)
- goto out_files;
+ goto out_ret;

retval = prepare_bprm_creds(bprm);
if (retval)
@@ -1831,8 +1833,6 @@ static int __do_execve_file(int fd, struct filename *filename,
kfree(pathbuf);
if (filename)
putname(filename);
- if (displaced)
- put_files_struct(displaced);
return retval;

out:
@@ -1849,9 +1849,6 @@ static int __do_execve_file(int fd, struct filename *filename,
free_bprm(bprm);
kfree(pathbuf);

-out_files:
- if (displaced)
- reset_files_struct(displaced);
out_ret:
if (filename)
putname(filename);
--
2.17.1