usermodehelper: reset umask to default before executing user process

stable inclusion from linux-4.19.151 commit 33acb78c859f1a0bd3c6b67801fada16f99614f6 -------------------------------- commit 4013c149 upstream. Kernel threads intentionally do CLONE_FS in order to follow any changes that 'init' does to set up the root directory (or cwd). It is admittedly a bit odd, but it avoids the situation where 'init' does some extensive setup to initialize the system environment, and then we execute a usermode helper program, and it uses the original FS setup from boot time that may be very limited and incomplete. [ Both Al Viro and Eric Biederman point out that 'pivot_root()' will follow the root regardless, since it fixes up other users of root (see chroot_fs_refs() for details), but overmounting root and doing a chroot() would not. ] However, Vegard Nossum noticed that the CLONE_FS not only means that we follow the root and current working directories, it also means we share umask with whatever init changed it to. That wasn't intentional. Just reset umask to the original default (0022) before actually starting the usermode helper program. Reported-by: N Vegard Nossum <vegard.nossum@oracle.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Acked-by: N Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: N Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: N Greg Kroah-Hartman <gregkh@linuxfoundation.org> Conflicts: kernel/umh.c [yyl: adjust context] Signed-off-by: N Yang Yingliang <yangyingliang@huawei.com> Reviewed-by: N Xie XiuQi <xiexiuqi@huawei.com> Signed-off-by: N Yang Yingliang <yangyingliang@huawei.com>

usermodehelper: reset umask to default before executing user process
stable inclusion from linux-4.19.151 commit 33acb78c859f1a0bd3c6b67801fada16f99614f6 -------------------------------- commit 4013c149 upstream. Kernel threads intentionally do CLONE_FS in order to follow any changes that 'init' does to set up the root directory (or cwd). It is admittedly a bit odd, but it avoids the situation where 'init' does some extensive setup to initialize the system environment, and then we execute a usermode helper program, and it uses the original FS setup from boot time that may be very limited and incomplete. [ Both Al Viro and Eric Biederman point out that 'pivot_root()' will follow the root regardless, since it fixes up other users of root (see chroot_fs_refs() for details), but overmounting root and doing a chroot() would not. ] However, Vegard Nossum noticed that the CLONE_FS not only means that we follow the root and current working directories, it also means we share umask with whatever init changed it to. That wasn't intentional. Just reset umask to the original default (0022) before actually starting the usermode helper program. Reported-by: N Vegard Nossum <vegard.nossum@oracle.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Acked-by: N Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: N Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: N Greg Kroah-Hartman <gregkh@linuxfoundation.org> Conflicts: kernel/umh.c [yyl: adjust context] Signed-off-by: N Yang Yingliang <yangyingliang@huawei.com> Reviewed-by: N Xie XiuQi <xiexiuqi@huawei.com> Signed-off-by: N Yang Yingliang <yangyingliang@huawei.com>
2dc6afbe · Linus Torvalds · Yang Yingliang · 4ffa797e · 2dc6afbe
隐藏空白更改
内联并排

Showing with 9 addition and 0 deletion

kernel/umh.c kernel/umh.c +9 -0

未找到文件。
--- a/kernel/umh.c
+++ b/kernel/umh.c
@@ -13,6 +13,7 @@
 #include <linux/cred.h>
 #include <linux/file.h>
 #include <linux/fdtable.h>
+#include <linux/fs_struct.h>
 #include <linux/workqueue.h>
 #include <linux/security.h>
 #include <linux/mount.h>
@@ -76,6 +77,14 @@ static int call_usermodehelper_exec_async(void *data)
 	flush_signal_handlers(current, 1);
 	spin_unlock_irq(&current->sighand->siglock);

+	/*
+	 * Initial kernel threads share ther FS with init, in order to
+	 * get the init root directory. But we've now created a new
+	 * thread that is going to execve a user process and has its own
+	 * 'struct fs_struct'. Reset umask to the default.
+	 */
+	current->fs->umask = 0022;
+
 	/*
 	 * Kthreadd can be restricted to a set of processors if the user wants
 	 * to protect other processors from OS latencies. If that has happened