binfmt: Move install_exec_creds after setup_new_exec to match binfmt_elf

In 2016 Linus moved install_exec_creds immediately after setup_new_exec, in binfmt_elf as a cleanup and as part of closing a potential information leak. Perform the same cleanup for the other binary formats. Different binary formats doing the same things the same way makes exec easier to reason about and easier to maintain. Greg Ungerer reports: > I tested the the whole series on non-MMU m68k and non-MMU arm > (exercising binfmt_flat) and it all tested out with no problems, > so for the binfmt_flat changes: Tested-by: N Greg Ungerer <gerg@linux-m68k.org> Ref: 9f834ec1 ("binfmt_elf: switch to new creds when switching to new mm") Reviewed-by: N Kees Cook <keescook@chromium.org> Reviewed-by: N Greg Ungerer <gerg@linux-m68k.org> Signed-off-by: N "Eric W. Biederman" <ebiederm@xmission.com>

binfmt: Move install_exec_creds after setup_new_exec to match binfmt_elf
In 2016 Linus moved install_exec_creds immediately after setup_new_exec, in binfmt_elf as a cleanup and as part of closing a potential information leak. Perform the same cleanup for the other binary formats. Different binary formats doing the same things the same way makes exec easier to reason about and easier to maintain. Greg Ungerer reports: > I tested the the whole series on non-MMU m68k and non-MMU arm > (exercising binfmt_flat) and it all tested out with no problems, > so for the binfmt_flat changes: Tested-by: N Greg Ungerer <gerg@linux-m68k.org> Ref: 9f834ec1 ("binfmt_elf: switch to new creds when switching to new mm") Reviewed-by: N Kees Cook <keescook@chromium.org> Reviewed-by: N Greg Ungerer <gerg@linux-m68k.org> Signed-off-by: N "Eric W. Biederman" <ebiederm@xmission.com>
e7f77854 · Eric W. Biederman · 6a8b55ed · e7f77854 · e7f77854 · e7f77854
Showing with 4 addition and 6 deletion

arch/x86/ia32/ia32_aout.c arch/x86/ia32/ia32_aout.c +1 -2

fs/binfmt_aout.c fs/binfmt_aout.c +1 -1

fs/binfmt_elf_fdpic.c fs/binfmt_elf_fdpic.c +1 -1

fs/binfmt_flat.c fs/binfmt_flat.c +1 -2

未找到文件。
--- a/arch/x86/ia32/ia32_aout.c
+++ b/arch/x86/ia32/ia32_aout.c
@@ -140,6 +140,7 @@ static int load_aout_binary(struct linux_binprm *bprm)
 	set_personality_ia32(false);
 	setup_new_exec(bprm);
+	install_exec_creds(bprm);
 	regs->cs = __USER32_CS;
 	regs->r8 = regs->r9 = regs->r10 = regs->r11 = regs->r12 =
@@ -156,8 +157,6 @@ static int load_aout_binary(struct linux_binprm *bprm)
 	if (retval < 0)
 		return retval;
-	install_exec_creds(bprm);
 	if (N_MAGIC(ex) == OMAGIC) {
 		unsigned long text_addr, map_size;

--- a/fs/binfmt_aout.c
+++ b/fs/binfmt_aout.c
@@ -162,6 +162,7 @@ static int load_aout_binary(struct linux_binprm * bprm)
 	set_personality(PER_LINUX);
 #endif
 	setup_new_exec(bprm);
+	install_exec_creds(bprm);
 	current->mm->end_code = ex.a_text +
 		(current->mm->start_code = N_TXTADDR(ex));
@@ -174,7 +175,6 @@ static int load_aout_binary(struct linux_binprm * bprm)
 	if (retval < 0)
 		return retval;
-	install_exec_creds(bprm);
 	if (N_MAGIC(ex) == OMAGIC) {
 		unsigned long text_addr, map_size;

--- a/fs/binfmt_elf_fdpic.c
+++ b/fs/binfmt_elf_fdpic.c
@@ -353,6 +353,7 @@ static int load_elf_fdpic_binary(struct linux_binprm *bprm)
 		current->personality |= READ_IMPLIES_EXEC;
 	setup_new_exec(bprm);
+	install_exec_creds(bprm);
 	set_binfmt(&elf_fdpic_format);
@@ -434,7 +435,6 @@ static int load_elf_fdpic_binary(struct linux_binprm *bprm)
 	current->mm->start_stack = current->mm->start_brk + stack_size;
 #endif
-	install_exec_creds(bprm);
 	if (create_elf_fdpic_tables(bprm, current->mm,
 				    &exec_params, &interp_params) < 0)
 		goto error;

--- a/fs/binfmt_flat.c
+++ b/fs/binfmt_flat.c
@@ -541,6 +541,7 @@ static int load_flat_file(struct linux_binprm *bprm,
 		/* OK, This is the point of no return */
 		set_personality(PER_LINUX_32BIT);
 		setup_new_exec(bprm);
+		install_exec_creds(bprm);
 	}
 	/*
@@ -963,8 +964,6 @@ static int load_flat_binary(struct linux_binprm *bprm)
 		}
 	}
-	install_exec_creds(bprm);
 	set_binfmt(&flat_format);
 #ifdef CONFIG_MMU