On Tue, Jul 18, 2017 at 6:06 PM, Andy Lutomirski <luto@xxxxxxxxxx> wrote: > On Tue, Jul 18, 2017 at 3:25 PM, Kees Cook <keescook@xxxxxxxxxxxx> wrote: >> The cred_prepared bprm flag has a misleading name. It has nothing to do >> with the bprm_prepare_cred hook, and actually tracks if bprm_set_creds has >> been called. Rename this flag and improve its comment. >> >> Cc: David Howells <dhowells@xxxxxxxxxx> >> Cc: John Johansen <john.johansen@xxxxxxxxxxxxx> >> Cc: Paul Moore <paul@xxxxxxxxxxxxxx> >> Cc: Stephen Smalley <sds@xxxxxxxxxxxxx> >> Cc: Casey Schaufler <casey@xxxxxxxxxxxxxxxx> >> Cc: James Morris <james.l.morris@xxxxxxxxxx> >> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx> >> --- >> fs/binfmt_flat.c | 2 +- >> fs/exec.c | 2 +- >> include/linux/binfmts.h | 8 ++++++-- >> security/apparmor/domain.c | 2 +- >> security/selinux/hooks.c | 2 +- >> security/smack/smack_lsm.c | 2 +- >> security/tomoyo/tomoyo.c | 2 +- >> 7 files changed, 12 insertions(+), 8 deletions(-) >> >> diff --git a/fs/binfmt_flat.c b/fs/binfmt_flat.c >> index 2edcefc0a294..a722530cc468 100644 >> --- a/fs/binfmt_flat.c >> +++ b/fs/binfmt_flat.c >> @@ -885,7 +885,7 @@ static int load_flat_shared_library(int id, struct lib_info *libs) >> * as we're past the point of no return and are dealing with shared >> * libraries. >> */ >> - bprm.cred_prepared = 1; >> + bprm.called_set_creds = 1; > > WTF is this? It's not, strictly speaking, a bug in this patch, but > it's nonsensical. Is it fixed (presuably deleted) later? binfmt_flat looks crazy, but I haven't seen any distros that enable it. > Otherwise looks good. Thanks! -Kees -- Kees Cook Pixel Security
