Hi!
> From: Kees Cook <keescook@xxxxxxxxxxxx>
>
> [ Upstream commit 90383cc07895183c75a0db2460301c2ffd912359 ]
>
> Just to help distinguish the fs->in_exec flag from the current->in_execve
> flag, add comments in check_unsafe_exec() and copy_fs() for more
> context. Also note that in_execve is only used by TOMOYO now.
These are just a whitespace changes, we should not need them.
Best regards,
Pavel
> +++ b/fs/exec.c
> @@ -1565,6 +1565,7 @@ static void check_unsafe_exec(struct linux_binprm *bprm)
> }
> rcu_read_unlock();
>
> + /* "users" and "in_exec" locked for copy_fs() */
> if (p->fs->users > n_fs)
> bprm->unsafe |= LSM_UNSAFE_SHARE;
> else
> diff --git a/include/linux/sched.h b/include/linux/sched.h
> index aa015416c569..65cfe85de8d5 100644
> --- a/include/linux/sched.h
> +++ b/include/linux/sched.h
> @@ -806,7 +806,7 @@ struct task_struct {
> */
> unsigned sched_remote_wakeup:1;
>
> - /* Bit to tell LSMs we're in execve(): */
> + /* Bit to tell TOMOYO we're in execve(): */
> unsigned in_execve:1;
> unsigned in_iowait:1;
> #ifndef TIF_RESTORE_SIGMASK
> diff --git a/kernel/fork.c b/kernel/fork.c
> index 633b0af1d1a7..906dbaf25058 100644
> --- a/kernel/fork.c
> +++ b/kernel/fork.c
> @@ -1452,6 +1452,7 @@ static int copy_fs(unsigned long clone_flags, struct task_struct *tsk)
> if (clone_flags & CLONE_FS) {
> /* tsk->fs is already what we want */
> spin_lock(&fs->lock);
> + /* "users" and "in_exec" locked for check_unsafe_exec() */
> if (fs->in_exec) {
> spin_unlock(&fs->lock);
> return -EAGAIN;
--
DENX Software Engineering GmbH, Managing Director: Erika Unter
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Attachment:
signature.asc
Description: PGP signature
