On Thu, Jun 29, 2017 at 08:46:12AM -0700, Andy Lutomirski wrote:
> test_execve does rather odd mount manipulations to safely create
> temporary setuid and setgid executables that aren't visible to the
> rest of the system. Those executables end up in the test's cwd, but
> that cwd is MNT_DETACHed.
>
> The core namespace code considers MNT_DETACHed trees to belong to no
> mount namespace at all and, in general, MNT_DETACHed trees are only
> barely function. This interacted with commit 380cf5ba6b0a ("fs:
> Treat foreign mounts as nosuid") to cause all MNT_DETACHed trees to
> act as though they're nosuid, breaking the test.
>
> Fix it by just not detaching the tree. It's still in a private
> mount namespace and is therefore still invisible to the rest of the
> system (except via /proc, and the same nosuid logic will protect all
> other programs on the system from believing in test_execve's setuid
> bits).
>
> While we're at it, fix some blatant whitespace problems.
>
> Reported-by: Naresh Kamboju <naresh.kamboju@xxxxxxxxxx>
> Fixes: 380cf5ba6b0a ("fs: Treat foreign mounts as nosuid")
> Cc: stable@xxxxxxxxxxxxxxx
> Cc: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
> Cc: Kees Cook <keescook@xxxxxxxxxxxx>
> Cc: Shuah Khan <shuahkh@xxxxxxxxxxxxxxx>
> Cc: Greg KH <greg@xxxxxxxxx>
> Cc: linux-kselftest@xxxxxxxxxxxxxxx
> Signed-off-by: Andy Lutomirski <luto@xxxxxxxxxx>
Acked-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Thanks for fixing this!
--
To unsubscribe from this list: send the line "unsubscribe linux-kselftest" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
