On Thu, Aug 13, 2020 at 04:17:22PM -0700, Kees Cook wrote: > The return code for attempting to execute a directory has always been > EACCES. Adjust the S_ISDIR exec test to reflect the old errno instead > of the general EISDIR for other kinds of "open" attempts on directories. > > Reported-by: Marc Zyngier <maz@xxxxxxxxxx> > Link: https://lore.kernel.org/lkml/20200813151305.6191993b@why > Fixes: 633fb6ac3980 ("exec: move S_ISREG() check earlier") > Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx> > --- > fs/namei.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/fs/namei.c b/fs/namei.c > index 2112e578dccc..e99e2a9da0f7 100644 > --- a/fs/namei.c > +++ b/fs/namei.c > @@ -2849,8 +2849,10 @@ static int may_open(const struct path *path, int acc_mode, int flag) > case S_IFLNK: > return -ELOOP; > case S_IFDIR: > - if (acc_mode & (MAY_WRITE | MAY_EXEC)) > + if (acc_mode & MAY_WRITE) > return -EISDIR; > + if (acc_mode & MAY_EXEC) > + return -EACCES; > break; > case S_IFBLK: > case S_IFCHR: Reviewed-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxx>
