On Fri, Aug 14, 2020 at 09:11:02AM +0200, Greg Kroah-Hartman wrote: > On Thu, Aug 13, 2020 at 04:17:22PM -0700, Kees Cook wrote: > > The return code for attempting to execute a directory has always been > > EACCES. Adjust the S_ISDIR exec test to reflect the old errno instead > > of the general EISDIR for other kinds of "open" attempts on directories. > > > > Reported-by: Marc Zyngier <maz@xxxxxxxxxx> > > Link: https://lore.kernel.org/lkml/20200813151305.6191993b@why > > Fixes: 633fb6ac3980 ("exec: move S_ISREG() check earlier") > > Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx> > > --- > > fs/namei.c | 4 +++- > > 1 file changed, 3 insertions(+), 1 deletion(-) > > > > diff --git a/fs/namei.c b/fs/namei.c > > index 2112e578dccc..e99e2a9da0f7 100644 > > --- a/fs/namei.c > > +++ b/fs/namei.c > > @@ -2849,8 +2849,10 @@ static int may_open(const struct path *path, int acc_mode, int flag) > > case S_IFLNK: > > return -ELOOP; > > case S_IFDIR: > > - if (acc_mode & (MAY_WRITE | MAY_EXEC)) > > + if (acc_mode & MAY_WRITE) > > return -EISDIR; > > + if (acc_mode & MAY_EXEC) > > + return -EACCES; > > break; > > case S_IFBLK: > > case S_IFCHR: > > > Reviewed-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxx> And to round out the "let's use a different email address for each response, to drive accounting tools crazy!" effort, you can also add: Tested-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxx> thanks, greg "I don't have enough different email addresses" k-h
