On Wed, Jan 24, 2024 at 02:06:23PM -0800, Kees Cook wrote:
> Path-based LSMs will bypass uselib() "open" checks since commit
> 4759ff71f23e ("exec: Check __FMODE_EXEC instead of in_execve for LSMs"),
> so don't set __FMODE_EXEC during uselib(). The LSM "open" and eventual
> "mmap" hooks will be restored. (uselib() never set current->in_execve.)
Ah, nevermind, I see Linux's commit has taken care of this already:
https://git.kernel.org/linus/3eab830189d94f0f80f34cbff609b5bb54002679
--
Kees Cook
