The patch titled Subject: exec: change uselib(2) IS_SREG() failure to EACCES has been added to the -mm tree. Its filename is exec-change-uselib2-is_sreg-failure-to-eacces.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/exec-change-uselib2-is_sreg-failure-to-eacces.patch and later at http://ozlabs.org/~akpm/mmotm/broken-out/exec-change-uselib2-is_sreg-failure-to-eacces.patch Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Kees Cook <keescook@xxxxxxxxxxxx> Subject: exec: change uselib(2) IS_SREG() failure to EACCES Patch series "Relocate execve() sanity checks", v2. While looking at the code paths for the proposed O_MAYEXEC flag, I saw some things that looked like they should be fixed up. exec: Change uselib(2) IS_SREG() failure to EACCES This just regularizes the return code on uselib(2). exec: Move S_ISREG() check earlier This moves the S_ISREG() check even earlier than it was already. exec: Move path_noexec() check earlier This adds the path_noexec() check to the same place as the S_ISREG() check. This patch (of 3): Change uselib(2)' S_ISREG() error return to EACCES instead of EINVAL so the behavior matches execve(2), and the seemingly documented value. The "not a regular file" failure mode of execve(2) is explicitly documented[1], but it is not mentioned in uselib(2)[2] which does, however, say that open(2) and mmap(2) errors may apply. The documentation for open(2) does not include a "not a regular file" error[3], but mmap(2) does[4], and it is EACCES. [1] http://man7.org/linux/man-pages/man2/execve.2.html#ERRORS [2] http://man7.org/linux/man-pages/man2/uselib.2.html#ERRORS [3] http://man7.org/linux/man-pages/man2/open.2.html#ERRORS [4] http://man7.org/linux/man-pages/man2/mmap.2.html#ERRORS Link: http://lkml.kernel.org/r/20200605160013.3954297-1-keescook@xxxxxxxxxxxx Link: http://lkml.kernel.org/r/20200605160013.3954297-2-keescook@xxxxxxxxxxxx Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx> Acked-by: Christian Brauner <christian.brauner@xxxxxxxxxx> Cc: Aleksa Sarai <cyphar@xxxxxxxxxx> Cc: Alexander Viro <viro@xxxxxxxxxxxxxxxxxx> Cc: Dmitry Vyukov <dvyukov@xxxxxxxxxx> Cc: Eric Biggers <ebiggers3@xxxxxxxxx> Cc: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx> Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> --- fs/exec.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) --- a/fs/exec.c~exec-change-uselib2-is_sreg-failure-to-eacces +++ a/fs/exec.c @@ -141,11 +141,10 @@ SYSCALL_DEFINE1(uselib, const char __use if (IS_ERR(file)) goto out; - error = -EINVAL; + error = -EACCES; if (!S_ISREG(file_inode(file)->i_mode)) goto exit; - error = -EACCES; if (path_noexec(&file->f_path)) goto exit; _ Patches currently in -mm which might be from keescook@xxxxxxxxxxxx are exec-change-uselib2-is_sreg-failure-to-eacces.patch exec-move-s_isreg-check-earlier.patch exec-move-path_noexec-check-earlier.patch