On 06/29/2017 10:55 AM, Greg KH wrote:
> On Thu, Jun 29, 2017 at 08:46:12AM -0700, Andy Lutomirski wrote:
>> test_execve does rather odd mount manipulations to safely create
>> temporary setuid and setgid executables that aren't visible to the
>> rest of the system. Those executables end up in the test's cwd, but
>> that cwd is MNT_DETACHed.
>>
>> The core namespace code considers MNT_DETACHed trees to belong to no
>> mount namespace at all and, in general, MNT_DETACHed trees are only
>> barely function. This interacted with commit 380cf5ba6b0a ("fs:
>> Treat foreign mounts as nosuid") to cause all MNT_DETACHed trees to
>> act as though they're nosuid, breaking the test.
>>
>> Fix it by just not detaching the tree. It's still in a private
>> mount namespace and is therefore still invisible to the rest of the
>> system (except via /proc, and the same nosuid logic will protect all
>> other programs on the system from believing in test_execve's setuid
>> bits).
>>
>> While we're at it, fix some blatant whitespace problems.
>>
>> Reported-by: Naresh Kamboju <naresh.kamboju@xxxxxxxxxx>
>> Fixes: 380cf5ba6b0a ("fs: Treat foreign mounts as nosuid")
>> Cc: stable@xxxxxxxxxxxxxxx
>> Cc: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
>> Cc: Kees Cook <keescook@xxxxxxxxxxxx>
>> Cc: Shuah Khan <shuahkh@xxxxxxxxxxxxxxx>
>> Cc: Greg KH <greg@xxxxxxxxx>
>> Cc: linux-kselftest@xxxxxxxxxxxxxxx
>> Signed-off-by: Andy Lutomirski <luto@xxxxxxxxxx>
>
> Acked-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
>
> Thanks for fixing this!
>
Thanks Andy for the fix. It is now in linux-kselftest next for 4.13-rc1
-- Shuah