On Tue, Jul 18, 2017 at 6:06 PM, Andy Lutomirski <[email protected]> wrote: > On Tue, Jul 18, 2017 at 3:25 PM, Kees Cook <[email protected]> wrote: >> The cred_prepared bprm flag has a misleading name. It has nothing to do >> with the bprm_prepare_cred hook, and actually tracks if bprm_set_creds has >> been called. Rename this flag and improve its comment. >> >> Cc: David Howells <[email protected]> >> Cc: John Johansen <[email protected]> >> Cc: Paul Moore <[email protected]> >> Cc: Stephen Smalley <[email protected]> >> Cc: Casey Schaufler <[email protected]> >> Cc: James Morris <[email protected]> >> Signed-off-by: Kees Cook <[email protected]> >> --- >> fs/binfmt_flat.c | 2 +- >> fs/exec.c | 2 +- >> include/linux/binfmts.h | 8 ++++++-- >> security/apparmor/domain.c | 2 +- >> security/selinux/hooks.c | 2 +- >> security/smack/smack_lsm.c | 2 +- >> security/tomoyo/tomoyo.c | 2 +- >> 7 files changed, 12 insertions(+), 8 deletions(-) >> >> diff --git a/fs/binfmt_flat.c b/fs/binfmt_flat.c >> index 2edcefc0a294..a722530cc468 100644 >> --- a/fs/binfmt_flat.c >> +++ b/fs/binfmt_flat.c >> @@ -885,7 +885,7 @@ static int load_flat_shared_library(int id, struct >> lib_info *libs) >> * as we're past the point of no return and are dealing with shared >> * libraries. >> */ >> - bprm.cred_prepared = 1; >> + bprm.called_set_creds = 1; > > WTF is this? It's not, strictly speaking, a bug in this patch, but > it's nonsensical. Is it fixed (presuably deleted) later?
binfmt_flat looks crazy, but I haven't seen any distros that enable it. > Otherwise looks good. Thanks! -Kees -- Kees Cook Pixel Security
