linux/security/apparmor
Kees Cook 4759ff71f2 exec: Check __FMODE_EXEC instead of in_execve for LSMs
After commit 978ffcbf00 ("execve: open the executable file before
doing anything else"), current->in_execve was no longer in sync with the
open(). This broke AppArmor and TOMOYO which depend on this flag to
distinguish "open" operations from being "exec" operations.

Instead of moving around in_execve, switch to using __FMODE_EXEC, which
is where the "is this an exec?" intent is stored. Note that TOMOYO still
uses in_execve around cred handling.

Reported-by: Kevin Locke <kevin@kevinlocke.name>
Closes: https://lore.kernel.org/all/ZbE4qn9_h14OqADK@kevinlocke.name
Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Fixes: 978ffcbf00 ("execve: open the executable file before doing anything else")
Cc: Josh Triplett <josh@joshtriplett.org>
Cc: John Johansen <john.johansen@canonical.com>
Cc: Paul Moore <paul@paul-moore.com>
Cc: James Morris <jmorris@namei.org>
Cc: Serge E. Hallyn <serge@hallyn.com>
Cc: Kentaro Takeda <takedakn@nttdata.co.jp>
Cc: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: Christian Brauner <brauner@kernel.org>
Cc: Jan Kara <jack@suse.cz>
Cc: Eric Biederman <ebiederm@xmission.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Cc:  <linux-fsdevel@vger.kernel.org>
Cc:  <linux-mm@kvack.org>
Cc:  <apparmor@lists.ubuntu.com>
Cc:  <linux-security-module@vger.kernel.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2024-01-24 11:38:58 -08:00
..
include AppArmor: Add selfattr hooks 2023-11-12 22:54:42 -05:00
.gitignore
apparmorfs.c + Features 2024-01-19 10:53:55 -08:00
audit.c apparmor: add io_uring mediation 2023-10-18 15:58:49 -07:00
capability.c apparmor: Fix some kernel-doc comments 2023-10-23 00:25:49 -07:00
crypto.c apparmor: switch SECURITY_APPARMOR_HASH from sha1 to sha256 2023-11-19 00:47:56 -08:00
domain.c apparmor: declare stack_msg as static 2023-11-19 00:48:12 -08:00
file.c apparmor: refcount the pdb 2023-10-18 15:30:47 -07:00
ipc.c apparmor: refcount the pdb 2023-10-18 15:30:47 -07:00
Kconfig apparmor: switch SECURITY_APPARMOR_HASH from sha1 to sha256 2023-11-19 00:47:56 -08:00
label.c apparmor: refcount the pdb 2023-10-18 15:30:47 -07:00
lib.c apparmor: fix possible memory leak in unpack_trans_table 2024-01-04 01:34:00 -08:00
lsm.c exec: Check __FMODE_EXEC instead of in_execve for LSMs 2024-01-24 11:38:58 -08:00
Makefile
match.c apparmor: refcount the pdb 2023-10-18 15:30:47 -07:00
mount.c apparmor: Fix move_mount mediation by detecting if source is detached 2024-01-03 12:10:29 -08:00
net.c apparmor: refcount the pdb 2023-10-18 15:30:47 -07:00
nulldfa.in
path.c
policy.c apparmor: free the allocated pdb objects 2024-01-03 11:48:02 -08:00
policy_compat.c
policy_ns.c
policy_unpack.c apparmor: Fix memory leak in unpack_profile() 2024-01-09 01:45:25 -08:00
policy_unpack_test.c
procattr.c AppArmor: Add selfattr hooks 2023-11-12 22:54:42 -05:00
resource.c apparmor: pass cred through to audit info. 2023-10-18 15:30:38 -07:00
secid.c
stacksplitdfa.in
task.c apparmor: add missing params to aa_may_ptrace kernel-doc comments 2023-11-19 01:19:41 -08:00