xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

exec: Consolidate pdeath_signal clearing

Browse Source 
Instead of an additional secureexec check for pdeath_signal, just move it
up into the initial secureexec test. Neither perf nor arch code touches
pdeath_signal, so the relocation shouldn't change anything.

Signed-off-by: Kees Cook <keescook@chromium.org>
Acked-by: Serge Hallyn <serge@hallyn.com>
This commit is contained in:
Kees Cook
2017-07-18 15:25:36 -07:00
parent 64701dee41
commit fe8993b3a0
1 changed files with 3 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
fs/exec.c
View File

@@ -1351,6 +1351,9 @@ void setup_new_exec(struct linux_binprm * bprm)
bprm->secureexec |= bprm->cap_elevated; bprm->secureexec |= bprm->cap_elevated;
if (bprm->secureexec) { if (bprm->secureexec) {
/* Make sure parent cannot signal privileged process. */
current->pdeath_signal = 0;
/* /*
* For secureexec, reset the stack limit to sane default to * For secureexec, reset the stack limit to sane default to
* avoid bad behavior from the prior rlimits. This has to * avoid bad behavior from the prior rlimits. This has to
@@ -1383,10 +1386,6 @@ void setup_new_exec(struct linux_binprm * bprm)
*/ */
current->mm->task_size = TASK_SIZE; current->mm->task_size = TASK_SIZE;
if (bprm->secureexec) {
current->pdeath_signal = 0;
}
/* An exec changes our domain. We are no longer part of the thread /* An exec changes our domain. We are no longer part of the thread
group */ group */
current->self_exec_id++; current->self_exec_id++;