summaryrefslogtreecommitdiff
path: root/.gitignore
diff options
context:
space:
mode:
authorDavid Hildenbrand <david@redhat.com>2021-04-23 10:29:59 +0200
committerDavid Hildenbrand <david@redhat.com>2021-09-03 18:42:01 +0200
commitfe69d560b5bd9ec77b5d5749bd7027344daef47e (patch)
treed326cdd1de311c30c88008ffd2f1f3a9ac34e227 /.gitignore
parent35d7bdc86031a2c1ae05ac27dfa93b2acdcbaecc (diff)
downloadlwn-fe69d560b5bd9ec77b5d5749bd7027344daef47e.tar.gz
lwn-fe69d560b5bd9ec77b5d5749bd7027344daef47e.zip
kernel/fork: always deny write access to current MM exe_file
We want to remove VM_DENYWRITE only currently only used when mapping the executable during exec. During exec, we already deny_write_access() the executable, however, after exec completes the VMAs mapped with VM_DENYWRITE effectively keeps write access denied via deny_write_access(). Let's deny write access when setting or replacing the MM exe_file. With this change, we can remove VM_DENYWRITE for mapping executables. Make set_mm_exe_file() return an error in case deny_write_access() fails; note that this should never happen, because exec code does a deny_write_access() early and keeps write access denied when calling set_mm_exe_file. However, it makes the code easier to read and makes set_mm_exe_file() and replace_mm_exe_file() look more similar. This represents a minor user space visible change: sys_prctl(PR_SET_MM_MAP/EXE_FILE) can now fail if the file is already opened writable. Also, after sys_prctl(PR_SET_MM_MAP/EXE_FILE) the file cannot be opened writable. Note that we can already fail with -EACCES if the file doesn't have execute permissions. Acked-by: "Eric W. Biederman" <ebiederm@xmission.com> Acked-by: Christian König <christian.koenig@amd.com> Signed-off-by: David Hildenbrand <david@redhat.com>
Diffstat (limited to '.gitignore')
0 files changed, 0 insertions, 0 deletions