exec: Remove the recomputation of bprm->cred
authorEric W. Biederman <ebiederm@xmission.com>
Sun, 31 May 2020 20:02:36 +0000 (15:02 -0500)
committerEric W. Biederman <ebiederm@xmission.com>
Sun, 31 May 2020 20:02:36 +0000 (15:02 -0500)
commit3977e285ee89a94699255dbbf6eeea13889a1083
tree378ea4452668d448b0834fd08008a5f81619f1fd
parente32f8879019535b899bc3d51f371e17526f208d1
parent56305aa9b6fab91a5555a45796b79c1b0a6353d1
exec: Remove the recomputation of bprm->cred

Recomputing the uids, gids, capabilities, and related flags each time a
new bprm->file is set is error prone and unnecessary.

This set of changes splits per_clear temporarily into two separate
variables.  This is the last change necessary to ensure that
everything that is computed from brpm->file in bprm->cred is
recomputed every time a new bprm->file is set.  Then the code is
refactored to compute bprm->cred from bprm->file when the final
brpm->file is known, removing the need for recomputation entirely.

Doing this in two steps should allow anyone who has problems later to
bisect and tell if it was the semantic change or the refactoring that
caused them problems.

Eric W. Biederman (2):
      exec: Add a per bprm->file version of per_clear
      exec: Compute file based creds only once

 fs/binfmt_misc.c              |  2 +-
 fs/exec.c                     | 57 ++++++++++++++++++-------------------------
 include/linux/binfmts.h       |  9 ++-----
 include/linux/lsm_hook_defs.h |  2 +-
 include/linux/lsm_hooks.h     | 22 +++++++++--------
 include/linux/security.h      |  9 ++++---
 security/commoncap.c          | 22 +++++++++--------
 security/security.c           |  4 +--
 8 files changed, 59 insertions(+), 68 deletions(-)

Merge branch 'exec-norecompute-v2' into exec-next