www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Linus Torvalds <torvalds@linux-foundation.org>
	Mon, 22 Aug 2016 23:41:46 +0000 (16:41 -0700)
committer	Brian Maly <brian.maly@oracle.com>
	Fri, 10 May 2019 19:13:50 +0000 (15:13 -0400)
commit	2c2dfcfa35d4a0b9455696e53067a7dae94ab769
tree	6d3e6b6b28539a2becf33811f87a800fdffcd1f5	tree
parent	968a818db99afe4f08694ac2045b4bfe0dae90ee	commit \| diff

binfmt_elf: switch to new creds when switching to new mm

We used to delay switching to the new credentials until after we had
mapped the executable (and possible elf interpreter). That was kind of
odd to begin with, since the new executable will actually then _run_
with the new creds, but whatever.

The bigger problem was that we also want to make sure that we turn off
prof events and tracing before we start mapping the new executable
state. So while this is a cleanup, it's also a fix for a possible
information leak.

Reported-by: Robert Święcki <robert@swiecki.net>
Tested-by: Peter Zijlstra <peterz@infradead.org>
Acked-by: David Howells <dhowells@redhat.com>
Acked-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Andy Lutomirski <luto@amacapital.net>
Acked-by: Eric W. Biederman <ebiederm@xmission.com>
Cc: Willy Tarreau <w@1wt.eu>
Cc: Kees Cook <keescook@chromium.org>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit 9f834ec18defc369d73ccf9e87a2790bfa05bf46)

Orabug: 29677233
CVE: CVE-2019-11190

Signed-off-by: John Donnelly <John.P.Donnelly@oracle.com>
Reviewed-by: Jack Vogel <jack.vogel@oracle.com>
Signed-off-by: Brian Maly <brian.maly@oracle.com>