Merge 6.11-rc4 into tty-next

We need the tty/serial fixes in here as well. Signed-off-by: Greg Kroah-Hartman <[email protected]>
author: Greg Kroah-Hartman <[email protected]> 2024-08-19 06:24:50 +0200
committer: Greg Kroah-Hartman <[email protected]> 2024-08-19 06:24:50 +0200
commit: ebbe30f4bba127505c5664dd67f519e5e06d16be (patch)
tree: 7285f44ba6e74a25876982cb50f9a430169cc42e /fs/exec.c
parent: 1241b384efa53f4b7a95fe2b34d69359bb3ae1b5 (diff)
parent: 47ac09b91befbb6a235ab620c32af719f8208399 (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/fs/exec.c b/fs/exec.c
index a126e3d1cacb..50e76cc633c4 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1692,6 +1692,7 @@ static void bprm_fill_uid(struct linux_binprm *bprm, struct file *file)
 	unsigned int mode;
 	vfsuid_t vfsuid;
 	vfsgid_t vfsgid;
+	int err;
 
 	if (!mnt_may_suid(file->f_path.mnt))
 		return;
@@ -1708,12 +1709,17 @@ static void bprm_fill_uid(struct linux_binprm *bprm, struct file *file)
 	/* Be careful if suid/sgid is set */
 	inode_lock(inode);
 
-	/* reload atomically mode/uid/gid now that lock held */
+	/* Atomically reload and check mode/uid/gid now that lock held. */
 	mode = inode->i_mode;
 	vfsuid = i_uid_into_vfsuid(idmap, inode);
 	vfsgid = i_gid_into_vfsgid(idmap, inode);
+	err = inode_permission(idmap, inode, MAY_EXEC);
 	inode_unlock(inode);
 
+	/* Did the exec bit vanish out from under us? Give up. */
+	if (err)
+		return;
+
 	/* We ignore suid/sgid if there are no mappings for them in the ns */
 	if (!vfsuid_has_mapping(bprm->cred->user_ns, vfsuid) ||
 	    !vfsgid_has_mapping(bprm->cred->user_ns, vfsgid))
author	Greg Kroah-Hartman <[email protected]>	2024-08-19 06:24:50 +0200
committer	Greg Kroah-Hartman <[email protected]>	2024-08-19 06:24:50 +0200
commit	ebbe30f4bba127505c5664dd67f519e5e06d16be (patch)
tree	7285f44ba6e74a25876982cb50f9a430169cc42e /fs/exec.c
parent	1241b384efa53f4b7a95fe2b34d69359bb3ae1b5 (diff)
parent	47ac09b91befbb6a235ab620c32af719f8208399 (diff)