From: Kees Cook <keescook@chromium.org>
Date: Sat, 15 Aug 2020 00:30:14 +0000 (-0700)
Subject: exec: restore EACCES of S_ISDIR execve()
X-Git-Tag: baikal/mips/sdk5.9~12890^2~31
X-Git-Url: https://git.baikalelectronics.ru/sdk/?a=commitdiff_plain;h=25415d91adf6d10263c5ae9cf423db43bd09e212;p=kernel.git

exec: restore EACCES of S_ISDIR execve()

Patch series "Fix S_ISDIR execve() errno".

Fix an errno change for execve() of directories, noticed by Marc Zyngier.
Along with the fix, include a regression test to avoid seeing this return
in the future.

This patch (of 2):

The return code for attempting to execute a directory has always been
EACCES.  Adjust the S_ISDIR exec test to reflect the old errno instead of
the general EISDIR for other kinds of "open" attempts on directories.

Fixes: 9bfe3b5bbe39 ("exec: move S_ISREG() check earlier")
Reported-by: Marc Zyngier <maz@kernel.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Tested-by: Greg Kroah-Hartman <gregkh@android.com>
Reviewed-by: Greg Kroah-Hartman <gregkh@google.com>
Link: http://lkml.kernel.org/r/20200813231723.2725102-2-keescook@chromium.org
Link: https://lore.kernel.org/lkml/20200813151305.6191993b@why
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
---

diff --git a/fs/namei.c b/fs/namei.c
index 2112e578dccc7..e99e2a9da0f7d 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -2849,8 +2849,10 @@ static int may_open(const struct path *path, int acc_mode, int flag)
 	case S_IFLNK:
 		return -ELOOP;
 	case S_IFDIR:
-		if (acc_mode & (MAY_WRITE | MAY_EXEC))
+		if (acc_mode & MAY_WRITE)
 			return -EISDIR;
+		if (acc_mode & MAY_EXEC)
+			return -EACCES;
 		break;
 	case S_IFBLK:
 	case S_IFCHR: