On Thu, Aug 13, 2020 at 04:17:22PM -0700, Kees Cook wrote:
The return code for attempting to execute a directory has always been EACCES. Adjust the S_ISDIR exec test to reflect the old errno instead of the general EISDIR for other kinds of "open" attempts on directories.
Reported-by: Marc Zyngier maz@kernel.org Link: https://lore.kernel.org/lkml/20200813151305.6191993b@why Fixes: 633fb6ac3980 ("exec: move S_ISREG() check earlier") Signed-off-by: Kees Cook keescook@chromium.org
fs/namei.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/fs/namei.c b/fs/namei.c index 2112e578dccc..e99e2a9da0f7 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -2849,8 +2849,10 @@ static int may_open(const struct path *path, int acc_mode, int flag) case S_IFLNK: return -ELOOP; case S_IFDIR:
if (acc_mode & (MAY_WRITE | MAY_EXEC))
if (acc_mode & MAY_WRITE) return -EISDIR;if (acc_mode & MAY_EXEC)return -EACCES;
Reviewed-by: Greg Kroah-Hartman gregkh@google.com