Re: [PATCH v6 6/7] prctl: exe link permission error changed from -EINVAL to -EPERM

From: Serge E. Hallyn
Date: Sun Jul 19 2020 - 13:05:57 EST


On Sun, Jul 19, 2020 at 12:04:16PM +0200, Adrian Reber wrote:
> From: Nicolas Viennot <Nicolas.Viennot@xxxxxxxxxxxx>
>
> This brings consistency with the rest of the prctl() syscall where
> -EPERM is returned when failing a capability check.
>
> Signed-off-by: Nicolas Viennot <Nicolas.Viennot@xxxxxxxxxxxx>
> Signed-off-by: Adrian Reber <areber@xxxxxxxxxx>

Ok, i see how EINVAL snuck its way in there through validate_prctl_map()s
evolution :)

Reviewed-by: Serge Hallyn <serge@xxxxxxxxxx>

> ---
> kernel/sys.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/kernel/sys.c b/kernel/sys.c
> index a3f4ef0bbda3..ca11af9d815d 100644
> --- a/kernel/sys.c
> +++ b/kernel/sys.c
> @@ -2015,7 +2015,7 @@ static int prctl_set_mm_map(int opt, const void __user *addr, unsigned long data
> * This may have implications in the tomoyo subsystem.
> */
> if (!checkpoint_restore_ns_capable(current_user_ns()))
> - return -EINVAL;
> + return -EPERM;
>
> error = prctl_set_mm_exe_file(mm, prctl_map.exe_fd);
> if (error)
> --
> 2.26.2