Re: [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper

From: Linus Torvalds
Date: Wed Jan 24 2024 - 11:55:35 EST

Next message: Théo Lebrun: "Re: [PATCH v3 10/17] pinctrl: eyeq5: add platform driver"
Previous message: Andrew Lunn: "Re: [PATCH net-next v5 07/13] net: ethtool: Introduce a command to list PHYs on an interface"
In reply to: Linus Torvalds: "Re: [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper"
Next in thread: Linus Torvalds: "Re: [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 24 Jan 2024 at 08:46, Linus Torvalds
<torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> If the code ends up deciding "is this an exec" based on some state
> flag that hasn't been set, that would explain it.
>
> Something like "current->in_execve", perhaps?

Yeah, that looks like exactly what some of the security layer is testing.

Hmm. That whole thing is disgusting. I think it should have checked
FMODE_EXEC, and I have no idea why it doesn't.

Linus

Next message: Théo Lebrun: "Re: [PATCH v3 10/17] pinctrl: eyeq5: add platform driver"
Previous message: Andrew Lunn: "Re: [PATCH net-next v5 07/13] net: ethtool: Introduce a command to list PHYs on an interface"
In reply to: Linus Torvalds: "Re: [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper"
Next in thread: Linus Torvalds: "Re: [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]