From 901e02c2ecfd5cd2ba6385bdcac89ba9cfeb26da Mon Sep 17 00:00:00 2001
From: Kees Cook <keescook@chromium.org>
Date: Thu, 13 Aug 2020 16:17:22 -0700
Subject: [PATCH] FROMLIST: exec: Restore EACCES of S_ISDIR execve()

The return code for attempting to execute a directory has always been
EACCES. Adjust the S_ISDIR exec test to reflect the old errno instead
of the general EISDIR for other kinds of "open" attempts on directories.

Link: https://lore.kernel.org/lkml/20200813151305.6191993b@why
Link: https://lore.kernel.org/r/20200813231723.2725102-2-keescook@chromium.org
Fixes: 633fb6ac3980 ("exec: move S_ISREG() check earlier")
Reported-by: Marc Zyngier <maz@kernel.org>
Reviewed-by: Greg Kroah-Hartman <gregkh@google.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Idb68cdfc90be5928691ac68dda8c98726af20c9e
---
 fs/namei.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/fs/namei.c b/fs/namei.c
index 3afc833f0104..b9275cb8b502 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -2933,8 +2933,10 @@ static int may_open(const struct path *path, int acc_mode, int flag)
 	case S_IFLNK:
 		return -ELOOP;
 	case S_IFDIR:
-		if (acc_mode & (MAY_WRITE | MAY_EXEC))
+		if (acc_mode & MAY_WRITE)
 			return -EISDIR;
+		if (acc_mode & MAY_EXEC)
+			return -EACCES;
 		break;
 	case S_IFBLK:
 	case S_IFCHR: