From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1758265AbcH3XGJ (ORCPT ); Tue, 30 Aug 2016 19:06:09 -0400 Received: from mail.linuxfoundation.org ([140.211.169.12]:46323 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1757976AbcH3XGI (ORCPT ); Tue, 30 Aug 2016 19:06:08 -0400 Date: Tue, 30 Aug 2016 16:06:06 -0700 From: Andrew Morton To: Kees Cook Cc: John Stultz , lkml , "Serge E. Hallyn" , Thomas Gleixner , Arjan van de Ven , Oren Laadan , Ruchi Kandoi , Rom Lemarchand , Todd Kjos , Colin Cross , Nick Kralevich , Dmitry Shmidt , Elliott Hughes , Android Kernel Team Subject: Re: [RESEND][PATCH] proc: Fix timerslack_ns CAP_SYS_NICE check when adjusting self Message-Id: <20160830160606.9088798dc1ec62105ae19b78@linux-foundation.org> In-Reply-To: References: <1471906870-28624-1-git-send-email-john.stultz@linaro.org> X-Mailer: Sylpheed 3.4.1 (GTK+ 2.24.23; x86_64-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 30 Aug 2016 18:46:23 -0400 Kees Cook wrote: > On Mon, Aug 22, 2016 at 7:01 PM, John Stultz wrote: > > In changing from checking ptrace_may_access(p, PTRACE_MODE_ATTACH_FSCREDS) > > to capable(CAP_SYS_NICE), I missed that ptrace_my_access succeeds > > when p == current, but the CAP_SYS_NICE doesn't. > > > > Thus while the previous commit was intended to loosen the needed > > privledges to modify a processes timerslack, it needlessly restricted > > a task modifying its own timerslack via the proc//timerslack_ns > > (which is permitted also via the PR_SET_TIMERSLACK method). > > > > This patch corrects this by checking if p == current before checking > > the CAP_SYS_NICE value. > > > > This patch applies on top of my two previous patches currently in -mm > > > > Cc: Kees Cook > > Cc: "Serge E. Hallyn" > > Cc: Andrew Morton > > Cc: Thomas Gleixner > > CC: Arjan van de Ven > > Cc: Oren Laadan > > Cc: Ruchi Kandoi > > Cc: Rom Lemarchand > > Cc: Todd Kjos > > Cc: Colin Cross > > Cc: Nick Kralevich > > Cc: Dmitry Shmidt > > Cc: Elliott Hughes > > Cc: Android Kernel Team > > Acked-by: Kees Cook > > Signed-off-by: John Stultz > > Andrew, can you take this for v4.8? Well, it fixes proc-relax-proc-tid-timerslack_ns-capability-requirements.patch, somewhat. And it textually depends on that. Do we want all of proc-relax-proc-tid-timerslack_ns-capability-requirements.patch proc-add-lsm-hook-checks-to-proc-tid-timerslack_ns.patch proc-fix-timerslack_ns-cap_sys_nice-check-when-adjusting-self.patch in 4.8? If so, why?