All of lore.kernel.org
 help / color / mirror / Atom feed
* [patch 113/127] proc: fix timerslack_ns CAP_SYS_NICE check when adjusting self
@ 2016-10-08  0:02 akpm
  0 siblings, 0 replies; only message in thread
From: akpm @ 2016-10-08  0:02 UTC (permalink / raw)
  To: torvalds, mm-commits, akpm, john.stultz, arjan, ccross,
	dimitrysh, enh, kandoiruchi, keescook, kernel-team, nnk, orenl,
	romlem, serge, tglx, tkjos

From: John Stultz <john.stultz@linaro.org>
Subject: proc: fix timerslack_ns CAP_SYS_NICE check when adjusting self

In changing from checking ptrace_may_access(p, PTRACE_MODE_ATTACH_FSCREDS)
to capable(CAP_SYS_NICE), I missed that ptrace_my_access succeeds when p
== current, but the CAP_SYS_NICE doesn't.

Thus while the previous commit was intended to loosen the needed
privileges to modify a processes timerslack, it needlessly restricted a
task modifying its own timerslack via the proc/<tid>/timerslack_ns (which
is permitted also via the PR_SET_TIMERSLACK method).

This patch corrects this by checking if p == current before checking
the CAP_SYS_NICE value.

This patch applies on top of my two previous patches currently in -mm

Link: http://lkml.kernel.org/r/1471906870-28624-1-git-send-email-john.stultz@linaro.org
Signed-off-by: John Stultz <john.stultz@linaro.org>
Acked-by: Kees Cook <keescook@chromium.org>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Arjan van de Ven <arjan@linux.intel.com>
Cc: Oren Laadan <orenl@cellrox.com>
Cc: Ruchi Kandoi <kandoiruchi@google.com>
Cc: Rom Lemarchand <romlem@android.com>
Cc: Todd Kjos <tkjos@google.com>
Cc: Colin Cross <ccross@android.com>
Cc: Nick Kralevich <nnk@google.com>
Cc: Dmitry Shmidt <dimitrysh@google.com>
Cc: Elliott Hughes <enh@google.com>
Cc: Android Kernel Team <kernel-team@android.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---

 fs/proc/base.c |   36 ++++++++++++++++++++----------------
 1 file changed, 20 insertions(+), 16 deletions(-)

diff -puN fs/proc/base.c~proc-fix-timerslack_ns-cap_sys_nice-check-when-adjusting-self fs/proc/base.c
--- a/fs/proc/base.c~proc-fix-timerslack_ns-cap_sys_nice-check-when-adjusting-self
+++ a/fs/proc/base.c
@@ -2280,15 +2280,17 @@ static ssize_t timerslack_ns_write(struc
 	if (!p)
 		return -ESRCH;
 
-	if (!capable(CAP_SYS_NICE)) {
-		count = -EPERM;
-		goto out;
-	}
-
-	err = security_task_setscheduler(p);
-	if (err) {
-		count = err;
-		goto out;
+	if (p != current) {
+		if (!capable(CAP_SYS_NICE)) {
+			count = -EPERM;
+			goto out;
+		}
+
+		err = security_task_setscheduler(p);
+		if (err) {
+			count = err;
+			goto out;
+		}
 	}
 
 	task_lock(p);
@@ -2314,14 +2316,16 @@ static int timerslack_ns_show(struct seq
 	if (!p)
 		return -ESRCH;
 
-	if (!capable(CAP_SYS_NICE)) {
-		err = -EPERM;
-		goto out;
-	}
+	if (p != current) {
 
-	err = security_task_getscheduler(p);
-	if (err)
-		goto out;
+		if (!capable(CAP_SYS_NICE)) {
+			err = -EPERM;
+			goto out;
+		}
+		err = security_task_getscheduler(p);
+		if (err)
+			goto out;
+	}
 
 	task_lock(p);
 	seq_printf(m, "%llu\n", p->timer_slack_ns);
_

^ permalink raw reply	[flat|nested] only message in thread
only message in thread, other threads:[~2016-10-08  0:02 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-10-08  0:02 [patch 113/127] proc: fix timerslack_ns CAP_SYS_NICE check when adjusting self akpm

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.