Re: [PATCH stable<3.18 1/1] proc: Fix ptrace-based permission checks for accessing task maps

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

CCing ptrace guys.

I would appreciate if somebody could ACK this.

On 02/28/2016, 09:42 AM, Corey Wright wrote:
> Modify mm_access() calls in fs/proc/task_mmu.c and fs/proc/task_nommu.c to
> have the mode include PTRACE_MODE_FSCREDS so accessing /proc/pid/maps and
> /proc/pid/pagemap is not denied to all users.
> 
> In backporting upstream commit caaee623 to pre-3.18 kernel versions it was
> overlooked that mm_access() is used in fs/proc/task_*mmu.c as those calls
> were removed in 3.18 (by upstream commit 29a40ace) and did not exist at the
> time of the original commit.
> 
> Signed-off-by: Corey Wright <undefined@xxxxxxxxx>
> Cc: Jann Horn <jann@xxxxxxxxx>
> ---
>  fs/proc/task_mmu.c   |    4 ++--
>  fs/proc/task_nommu.c |    2 +-
>  2 files changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c
> index 9f285fb..b86db12 100644
> --- a/fs/proc/task_mmu.c
> +++ b/fs/proc/task_mmu.c
> @@ -170,7 +170,7 @@ static void *m_start(struct seq_file *m, loff_t *pos)
>  	if (!priv->task)
>  		return ERR_PTR(-ESRCH);
>  
> -	mm = mm_access(priv->task, PTRACE_MODE_READ);
> +	mm = mm_access(priv->task, PTRACE_MODE_READ_FSCREDS);
>  	if (!mm || IS_ERR(mm))
>  		return mm;
>  	down_read(&mm->mmap_sem);
> @@ -1044,7 +1044,7 @@ static ssize_t pagemap_read(struct file *file, char __user *buf,
>  	if (!pm.buffer)
>  		goto out_task;
>  
> -	mm = mm_access(task, PTRACE_MODE_READ);
> +	mm = mm_access(task, PTRACE_MODE_READ_FSCREDS);
>  	ret = PTR_ERR(mm);
>  	if (!mm || IS_ERR(mm))
>  		goto out_free;
> diff --git a/fs/proc/task_nommu.c b/fs/proc/task_nommu.c
> index 56123a6..123c198 100644
> --- a/fs/proc/task_nommu.c
> +++ b/fs/proc/task_nommu.c
> @@ -223,7 +223,7 @@ static void *m_start(struct seq_file *m, loff_t *pos)
>  	if (!priv->task)
>  		return ERR_PTR(-ESRCH);
>  
> -	mm = mm_access(priv->task, PTRACE_MODE_READ);
> +	mm = mm_access(priv->task, PTRACE_MODE_READ_FSCREDS);
>  	if (!mm || IS_ERR(mm)) {
>  		put_task_struct(priv->task);
>  		priv->task = NULL;
> 


-- 
js
suse labs
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]