| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 21 Feb 2018 22:39:38 +0300
From: Alexey Dobriyan <adobriyan@...il.com>
To: Andy Shevchenko <andy.shevchenko@...il.com>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 1/5] proc: make /proc/*/cmdline go through LSM
On Wed, Feb 21, 2018 at 09:28:41PM +0200, Andy Shevchenko wrote:
> On Wed, Feb 21, 2018 at 9:23 PM, Alexey Dobriyan <adobriyan@...il.com> wrote:
> > /proc/*/cmdline is not different from /proc/*/environ as it accesses
> > target task's memory (and can access the very same region of memory)
> > but it doesn't go through ptrace_may_access() and thus doesn't go through LSM.
>
> > +static int __mem_open(struct inode *inode, struct file *file, unsigned int mode)
> > +{
> > + struct mm_struct *mm = proc_mem_open(inode, mode);
> > +
> > + if (IS_ERR(mm))
> > + return PTR_ERR(mm);
>
> So, is it possible to have it NULL?..
I haven't looked closely, but if kernel thread is accesses then yes.
Regardless, patch only moves function so that code compiles, untangling
this little mess is separate adventure.
> > +static int mem_release(struct inode *inode, struct file *file)
> > +{
> > + struct mm_struct *mm = file->private_data;
>
> > + if (mm)
>
> ...or I don't get this check.
>
> > + mmdrop(mm);
> > + return 0;
> > +}
It should trigger if kernel thread is accessed.
Powered by blists - more mailing lists