lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 17 Jul 2018 13:22:34 +0300
From:   Dan Carpenter <dan.carpenter@...cle.com>
To:     Todd Poynor <toddpoynor@...il.com>
Cc:     Rob Springer <rspringer@...gle.com>,
        John Joseph <jnjoseph@...gle.com>,
        Ben Chan <benchan@...omium.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        devel@...verdev.osuosl.org, Zhongze Hu <frankhu@...omium.org>,
        linux-kernel@...r.kernel.org, Simon Que <sque@...omium.org>,
        Guenter Roeck <groeck@...omium.org>,
        Todd Poynor <toddpoynor@...gle.com>,
        Dmitry Torokhov <dtor@...omium.org>
Subject: Re: [PATCH 16/32] staging: gasket: always allow root open for write

On Mon, Jul 16, 2018 at 07:09:10PM -0700, Todd Poynor wrote:
> --- a/drivers/staging/gasket/apex_driver.c
> +++ b/drivers/staging/gasket/apex_driver.c
> @@ -630,13 +630,10 @@ static bool is_gcb_in_reset(struct gasket_dev *gasket_dev)
>  static uint apex_ioctl_check_permissions(struct file *filp, uint cmd)

This function name is a bit of out of date.

>  {
>  	struct gasket_dev *gasket_dev = filp->private_data;
> -	int root = capable(CAP_SYS_ADMIN);
> -	int is_owner = gasket_dev->dev_info.ownership.is_owned &&
> -		       current->tgid == gasket_dev->dev_info.ownership.owner;
> +	fmode_t write;
>  
> -	if (root || is_owner)
> -		return 1;
> -	return 0;
> +	write = filp->f_mode & FMODE_WRITE;
> +	return write;

This doesn't match the comment because it returns 0x2 or zero.

	return !!(filp->f_mode & FMODE_WRITE);

>  }
>  
>  /*
> diff --git a/drivers/staging/gasket/gasket_core.c b/drivers/staging/gasket/gasket_core.c
> index ae20b7ff9569b..9d1bb3caf6de2 100644
> --- a/drivers/staging/gasket/gasket_core.c
> +++ b/drivers/staging/gasket/gasket_core.c
> @@ -1085,6 +1085,7 @@ static int gasket_open(struct inode *inode, struct file *filp)
>  	char task_name[TASK_COMM_LEN];
>  	struct gasket_cdev_info *dev_info =
>  	    container_of(inode->i_cdev, struct gasket_cdev_info, cdev);
> +	int is_root = capable(CAP_SYS_ADMIN);
>  
>  	gasket_dev = dev_info->gasket_dev_ptr;
>  	driver_desc = gasket_dev->internal_desc->driver_desc;
> @@ -1098,7 +1099,7 @@ static int gasket_open(struct inode *inode, struct file *filp)
>  		"Attempting to open with tgid %u (%s) (f_mode: 0%03o, "
>  		"fmode_write: %d is_root: %u)",
>  		current->tgid, task_name, filp->f_mode,
> -		(filp->f_mode & FMODE_WRITE), capable(CAP_SYS_ADMIN));
> +		(filp->f_mode & FMODE_WRITE), is_root);
>  
>  	/* Always allow non-writing accesses. */
>  	if (!(filp->f_mode & FMODE_WRITE)) {
> @@ -1112,8 +1113,9 @@ static int gasket_open(struct inode *inode, struct file *filp)
>  		gasket_dev, "Current owner open count (owning tgid %u): %d.",
>  		ownership->owner, ownership->write_open_count);
>  
> -	/* Opening a node owned by another TGID is an error (even root.) */
> -	if (ownership->is_owned && ownership->owner != current->tgid) {
> +	/* Opening a node owned by another TGID is an error (unless root) */
> +	if (ownership->is_owned && ownership->owner != current->tgid &&
> +	    !is_root) {
>  		gasket_log_error(
>  			gasket_dev,
>  			"Process %u is opening a node held by %u.",
> diff --git a/drivers/staging/gasket/gasket_ioctl.c b/drivers/staging/gasket/gasket_ioctl.c
> index 0c2f85cf54480..17431d14e6ef1 100644
> --- a/drivers/staging/gasket/gasket_ioctl.c
> +++ b/drivers/staging/gasket/gasket_ioctl.c
> @@ -171,7 +171,7 @@ long gasket_is_supported_ioctl(uint cmd)
>   */
>  static uint gasket_ioctl_check_permissions(struct file *filp, uint cmd)
>  {
> -	uint alive, root, device_owner;
> +	uint alive;
>  	fmode_t read, write;
>  	struct gasket_dev *gasket_dev = (struct gasket_dev *)filp->private_data;
>  
> @@ -183,33 +183,30 @@ static uint gasket_ioctl_check_permissions(struct file *filp, uint cmd)
>  			alive, gasket_dev->status);
>  	}
>  
> -	root = capable(CAP_SYS_ADMIN);
>  	read = filp->f_mode & FMODE_READ;
>  	write = filp->f_mode & FMODE_WRITE;

write = !!(filp->f_mode & FMODE_WRITE);

> -	device_owner = (gasket_dev->dev_info.ownership.is_owned &&
> -			current->tgid == gasket_dev->dev_info.ownership.owner);
>  
>  	switch (cmd) {
>  	case GASKET_IOCTL_RESET:
>  	case GASKET_IOCTL_CLEAR_INTERRUPT_COUNTS:
> -		return root || (write && device_owner);
> +		return write;

regards,
dan carpenter

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ