lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <473B0317.6010603@linux.vnet.ibm.com>
Date:	Wed, 14 Nov 2007 19:45:51 +0530
From:	Ciju Rajan K <ciju@...ux.vnet.ibm.com>
To:	linux-kernel@...r.kernel.org
CC:	wli@...omorphy.com, agl@...ibm.com
Subject: [RFC] [PATCH] hugetlbfs :shmget with SHM_HUGETLB only works as root

When a normal user is trying to allocate huge pages using shmget(), the 
user is not able to get the memory even if the gid is present in 
/proc/sys/vm/hugetlb_shm_group. The function user_shm_lock() is not 
successful. The user does not have the capability to perform a 
CAP_IPC_LOCK. A check is added here to see whether the gid is present in 
hugetlb_shm_group. Please review the patch.

Signed-off-by: Ciju Rajan (ciju@...ux.vnet.ibm.com)
---
--- linux-2.6.23/mm/mlock.c.orig    2007-11-14 17:35:02.000000000 +0530
+++ linux-2.6.23/mm/mlock.c    2007-11-14 17:50:31.000000000 +0530
@@ -8,6 +8,7 @@
 #include <linux/capability.h>
 #include <linux/mman.h>
 #include <linux/mm.h>
+#include <linux/hugetlb.h>
 #include <linux/mempolicy.h>
 #include <linux/syscalls.h>
 #include <linux/sched.h>
@@ -248,8 +249,14 @@ int user_shm_lock(size_t size, struct us
         allowed = 1;
     lock_limit >>= PAGE_SHIFT;
     spin_lock(&shmlock_user_lock);
+#ifdef CONFIG_HUGETLB_PAGE
+    if (!allowed &&
+        locked + user->locked_shm > lock_limit &&
+        (!(capable(CAP_IPC_LOCK) || in_group_p(sysctl_hugetlb_shm_group))))
+#else
     if (!allowed &&
         locked + user->locked_shm > lock_limit && !capable(CAP_IPC_LOCK))
+#endif
         goto out;
     get_uid(user);
     user->locked_shm += locked;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ