| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 7 Dec 2015 13:30:53 -0800
From: Kees Cook <keescook@...gle.com>
To: Jann Horn <jann@...jh.net>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
Casey Schaufler <casey@...aufler-ca.com>,
Oleg Nesterov <oleg@...hat.com>,
Ingo Molnar <mingo@...hat.com>,
James Morris <james.l.morris@...cle.com>,
"Serge E. Hallyn" <serge.hallyn@...ntu.com>,
Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
Andy Lutomirski <luto@...nel.org>,
Al Viro <viro@...iv.linux.org.uk>,
"Eric W. Biederman" <ebiederm@...ssion.com>,
Joe Perches <joe@...ches.com>,
Thomas Gleixner <tglx@...utronix.de>,
Michael Kerrisk <mtk.manpages@...il.com>,
LKML <linux-kernel@...r.kernel.org>,
Linux-MM <linux-mm@...ck.org>,
linux-security-module <linux-security-module@...r.kernel.org>,
Linux API <linux-api@...r.kernel.org>,
"security@...nel.org" <security@...nel.org>,
Willy Tarreau <w@....eu>
Subject: Re: [PATCH 1/2] security: let security modules use PTRACE_MODE_* with bitmasks
On Mon, Dec 7, 2015 at 1:25 PM, Jann Horn <jann@...jh.net> wrote:
> It looks like smack and yama weren't aware that the ptrace mode
> can have flags ORed into it - PTRACE_MODE_NOAUDIT until now, but
> only for /proc/$pid/stat, and with the PTRACE_MODE_*CREDS patch,
> all modes have flags ORed into them.
>
> Signed-off-by: Jann Horn <jann@...jh.net>
Acked-by: Kees Cook <keescook@...omium.org>
-Kees
> ---
> security/smack/smack_lsm.c | 8 +++-----
> security/yama/yama_lsm.c | 4 ++--
> 2 files changed, 5 insertions(+), 7 deletions(-)
>
> diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
> index ff81026..7c57c7f 100644
> --- a/security/smack/smack_lsm.c
> +++ b/security/smack/smack_lsm.c
> @@ -398,12 +398,10 @@ static int smk_copy_relabel(struct list_head *nhead, struct list_head *ohead,
> */
> static inline unsigned int smk_ptrace_mode(unsigned int mode)
> {
> - switch (mode) {
> - case PTRACE_MODE_READ:
> - return MAY_READ;
> - case PTRACE_MODE_ATTACH:
> + if (mode & PTRACE_MODE_ATTACH)
> return MAY_READWRITE;
> - }
> + if (mode & PTRACE_MODE_READ)
> + return MAY_READ;
>
> return 0;
> }
> diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c
> index d3c19c9..cb6ed10 100644
> --- a/security/yama/yama_lsm.c
> +++ b/security/yama/yama_lsm.c
> @@ -281,7 +281,7 @@ static int yama_ptrace_access_check(struct task_struct *child,
> int rc = 0;
>
> /* require ptrace target be a child of ptracer on attach */
> - if (mode == PTRACE_MODE_ATTACH) {
> + if (mode & PTRACE_MODE_ATTACH) {
> switch (ptrace_scope) {
> case YAMA_SCOPE_DISABLED:
> /* No additional restrictions. */
> @@ -307,7 +307,7 @@ static int yama_ptrace_access_check(struct task_struct *child,
> }
> }
>
> - if (rc) {
> + if (rc && (mode & PTRACE_MODE_NOAUDIT) == 0) {
> printk_ratelimited(KERN_NOTICE
> "ptrace of pid %d was attempted by: %s (pid %d)\n",
> child->pid, current->comm, current->pid);
> --
> 2.1.4
>
--
Kees Cook
Chrome OS & Brillo Security
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists