lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <3e5c5a67-b138-77b9-be2f-2467ff4a0828@verizon.com>
Date:	Fri, 12 Aug 2016 13:27:57 -0400
From:	"Levin, Alexander" <alexander.levin@...izon.com>
To:	Kenny Keslar <kenny.keslar@...cle.com>,
	Oleg Nesterov <oleg@...hat.com>,
	Roland McGrath <roland@...k.frob.com>
CC:	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"stable@...r.kernel.org" <stable@...r.kernel.org>
Subject: Re: [PATCH] fs/proc/task_mmu.c: fix mm_access() mode parameter in
 pagemap_read()

On 08/12/2016 11:01 AM, Kenny Keslar wrote:
> Backport of caaee6234d05a58c5b4d05e7bf766131b810a657 ("ptrace: use fsuid,
> fsgid, effective creds for fs access checks") to v4.1 failed to update the
> mode parameter in the mm_access() call in pagemap_read() to have one of the
> new PTRACE_MODE_*CREDS flags.
> 
> Attempting to read any other process' pagemap results in a WARN()
> 
> WARNING: CPU: 0 PID: 883 at kernel/ptrace.c:229 __ptrace_may_access+0x14a/0x160()
> denying ptrace access check without PTRACE_MODE_*CREDS
> Modules linked in: loop sg e1000 i2c_piix4 ppdev virtio_balloon virtio_pci parport_pc i2c_core virtio_ring ata_generic serio_raw pata_acpi virtio parport pcspkr floppy acpi_cpufreq ip_tables ext3 mbcache jbd sd_mod ata_piix crc32c_intel libata
> CPU: 0 PID: 883 Comm: cat Tainted: G        W       4.1.12-51.el7uek.x86_64 #2
> Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
>   0000000000000286 00000000619f225a ffff88003b6fbc18 ffffffff81717021
>   ffff88003b6fbc70 ffffffff819be870 ffff88003b6fbc58 ffffffff8108477a
>   000000003b6fbc58 0000000000000001 ffff88003d287000 0000000000000001
> Call Trace:
>   [<ffffffff81717021>] dump_stack+0x63/0x81
>   [<ffffffff8108477a>] warn_slowpath_common+0x8a/0xc0
>   [<ffffffff81084805>] warn_slowpath_fmt+0x55/0x70
>   [<ffffffff8108e57a>] __ptrace_may_access+0x14a/0x160
>   [<ffffffff8108f372>] ptrace_may_access+0x32/0x50
>   [<ffffffff81081bad>] mm_access+0x6d/0xb0
>   [<ffffffff81278c81>] pagemap_read+0xe1/0x360
>   [<ffffffff811a046b>] ? lru_cache_add_active_or_unevictable+0x2b/0xa0
>   [<ffffffff8120d2e7>] __vfs_read+0x37/0x100
>   [<ffffffff812b9ab4>] ? security_file_permission+0x84/0xa0
>   [<ffffffff8120d8b6>] ? rw_verify_area+0x56/0xe0
>   [<ffffffff8120d9c6>] vfs_read+0x86/0x140
>   [<ffffffff8120e945>] SyS_read+0x55/0xd0
>   [<ffffffff8171eb6e>] system_call_fastpath+0x12/0x71
> 
> Fixes: ab88ce5feca4 (ptrace: use fsuid, fsgid, effective creds for fs access checks)
> Signed-off-by: Kenny Keslar <kenny.keslar@...cle.com>
> Cc: Roland McGrath <roland@...k.frob.com>
> Cc: Oleg Nesterov <oleg@...hat.com>
> Cc: stable@...r.kernel.org

Added. Thanks Kenny!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ