| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20190923145435.507024424@linutronix.de>
Date: Mon, 23 Sep 2019 16:54:35 +0200
From: Thomas Gleixner <tglx@...utronix.de>
To: LKML <linux-kernel@...r.kernel.org>
Cc: Frederic Weisbecker <fweisbec@...il.com>,
Peter Zijlstra <peterz@...radead.org>,
Ingo Molnar <mingo@...nel.org>,
Oleg Nesterov <oleg@...hat.com>,
Michael Kerrisk <mtk.manpages@...glemail.com>,
Kees Cook <keescook@...omium.org>
Subject: [patch V2 0/6] posix-cpu-timers: Fix bogus permission checks
When cleaning up posix-cpu-timers I discovered that the permission checks
for process clocks and process timers are completely bonkers. The only
requirement is that the target PID is a group leader. Which means that any
process can read the clocks and attach timers to any other process without
priviledge restrictions.
That's just wrong because the clocks and timers can be used to observe
behaviour and both reading the clocks and arming timers adds overhead and
influences runtime performance of the target process.
Changes vs. V1:
- Address the review comments from Frederic
- Actually return -EPERM when the permission check fails.
See patch 6/6 for rationale
V1 can be found here:
https://lore.kernel.org/r/20190905120339.561100423@linutronix.de
I still did not come around to write self tests and won't do so in the next
weeks as I'm traveling as of tomorrow and then going on vacation (finally) :)
Thanks,
tglx
---
posix-cpu-timers.c | 71 ++++++++++++++++++++++++++++++++++++-----------------
1 file changed, 49 insertions(+), 22 deletions(-)
Powered by blists - more mailing lists