| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200327195643.GA9366@redhat.com>
Date: Fri, 27 Mar 2020 20:56:43 +0100
From: Oleg Nesterov <oleg@...hat.com>
To: "Eric W. Biederman" <ebiederm@...ssion.com>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
Davidlohr Bueso <dave@...olabs.net>,
Manfred Spraul <manfred@...orfullife.com>,
Markus Elfring <elfring@...rs.sourceforge.net>,
Yoji <yoji.fujihar.min@...il.com>, linux-kernel@...r.kernel.org
Subject: [PATCH -mm]
ipc-mqueuec-change-__do_notify-to-bypass-check_kill_permission-fix
On 03/26, Eric W. Biederman wrote:
>
> > + task = pid_task(info->notify_owner, PIDTYPE_PID);
> ^^^^^^^^^^^^
> Minor nit: If we are doing the task lookup ourselves that can and
> should be PIDTYPE_TGID.
I think this shouldn't make any difference, in particular because
do_mq_notify() does "notify_owner = task_tgid()" and we do not care
about exec.
But I agree, pid_task(PIDTYPE_TGID) looks better, thanks.
diff --git a/ipc/mqueue.c b/ipc/mqueue.c
index 63b164932ffd..9a44dcb04e13 100644
--- a/ipc/mqueue.c
+++ b/ipc/mqueue.c
@@ -801,7 +801,7 @@ static void __do_notify(struct mqueue_inode_info *info)
* bypass check_kill_permission(). It is from kernel
* but si_fromuser() can't know this.
*/
- task = pid_task(info->notify_owner, PIDTYPE_PID);
+ task = pid_task(info->notify_owner, PIDTYPE_TGID);
if (task)
do_send_sig_info(info->notify.sigev_signo,
&sig_i, task, PIDTYPE_TGID);
Powered by blists - more mailing lists