| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202008191103.D88345E410@keescook>
Date: Wed, 19 Aug 2020 11:04:24 -0700
From: Kees Cook <keescook@...omium.org>
To: Miaohe Lin <linmiaohe@...wei.com>
Cc: akpm@...ux-foundation.org, linux-mm@...ck.org,
linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org
Subject: Re: [PATCH] mm/migrate: Avoid possible unnecessary
ptrace_may_access() call in kernel_move_pages()
On Mon, Aug 17, 2020 at 07:59:33AM -0400, Miaohe Lin wrote:
> There is no need to check if this process has the right to modify the
> specified process when they are same.
>
> Signed-off-by: Hongxiang Lou <louhongxiang@...wei.com>
> Signed-off-by: Miaohe Lin <linmiaohe@...wei.com>
> ---
> mm/migrate.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/mm/migrate.c b/mm/migrate.c
> index 34a842a8eb6a..342c1ce0b433 100644
> --- a/mm/migrate.c
> +++ b/mm/migrate.c
> @@ -1903,7 +1903,7 @@ static int kernel_move_pages(pid_t pid, unsigned long nr_pages,
> * Check if this process has the right to modify the specified
> * process. Use the regular "ptrace_may_access()" checks.
> */
> - if (!ptrace_may_access(task, PTRACE_MODE_READ_REALCREDS)) {
> + if (pid && !ptrace_may_access(task, PTRACE_MODE_READ_REALCREDS)) {
> rcu_read_unlock();
> err = -EPERM;
> goto out;
NAK, please don't do this -- the ptrace and security hooks already do
these kinds of self-introspection checks, and I'd like to keep a central
place to perform these kinds of checks.
Is there a specific problem you've encountered that this fixes?
--
Kees Cook
Powered by blists - more mailing lists