lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YZ5ayhuOMZwkd9j6@kroah.com>
Date:   Wed, 24 Nov 2021 16:31:22 +0100
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     Jari Ruusu <jariruusu@...rs.sourceforge.net>
Cc:     linux-kernel@...r.kernel.org, stable@...r.kernel.org,
        Alistair Delva <adelva@...gle.com>,
        Khazhismel Kumykov <khazhy@...gle.com>,
        Bart Van Assche <bvanassche@....org>,
        Serge Hallyn <serge@...lyn.com>, Jens Axboe <axboe@...nel.dk>,
        Paul Moore <paul@...l-moore.com>, selinux@...r.kernel.org,
        linux-security-module@...r.kernel.org, kernel-team@...roid.com
Subject: Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for
 IOPRIO_CLASS_RT

On Wed, Nov 24, 2021 at 04:22:50PM +0200, Jari Ruusu wrote:
> Greg Kroah-Hartman wrote:
> > From: Alistair Delva <adelva@...gle.com>
> > 
> > commit 94c4b4fd25e6c3763941bdec3ad54f2204afa992 upstream.
>  [SNIP]
> > --- a/block/ioprio.c
> > +++ b/block/ioprio.c
> > @@ -69,7 +69,14 @@ int ioprio_check_cap(int ioprio)
> > 
> >         switch (class) {
> >                 case IOPRIO_CLASS_RT:
> > -                       if (!capable(CAP_SYS_NICE) && !capable(CAP_SYS_ADMIN))
> > +                       /*
> > +                        * Originally this only checked for CAP_SYS_ADMIN,
> > +                        * which was implicitly allowed for pid 0 by security
> > +                        * modules such as SELinux. Make sure we check
> > +                        * CAP_SYS_ADMIN first to avoid a denial/avc for
> > +                        * possibly missing CAP_SYS_NICE permission.
> > +                        */
> > +                       if (!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_NICE))
> >                                 return -EPERM;
> >                         fallthrough;
> >                         /* rt has prio field too */
> 
> What exactly is above patch trying to fix?
> It does not change control flow at all, and added comment is misleading.

See the thread on the mailing list for what it does and why it is
needed.

It does change the result when selinux is enabled.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ