Re: [PATCH] Call security hook from pid*_revalidate

From: Stephen Smalley
Date: Thu Aug 21 2003 - 16:53:38 EST

Next message: Yoav Weiss: "Bug in drivers/block/ll_rw_blk.c ?"
Previous message: Stephan von Krawczynski: "Re: Possible race condition in i386 global_irq_lock handling."
In reply to: Stephen Smalley: "Re: [PATCH] Call security hook from pid*_revalidate"
Next in thread: Stephen Smalley: "Re: [PATCH] Call security hook from pid*_revalidate"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

A slightly updated version of the same patch against 2.6.0-test3-mm3 is
below. Avoid clearing the i_uid and i_gid in revalidate unless those
are truly the right values, and don't bother testing for PROC_PID_INO in
pid_fd_revalidate. Of course, these changes only ensure proper updating
when revalidate is called, so already opened files can still be read
under the old attributes until the file is looked up again...

diff -X /home/sds/dontdiff -ru linux-2.6.0-test3-mm3/fs/proc/base.c linux-2.6.0-test3-mm3-sds/fs/proc/base.c
--- linux-2.6.0-test3-mm3/fs/proc/base.c 2003-08-21 16:24:17.000000000 -0400
+++ linux-2.6.0-test3-mm3-sds/fs/proc/base.c 2003-08-21 17:23:29.764522205 -0400
@@ -870,11 +870,18 @@
*/
static int pid_revalidate(struct dentry *dentry, struct nameidata *nd)
{
- if (pid_alive(proc_task(dentry->d_inode))) {
- struct task_struct *task = proc_task(dentry->d_inode);
-
- dentry->d_inode->i_uid = task->euid;
- dentry->d_inode->i_gid = task->egid;
+ struct inode *inode = dentry->d_inode;
+ struct task_struct *task = proc_task(inode);
+ if (pid_alive(task)) {
+ int ino = inode->i_ino & 0xffff;
+ if (ino == PROC_PID_INO || task_dumpable(task)) {
+ inode->i_uid = task->euid;
+ inode->i_gid = task->egid;
+ } else {
+ inode->i_uid = 0;
+ inode->i_gid = 0;
+ }
+ security_task_to_inode(task, inode);
return 1;
}
d_drop(dentry);
@@ -883,8 +890,9 @@

static int pid_fd_revalidate(struct dentry *dentry, struct nameidata *nd)
{
- struct task_struct *task = proc_task(dentry->d_inode);
- int fd = proc_type(dentry->d_inode) - PROC_PID_FD_DIR;
+ struct inode *inode = dentry->d_inode;
+ struct task_struct *task = proc_task(inode);
+ int fd = proc_type(inode) - PROC_PID_FD_DIR;
struct files_struct *files;

task_lock(task);
@@ -897,8 +905,14 @@
if (fcheck_files(files, fd)) {
spin_unlock(&files->file_lock);
put_files_struct(files);
- dentry->d_inode->i_uid = task->euid;
- dentry->d_inode->i_gid = task->egid;
+ if (task_dumpable(task)) {
+ inode->i_uid = task->euid;
+ inode->i_gid = task->egid;
+ } else {
+ inode->i_uid = 0;
+ inode->i_gid = 0;
+ }
+ security_task_to_inode(task, inode);
return 1;
}
spin_unlock(&files->file_lock);

--
Stephen Smalley <sds@xxxxxxxxxxxxxx>
National Security Agency

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Yoav Weiss: "Bug in drivers/block/ll_rw_blk.c ?"
Previous message: Stephan von Krawczynski: "Re: Possible race condition in i386 global_irq_lock handling."
In reply to: Stephen Smalley: "Re: [PATCH] Call security hook from pid*_revalidate"
Next in thread: Stephen Smalley: "Re: [PATCH] Call security hook from pid*_revalidate"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]