Re: [PATCH 2.6.13-rc6 1/2] New Syscall: get rlimits of any process (update)

From: Chris Wright
Date: Wed Aug 17 2005 - 20:18:24 EST

Next message: Coywolf Qi Hunt: "Re: [PATCH] struct file cleanup : the very large file_ra_state is now allocated only on demand."
Previous message: Joseph Fannin: "Re: sched_yield() makes OpenLDAP slow"
In reply to: Stephen Smalley: "Re: [PATCH 2.6.13-rc6 2/2] New Syscall: set rlimits of any process(update)"
Next in thread: Andi Kleen: "Re: [PATCH 2.6.13-rc6 1/2] New Syscall: get rlimits of any process (update)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Wieland Gmeiner (e8607062@xxxxxxxxxxxxxxxxxxxx) wrote:
> diff -uprN -X linux-2.6.13-rc6-vanilla/Documentation/dontdiff linux-2.6.13-rc6-vanilla/kernel/sys.c linux-2.6.13-rc6-getprlimit/kernel/sys.c
> --- linux-2.6.13-rc6-vanilla/kernel/sys.c 2005-08-09 16:03:21.000000000 +0200
> +++ linux-2.6.13-rc6-getprlimit/kernel/sys.c 2005-08-17 23:56:40.000000000 +0200
> @@ -1604,6 +1604,63 @@ asmlinkage long sys_setrlimit(unsigned i
> }
>
> /*
> + * As ptrace implies the ability to execute arbitrary code in the given
> + * process, which means that the calling process could obtain and set
> + * rlimits for that process without getprlimit/setprlimit anyways,
> + * we use the same permission checks as ptrace.
> + */
> +
> +static inline int prlim_check_perm(task_t *task)
> +{
> + return ((current->uid == task->euid) &&
> + (current->uid == task->suid) &&
> + (current->uid == task->uid) &&
> + (current->gid == task->egid) &&
> + (current->gid == task->sgid) &&
> + (current->gid == task->gid)) || capable(CAP_SYS_RESOURCE);
> +}

This comment and the code aren't matching. CAP_SYS_RESOUCE now means
effective on any other process, which it never did before. That should
be given careful thought. CAP_SYS_PTRACE indeed would let you call
get/setrlimit in traced task, perhaps that what you meant?

> +
> +asmlinkage long sys_getprlimit(pid_t pid, unsigned int resource,
> + struct rlimit __user *rlim)
> +{
> + struct rlimit value;
> + task_t *p;
> + int retval = -EINVAL;
> +
> + if (resource >= RLIM_NLIMITS)
> + goto out_nounlock;
> +
> + if (pid < 0)
> + goto out_nounlock;
> +
> + retval = -ESRCH;
> + if (pid == 0) {
> + p = current;
> + } else {
> + read_lock(&tasklist_lock);
> + p = find_task_by_pid(pid);
> + }
> + if (p) {
> + retval = -EPERM;
> + if (!prlim_check_perm(p))
> + goto out_unlock;
> +
> + task_lock(p->group_leader);
> + value = p->signal->rlim[resource];
> + task_unlock(p->group_leader);
> + retval = copy_to_user(rlim, &value, sizeof(*rlim)) ? -EFAULT : 0;

Do not call copy_to_user() with tasklist_lock held. Also, this is the
same basic code as sys_getrlimit(). So they should share code. (IOW,
sys_getrlimit() is now really sys_getprlimit(0,...))

thanks,
-chris
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Coywolf Qi Hunt: "Re: [PATCH] struct file cleanup : the very large file_ra_state is now allocated only on demand."
Previous message: Joseph Fannin: "Re: sched_yield() makes OpenLDAP slow"
In reply to: Stephen Smalley: "Re: [PATCH 2.6.13-rc6 2/2] New Syscall: set rlimits of any process(update)"
Next in thread: Andi Kleen: "Re: [PATCH 2.6.13-rc6 1/2] New Syscall: get rlimits of any process (update)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]