diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2021-06-15 09:26:19 -0700 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2021-06-16 12:01:47 +0200 |
commit | ef9a0d224bafc0f4f8f85d0eb69fc59a6fbd1318 (patch) | |
tree | a3f43c952a64194abb2679de332b195d7fd722f3 /fs | |
parent | 43c32c22254b9328d7abb1c2b0f689dc67838e60 (diff) | |
download | linux-stable-ef9a0d224bafc0f4f8f85d0eb69fc59a6fbd1318.tar.gz linux-stable-ef9a0d224bafc0f4f8f85d0eb69fc59a6fbd1318.tar.bz2 linux-stable-ef9a0d224bafc0f4f8f85d0eb69fc59a6fbd1318.zip |
proc: only require mm_struct for writing
commit 94f0b2d4a1d0c52035aef425da5e022bd2cb1c71 upstream.
Commit 591a22c14d3f ("proc: Track /proc/$pid/attr/ opener mm_struct") we
started using __mem_open() to track the mm_struct at open-time, so that
we could then check it for writes.
But that also ended up making the permission checks at open time much
stricter - and not just for writes, but for reads too. And that in turn
caused a regression for at least Fedora 29, where NIC interfaces fail to
start when using NetworkManager.
Since only the write side wanted the mm_struct test, ignore any failures
by __mem_open() at open time, leaving reads unaffected. The write()
time verification of the mm_struct pointer will then catch the failure
case because a NULL pointer will not match a valid 'current->mm'.
Link: https://lore.kernel.org/netdev/YMjTlp2FSJYvoyFa@unreal/
Fixes: 591a22c14d3f ("proc: Track /proc/$pid/attr/ opener mm_struct")
Reported-and-tested-by: Leon Romanovsky <leon@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: Christian Brauner <christian.brauner@ubuntu.com>
Cc: Andrea Righi <andrea.righi@canonical.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'fs')
-rw-r--r-- | fs/proc/base.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/fs/proc/base.c b/fs/proc/base.c index 511d98d09754..df9b17dd92cb 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -2677,7 +2677,9 @@ out: #ifdef CONFIG_SECURITY static int proc_pid_attr_open(struct inode *inode, struct file *file) { - return __mem_open(inode, file, PTRACE_MODE_READ_FSCREDS); + file->private_data = NULL; + __mem_open(inode, file, PTRACE_MODE_READ_FSCREDS); + return 0; } static ssize_t proc_pid_attr_read(struct file * file, char __user * buf, |