Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp5931727imm;
        Wed, 12 Sep 2018 13:25:53 -0700 (PDT)
X-Google-Smtp-Source: ANB0VdYwTilBY2vp7xUJq+anFtPS4kvknptT6qxDMQb789PjWTTzmvLM3BCkOP43CxBJwPznN3KS
X-Received: by 2002:a62:2459:: with SMTP id r86-v6mr4179929pfj.31.1536783953285;
        Wed, 12 Sep 2018 13:25:53 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1536783953; cv=none;
        d=google.com; s=arc-20160816;
        b=anl72eQC9Z5KGG2HjmsnpWzfExEelrknVJAS2kdZqNRehUOF3hcwnhvId+HXs2ibRZ
         qClNjlLh88M0piEaiuBGuB1dAXlfPZpN9+RzyJGNhSjZ6p9FOLMwslyNbtadWLiNefA5
         k7lxYJ4OztsD8geEe0s6zczXX4NnEHtMhMOhxn/WafsYFM5dwdp9TKX431FoFH+CeaNJ
         ku3jLiRgwsWBaZUaltd87+T9+5wnikQ+UZkRoJOfFt5XZmT9a3k1G2qIw7Haz4dSKo57
         EzqBnuqvzuEP0OZ8SKQoS6FimyHCjOJOAUxtR+mKsQNKoBD2t2y/GHyrkgil7chICUv9
         OGYQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:references:in-reply-to:message-id:date
         :subject:cc:to:from:dkim-signature;
        bh=Y0l/v4ChhDfpmg8ZWlOjGIPE6pA9rPqMOnxUCcNtxuw=;
        b=FqZu4Nynv4uq61eYjZRsWzW07H41O0ik9eBpMQFWL5zri4W3kgDpGX/a3473uYlbk7
         RG9UTNueJgdoXS+qz9wdyC+YmvP9P0Gw0MRFPcxW4yvXn0g5D/G+hGDSC+EF4HjePYVk
         qykdo/YMNzetDVOCyKQJlXoVVlBeRvkecR//2uqTIts7jBRTNJcbwLknoganub23URfT
         65ZXGLWTDeLz61zU2VW3YR0Na7P+flmxN/OkWB+VuVPqkhHf8Y4I5KxJbiyl0bbKo9Db
         jX+A+JUJXzHn6Z+/toihWZ5hGW5uH2ok26p14isOqts46O3OtLRlOkaZmbACphBEbo/L
         iZCQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=dxS0rfKs;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id f2-v6si1876699plo.206.2018.09.12.13.25.38;
        Wed, 12 Sep 2018 13:25:53 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=dxS0rfKs;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728410AbeIMBbe (ORCPT <rfc822;luizmacielfranco@gmail.com>
        + 99 others); Wed, 12 Sep 2018 21:31:34 -0400
Received: from aserp2120.oracle.com ([141.146.126.78]:49662 "EHLO
        aserp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1728299AbeIMBbV (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 12 Sep 2018 21:31:21 -0400
Received: from pps.filterd (aserp2120.oracle.com [127.0.0.1])
        by aserp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w8CKO66A084516;
        Wed, 12 Sep 2018 20:25:01 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc :
 subject : date : message-id : in-reply-to : references; s=corp-2018-07-02;
 bh=Y0l/v4ChhDfpmg8ZWlOjGIPE6pA9rPqMOnxUCcNtxuw=;
 b=dxS0rfKsKju22sqRkmq90rgMGeyxuu1cTGZIOpxJ2B3J6toBGsH8zY/kGZawq97J3b+G
 G486sbMzF0ut7DamaOi+wktauKqCHHCyZF854y/TTfJoGiGRdX6L8GylmJK3ib2ax5O1
 w8btCMGGGM7G28SPXmt0cAuWWrbSKQKX+tXv6WfFYg4tvaWUM6fTGsEVptsneAQVwr6g
 P4bSlsaVPjfVzM6Mo/FTliefXwMHioYEqEm0yRtoFcgx1mrzLKl+jKqyvOw64TDhS+Su
 SoSkoplefjux75VAUQxW+vawv4su/MwTGwc7H7sldR+p+viW375BmEFiJ/6cN40rCylk lA== 
Received: from userv0022.oracle.com (userv0022.oracle.com [156.151.31.74])
        by aserp2120.oracle.com with ESMTP id 2mc6cpvd7m-1
        (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Wed, 12 Sep 2018 20:25:01 +0000
Received: from userv0121.oracle.com (userv0121.oracle.com [156.151.31.72])
        by userv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w8CKP0W1010267
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Wed, 12 Sep 2018 20:25:01 GMT
Received: from abhmp0005.oracle.com (abhmp0005.oracle.com [141.146.116.11])
        by userv0121.oracle.com (8.14.4/8.13.8) with ESMTP id w8CKP08W024321;
        Wed, 12 Sep 2018 20:25:00 GMT
Received: from pp-ThinkCentre-M82.us.oracle.com (/10.132.93.61)
        by default (Oracle Beehive Gateway v4.0)
        with ESMTP ; Wed, 12 Sep 2018 13:25:00 -0700
From:   Prakash Sangappa <prakash.sangappa@oracle.com>
To:     linux-kernel@vger.kernel.org, linux-mm@kvack.org
Cc:     dave.hansen@intel.com, mhocko@suse.com, nao.horiguchi@gmail.com,
        akpm@linux-foundation.org, kirill.shutemov@linux.intel.com,
        khandual@linux.vnet.ibm.com, steven.sistare@oracle.com,
        prakash.sangappa@oracle.com
Subject: [PATCH V2 5/6] File /proc/<pid>/numa_vamaps access needs PTRACE_MODE_READ_REALCREDS check
Date:   Wed, 12 Sep 2018 13:24:03 -0700
Message-Id: <1536783844-4145-6-git-send-email-prakash.sangappa@oracle.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1536783844-4145-1-git-send-email-prakash.sangappa@oracle.com>
References: <1536783844-4145-1-git-send-email-prakash.sangappa@oracle.com>
X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9014 signatures=668708
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0
 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=968
 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.0.1-1807170000 definitions=main-1809120201
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Permission to access /proc/<pid>/numa_vamaps file should be governed by
PTRACE_READ_REALCREADS check to restrict getting specific VA range to numa
node mapping information.

Signed-off-by: Prakash Sangappa <prakash.sangappa@oracle.com>
Reviewed-by: Steve Sistare <steven.sistare@oracle.com>
---
 fs/proc/base.c     | 4 +++-
 fs/proc/task_mmu.c | 2 +-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/fs/proc/base.c b/fs/proc/base.c
index 1af99ae..3c19a55 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -745,7 +745,9 @@ struct mm_struct *proc_mem_open(struct inode *inode, unsigned int mode)
 	struct mm_struct *mm = ERR_PTR(-ESRCH);
 
 	if (task) {
-		mm = mm_access(task, mode | PTRACE_MODE_FSCREDS);
+		if (!(mode & PTRACE_MODE_REALCREDS))
+			mode |= PTRACE_MODE_FSCREDS;
+		mm = mm_access(task, mode);
 		put_task_struct(task);
 
 		if (!IS_ERR_OR_NULL(mm)) {
diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c
index 93dce46..30b29d2 100644
--- a/fs/proc/task_mmu.c
+++ b/fs/proc/task_mmu.c
@@ -2043,7 +2043,7 @@ static int numa_vamaps_open(struct inode *inode, struct file *file)
 	if (!nvm)
 		return -ENOMEM;
 
-	mm = proc_mem_open(inode, PTRACE_MODE_READ);
+	mm = proc_mem_open(inode, PTRACE_MODE_READ | PTRACE_MODE_REALCREDS);
 	if (IS_ERR(mm)) {
 		kfree(nvm);
 		return PTR_ERR(mm);
-- 
2.7.4