Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp2435745imm; Thu, 27 Sep 2018 12:50:54 -0700 (PDT) X-Google-Smtp-Source: ACcGV60Cl07R36Sn12eZXn8Hh4EARWev4orTr/xgoc0Oiq2Vj3FcJ4jNRC4mTGXFj2HC76q6hAVU X-Received: by 2002:a17:902:447:: with SMTP id 65-v6mr12300353ple.325.1538077854549; Thu, 27 Sep 2018 12:50:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1538077854; cv=none; d=google.com; s=arc-20160816; b=tITCDN6nE2ATIrA6M0T+g8MBnz/Yy7IAuie88zHc3lkHW57xlg8ZHNsuMp8qkm1xoS 8CN9sfAzoQwAoGu/h2i+PZPoZUS/wTHx3WF9fnv2SdXWyCkrlk7BDdIkaLss5F5bouiZ B650Y5VvPbeoJ9hsnn+XP1t5QbY4bvvP4g6SayArItOJZeW58i6oDkHNw90oyjqth03U GQzRqIYZfX/+/epo8BeXyMC/GDplD5+ojGRxOnbBp1D9A4zEc/zBZ6pnugzFxgwyt9En JgkyxGzCmsX1r88k1a38QyZKsGn+RQDZqIn8GtlcI6sfSo1beRp3CasubMS6ir52IuZG tsVQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=xvzR1FHaIiGrJzDjWZDHSHctMY6/8YLrE9EiC/S+3wg=; b=PpdQZGjhUXDfUmBtLPjx25odTQoSieLDtN7cdN3pxi+myTs6tVZ+y/NPQu4cXAlS/1 mFCq5WbYCfWPyQEeCZkrhW37Qp3xn8PE8y+HQOojStS6d0hF+zYhPTuDg2Psxyt998sy HZqMTSbzFtxBk+Jn8XpwpZmaIK7fm1i6UtMrbZZYwjG5SqUaFobJqsmtEEKQkEa/oOMR 3Ka1UZ4gegz4EU8PePbOjteAcE+WrLHPjrPvT1243blRj+euILp7AKxebBmRZbz6iBWN fA79Q2NygzVAk0GUTpB8VwYQV9BbIV6EgZa/D+sVwVUzQakZt9TquG6hfDEVdUhwkQCR NA1w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=KgPFqKVd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u7-v6si2684675pgh.592.2018.09.27.12.50.39; Thu, 27 Sep 2018 12:50:54 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=KgPFqKVd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728529AbeI1CJc (ORCPT + 99 others); Thu, 27 Sep 2018 22:09:32 -0400 Received: from mail-ot1-f65.google.com ([209.85.210.65]:37929 "EHLO mail-ot1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727634AbeI1CJc (ORCPT ); Thu, 27 Sep 2018 22:09:32 -0400 Received: by mail-ot1-f65.google.com with SMTP id h15-v6so3782389otj.5 for ; Thu, 27 Sep 2018 12:49:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=xvzR1FHaIiGrJzDjWZDHSHctMY6/8YLrE9EiC/S+3wg=; b=KgPFqKVdYkxIJR1UiEEKS2KwtqQHOVsxqHCzh9gBiovdRRQTBUO6sk4WNby1smweAu CqEyQ9m57P+Kv7CbPFXIFhAsmvjAFsQSrcXFYfJNbqqAoRGJKmly1h9MQ3ATlxdkAF0M e6jDcss0voc1NlXiwd5RS0xLGpx953hR8uyMzAiYJHmlF5sVMWZxKh0vw6/wtu39yV21 zk/FhSvIsxEymJaheVQHsXyd7ouysivY0sP+wGWASCI8eFs1pdi7lXCuxOYQrAYYyyt+ dOQ9N9kQI108LLJUsF83/fM9YLw24ftcagNNFaCoH/TbbifsBZvYh0ckYeYhs3L78UQ5 8OqQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=xvzR1FHaIiGrJzDjWZDHSHctMY6/8YLrE9EiC/S+3wg=; b=ASqgTDtNT2VinLC0sxulLhplK0E5NAXmubbXaut0v5lt9X/8mNXTT7+gCBgg3M/zWQ mWEMGBg5rw+Ecm6cXOxxva3y3TARH6btSkC6w32/MwjIweb5ceoEUtOZ1wbNUoub6cDY LMEyS9u2mYafYuEbVxQ8ruUaxfEI4CPnz1bzdT2GsFKOQpKj0YOxksV/75gAlCylIeI7 2/HpB5s0QJ1Y8xMLLyLpnd2QnY5vBX/SPY739aMaREIDOjeuAux9gI/hsLpPCRk9RHWF gzelmIfmNLlmXXEahfFpzggqQwFigXCvlpB2gG5s5J5IhA/muxc4gpa8v0oqctXwKTmA 22tw== X-Gm-Message-State: ABuFfogZ4MU2lkXZ+JIuD6nCbQAVGjlzgUu63H1mz0YqmSPdhVvZjoqI 7M9PO2Zons+lprB8KDb6QhhrmtkI+OTkynIU036UqSmy4Hc= X-Received: by 2002:a9d:4e94:: with SMTP id v20-v6mr8039959otk.255.1538077777344; Thu, 27 Sep 2018 12:49:37 -0700 (PDT) MIME-Version: 1.0 References: <20180824224117.3356-1-casey.schaufler@intel.com> <20180927191720.9480-1-casey.schaufler@intel.com> In-Reply-To: <20180927191720.9480-1-casey.schaufler@intel.com> From: Jann Horn Date: Thu, 27 Sep 2018 21:49:10 +0200 Message-ID: Subject: Re: [PATCH 6/5] capability: Repair sidechannel test in ptrace To: Casey Schaufler Cc: Kernel Hardening , kernel list , linux-security-module , selinux@tycho.nsa.gov, Dave Hansen , deneen.t.dock@intel.com, kristen@linux.intel.com, Arjan van de Ven Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Sep 27, 2018 at 9:17 PM Casey Schaufler wrote: > > From: Casey Schaufler > > The PTRACE_MODE_SCHED check erroniously returns 0 in > all cases. It should be returning -EPERM. This fixes > the logic to correct that error. > > Signed-off-by: Casey Schaufler Reviewed-by: Jann Horn > --- > security/commoncap.c | 5 ++--- > 1 file changed, 2 insertions(+), 3 deletions(-) > > diff --git a/security/commoncap.c b/security/commoncap.c > index e77457110d05..70a7e3d19c16 100644 > --- a/security/commoncap.c > +++ b/security/commoncap.c > @@ -152,9 +152,8 @@ int cap_ptrace_access_check(struct task_struct *child, unsigned int mode) > if (cred->user_ns == child_cred->user_ns && > cap_issubset(child_cred->cap_permitted, *caller_caps)) > goto out; > - if (mode & PTRACE_MODE_SCHED) > - goto out; > - if (ns_capable(child_cred->user_ns, CAP_SYS_PTRACE)) > + if (!(mode & PTRACE_MODE_SCHED) && > + ns_capable(child_cred->user_ns, CAP_SYS_PTRACE)) > goto out; > ret = -EPERM; > out: > -- > 2.17.1 >