Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp5146667pxj; Wed, 9 Jun 2021 10:10:07 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzAGInOxaoUfPLGTvpts77dBWYMQow4ilZYFL6wmDAFAYXasdkJ7Z6a2Idlz0o/f0zAXRhx X-Received: by 2002:a17:906:308d:: with SMTP id 13mr844030ejv.554.1623258607276; Wed, 09 Jun 2021 10:10:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1623258607; cv=none; d=google.com; s=arc-20160816; b=xyZMpqWGdFsTK1C6gi4C8MOYKCt1VqD4bqjRVT746HJt7r3akwDiDMovXcH0oKDHjm NfKHpNat0hDiEKJpv8JyawfWjHJuYDZyf/DG5H8nTY1mNMprqeZ17RogxoSE5Sa06oiD oWJnbB701+Y6QyCkOW7MK4miWGrEWheDDA/fa60+Z+AUOoW66q42/KcXR08EiEbpuqpc UMphbbA8PUO0cSr1YaioVbtkS0T836v5/FKSBoEUce2fW1bK8mrocZ+tgPq/EE+Zcrz8 teRyYKBw9Wgu5rXLtDSGvIamly8Hi4+lyQ++rYDSv+dqMIHmcolZ/m4+ZQ2V5wCb/1kf PKrQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=vszvUreQA6f6goUQw0oJnR6tpcks7hACxjGIiMXViDY=; b=JbLHiPnIAkxcXipYkqKBMoz1/dGR0wimkBbCfbQ2g98WEPGx99UDWhgEHwmrM6m+Gg TYcOYgZkfxyY9rHJr006npTdxaa9I+zyb6E1OqqyRMLp1vVa8LMOqzeq4CHHgJqPf8Tl ZqOiv0HDgBzE/TKVjRmoWZf/c1b7YXAk0fZ16Obpam+9vIY08gkz20srF/fa3WpcJPWq y4qbLFHTNDHWZkzhWZZYj8bDYTgLtntqYjJWHNMt5m6uc0cOJxFNFBB1YXyPpnRyZiiO CX1ws8Rma0telXp7ok1zNW1y0FiqzPyANKdoLvmXE+jPb6C8gfUDL6OaHMRSduJinn9x 3TnQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id ch8si181398edb.535.2021.06.09.10.09.43; Wed, 09 Jun 2021 10:10:07 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236816AbhFIGmH (ORCPT + 99 others); Wed, 9 Jun 2021 02:42:07 -0400 Received: from mail.kernel.org ([198.145.29.99]:44828 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232644AbhFIGmH (ORCPT ); Wed, 9 Jun 2021 02:42:07 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 5C77B61181; Wed, 9 Jun 2021 06:40:11 +0000 (UTC) Date: Wed, 9 Jun 2021 08:40:08 +0200 From: Christian Brauner To: Kees Cook Cc: Linus Torvalds , Andrea Righi , stable@vger.kernel.org, linux-kernel@vger.kernel.org, regressions@lists.linux.dev Subject: Re: [PATCH] proc: Track /proc/$pid/attr/ opener mm_struct Message-ID: <20210609064008.liz2gvpjtyqwx6qr@wittgenstein> References: <20210608171221.276899-1-keescook@chromium.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20210608171221.276899-1-keescook@chromium.org> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jun 08, 2021 at 10:12:21AM -0700, Kees Cook wrote: > Commit bfb819ea20ce ("proc: Check /proc/$pid/attr/ writes against file opener") > tried to make sure that there could not be a confusion between the opener of > a /proc/$pid/attr/ file and the writer. It used struct cred to make sure > the privileges didn't change. However, there were existing cases where a more > privileged thread was passing the opened fd to a differently privileged thread > (during container setup). Instead, use mm_struct to track whether the opener > and writer are still the same process. (This is what several other proc files > already do, though for different reasons.) > > Reported-by: Christian Brauner > Reported-by: Andrea Righi > Tested-by: Andrea Righi > Fixes: bfb819ea20ce ("proc: Check /proc/$pid/attr/ writes against file opener") > Cc: stable@vger.kernel.org > Signed-off-by: Kees Cook > --- Thanks! Acked-by: Christian Brauner