linux-security-module July 2008 archive
Main Archive Page > Month Archives  > linux-security-module archives
linux-security-module: [PATCH] security: reinstate extra ptrace

[PATCH] security: reinstate extra ptrace security check in pagemap_read

From: James Morris <jmorris_at_nospam>
Date: Tue Jul 08 2008 - 01:19:30 GMT
To: Stephen Smalley <sds@tycho.nsa.gov>


Please review. If it's ok, it should probably go into 2.6.26. --- From: James Morris <jmorris@namei.org> Date: Tue, 8 Jul 2008 10:10:47 +0900 Subject: [PATCH] security: reinstate extra ptrace security check in pagemap_read Recent changes to the pagemap_read code removed a call to ptrace_may_attach(), which is required to handle the case where a different process acquires the mmap_sem semaphore after the first check. Signed-off-by: James Morris <jmorris@namei.org> --- fs/proc/task_mmu.c | 6 ++++++ 1 files changed, 6 insertions(+), 0 deletions(-) diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c index c492449..57cd6fa 100644 --- a/fs/proc/task_mmu.c +++ b/fs/proc/task_mmu.c @@ -685,6 +685,12 @@ static ssize_t pagemap_read(struct file *file, char __user *buf, goto out_pages; }
+ /* Need to re-check in case someone else acquired semaphore */
+ if (!ptrace_may_attach(task)) {
+ ret = -EIO;
+ goto out_pages;
+ }
+
pm.out = (u64 *)buf; pm.end = (u64 *)(buf + count); -- 1.5.5.1 -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html