Re: [PATCH] Return EPERM not ECHILD on security_task_wait failure
On Mon, 23 Apr 2007, Roland McGrath wrote: > As I said in some earlier discussion following my original patch, that > would be fine with me. I haven't coded up that variant, but it's simple > enough. Would you like to do it? Sure. -- James Morris <[EMAIL PROTECTED]> - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH] Return EPERM not ECHILD on security_task_wait failure
> On Thu, 15 Mar 2007, Roland McGrath wrote: > > > This patch makes do_wait return -EPERM instead of -ECHILD if some > > children were ruled out solely because security_task_wait failed. > > What about using the return value from the security_task_wait hook (which > should be -EACCES) ? As I said in some earlier discussion following my original patch, that would be fine with me. I haven't coded up that variant, but it's simple enough. Would you like to do it? Thanks, Roland - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH] Return EPERM not ECHILD on security_task_wait failure
On Thu, 15 Mar 2007, Roland McGrath wrote: > This patch makes do_wait return -EPERM instead of -ECHILD if some > children were ruled out solely because security_task_wait failed. What about using the return value from the security_task_wait hook (which should be -EACCES) ? - James -- James Morris <[EMAIL PROTECTED]> - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH] Return EPERM not ECHILD on security_task_wait failure
On Thu, 15 Mar 2007, Roland McGrath wrote: This patch makes do_wait return -EPERM instead of -ECHILD if some children were ruled out solely because security_task_wait failed. What about using the return value from the security_task_wait hook (which should be -EACCES) ? - James -- James Morris [EMAIL PROTECTED] - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH] Return EPERM not ECHILD on security_task_wait failure
On Thu, 15 Mar 2007, Roland McGrath wrote: This patch makes do_wait return -EPERM instead of -ECHILD if some children were ruled out solely because security_task_wait failed. What about using the return value from the security_task_wait hook (which should be -EACCES) ? As I said in some earlier discussion following my original patch, that would be fine with me. I haven't coded up that variant, but it's simple enough. Would you like to do it? Thanks, Roland - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH] Return EPERM not ECHILD on security_task_wait failure
On Mon, 23 Apr 2007, Roland McGrath wrote: As I said in some earlier discussion following my original patch, that would be fine with me. I haven't coded up that variant, but it's simple enough. Would you like to do it? Sure. -- James Morris [EMAIL PROTECTED] - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[PATCH] Return EPERM not ECHILD on security_task_wait failure
wait* syscalls return -ECHILD even when an individual PID of a live child was requested explicitly, when security_task_wait denies the operation. This means that something like a broken SELinux policy can produce an unexpected failure that looks just like a bug with wait or ptrace or something. This patch makes do_wait return -EPERM instead of -ECHILD if some children were ruled out solely because security_task_wait failed. Signed-off-by: Roland McGrath <[EMAIL PROTECTED]> --- kernel/exit.c | 12 +++- 1 files changed, 11 insertions(+), 1 deletions(-) diff --git a/kernel/exit.c b/kernel/exit.c index f132349..a41052f 100644 --- a/kernel/exit.c +++ b/kernel/exit.c @@ -1067,7 +1067,7 @@ static int eligible_child(pid_t pid, int return 2; if (security_task_wait(p)) - return 0; + return -1; return 1; } @@ -1449,6 +1449,7 @@ static long do_wait(pid_t pid, int optio DECLARE_WAITQUEUE(wait, current); struct task_struct *tsk; int flag, retval; + int allowed, denied; add_wait_queue(>signal->wait_chldexit,); repeat: @@ -1457,6 +1458,7 @@ repeat: * match our criteria, even if we are not able to reap it yet. */ flag = 0; + allowed = denied = 0; current->state = TASK_INTERRUPTIBLE; read_lock(_lock); tsk = current; @@ -1472,6 +1474,12 @@ repeat: if (!ret) continue; + if (unlikely(ret < 0)) { + denied = 1; + continue; + } + allowed = 1; + switch (p->state) { case TASK_TRACED: /* @@ -1570,6 +1578,8 @@ check_continued: goto repeat; } retval = -ECHILD; + if (unlikely(denied) && !allowed) + retval = -EPERM; end: current->state = TASK_RUNNING; remove_wait_queue(>signal->wait_chldexit,); - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[PATCH] Return EPERM not ECHILD on security_task_wait failure
wait* syscalls return -ECHILD even when an individual PID of a live child was requested explicitly, when security_task_wait denies the operation. This means that something like a broken SELinux policy can produce an unexpected failure that looks just like a bug with wait or ptrace or something. This patch makes do_wait return -EPERM instead of -ECHILD if some children were ruled out solely because security_task_wait failed. Signed-off-by: Roland McGrath [EMAIL PROTECTED] --- kernel/exit.c | 12 +++- 1 files changed, 11 insertions(+), 1 deletions(-) diff --git a/kernel/exit.c b/kernel/exit.c index f132349..a41052f 100644 --- a/kernel/exit.c +++ b/kernel/exit.c @@ -1067,7 +1067,7 @@ static int eligible_child(pid_t pid, int return 2; if (security_task_wait(p)) - return 0; + return -1; return 1; } @@ -1449,6 +1449,7 @@ static long do_wait(pid_t pid, int optio DECLARE_WAITQUEUE(wait, current); struct task_struct *tsk; int flag, retval; + int allowed, denied; add_wait_queue(current-signal-wait_chldexit,wait); repeat: @@ -1457,6 +1458,7 @@ repeat: * match our criteria, even if we are not able to reap it yet. */ flag = 0; + allowed = denied = 0; current-state = TASK_INTERRUPTIBLE; read_lock(tasklist_lock); tsk = current; @@ -1472,6 +1474,12 @@ repeat: if (!ret) continue; + if (unlikely(ret 0)) { + denied = 1; + continue; + } + allowed = 1; + switch (p-state) { case TASK_TRACED: /* @@ -1570,6 +1578,8 @@ check_continued: goto repeat; } retval = -ECHILD; + if (unlikely(denied) !allowed) + retval = -EPERM; end: current-state = TASK_RUNNING; remove_wait_queue(current-signal-wait_chldexit,wait); - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/