From 01a2197485a9917216ad67ced4bafed9f7942f5a Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Thu, 13 Apr 2017 10:32:16 -0500 Subject: posix-timers: Correct sanity check in posix_cpu_nsleep CPUCLOCK_PID(which_clock) is a pid value from userspace so compare it against task_pid_vnr, not current->pid. As task_pid_vnr is in the tasks pid value in the tasks pid namespace, and current->pid is in the initial pid namespace. Signed-off-by: "Eric W. Biederman" --- kernel/time/posix-cpu-timers.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'kernel') diff --git a/kernel/time/posix-cpu-timers.c b/kernel/time/posix-cpu-timers.c index 4513ad16a253..37f9bb8c193e 100644 --- a/kernel/time/posix-cpu-timers.c +++ b/kernel/time/posix-cpu-timers.c @@ -1312,7 +1312,7 @@ static int posix_cpu_nsleep(const clockid_t which_clock, int flags, */ if (CPUCLOCK_PERTHREAD(which_clock) && (CPUCLOCK_PID(which_clock) == 0 || - CPUCLOCK_PID(which_clock) == current->pid)) + CPUCLOCK_PID(which_clock) == task_pid_vnr(current))) return -EINVAL; error = do_cpu_nanosleep(which_clock, flags, rqtp, &it); -- cgit v1.2.3 From cad4ea546b1a8a700d269e41ac5db182057d7a32 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Wed, 12 Apr 2017 17:22:14 -0500 Subject: rlimit: Properly call security_task_setrlimit Modify do_prlimit to call security_task_setrlimit passing the task whose rlimit we are changing not the tsk->group_leader. In general this should not matter as the lsms implementing security_task_setrlimit apparmor and selinux both examine the task->cred to see what should be allowed on the destination task. That task->cred is shared between tasks created with CLONE_THREAD unless thread keyrings are in play, in which case both apparmor and selinux create duplicate security contexts. So the only time when it will matter which thread is passed to security_task_setrlimit is if one of the threads of a process performs an operation that changes only it's credentials. At which point if a thread has done that we don't want to hide that information from the lsms. So fix the call of security_task_setrlimit. With the removal of tsk->group_leader this makes the code slightly faster, more comprehensible and maintainable. Signed-off-by: "Eric W. Biederman" --- kernel/sys.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'kernel') diff --git a/kernel/sys.c b/kernel/sys.c index 7ff6d1b10cec..ad1eff7933cb 100644 --- a/kernel/sys.c +++ b/kernel/sys.c @@ -1396,8 +1396,7 @@ int do_prlimit(struct task_struct *tsk, unsigned int resource, !capable(CAP_SYS_RESOURCE)) retval = -EPERM; if (!retval) - retval = security_task_setrlimit(tsk->group_leader, - resource, new_rlim); + retval = security_task_setrlimit(tsk, resource, new_rlim); if (resource == RLIMIT_CPU && new_rlim->rlim_cur == 0) { /* * The caller is asking for an immediate RLIMIT_CPU -- cgit v1.2.3 From 6c478ae9204b489f6228e4b535c6ac72851e06d8 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 17 Apr 2017 22:10:04 -0500 Subject: signal: Make kill_proc_info static There are no users outside of signal.c so make the function static so the compiler and other developers have that information. Signed-off-by: "Eric W. Biederman" --- kernel/signal.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'kernel') diff --git a/kernel/signal.c b/kernel/signal.c index 7e59ebc2c25e..a8c54f384553 100644 --- a/kernel/signal.c +++ b/kernel/signal.c @@ -1318,7 +1318,7 @@ int kill_pid_info(int sig, struct siginfo *info, struct pid *pid) } } -int kill_proc_info(int sig, struct siginfo *info, pid_t pid) +static int kill_proc_info(int sig, struct siginfo *info, pid_t pid) { int error; rcu_read_lock(); -- cgit v1.2.3