Re: [PATCH v3 06/11] rlimits: do security check under task_lock

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Andrew Morton

Subject: Re: [PATCH v3 06/11] rlimits: do security check under task_lock

Date: Thursday, May 13, 2010 - 3:56 pm

On Mon, 10 May 2010 20:00:46 +0200
Jiri Slaby <jslaby@suse.cz> wrote:

quoted text> Do security_task_setrlimit under task_lock. Other tasks may
> change limits under our hands while we are checking limits
> inside the function. From now on, they can't.
>
> ...
>
> --- a/kernel/sys.c
> +++ b/kernel/sys.c
> @@ -1277,7 +1277,7 @@ int do_setrlimit(struct task_struct *tsk, unsigned int resource,
>  		struct rlimit *new_rlim)
>  {
>  	struct rlimit *old_rlim;
> -	int retval;
> +	int retval = 0;
>  
>  	if (resource >= RLIM_NLIMITS)
>  		return -EINVAL;
> @@ -1293,10 +1293,6 @@ int do_setrlimit(struct task_struct *tsk, unsigned int resource,
>  		goto out;
>  	}
>  
> -	retval = security_task_setrlimit(tsk, resource, new_rlim);
> -	if (retval)
> -		goto out;
> -
>  	if (resource == RLIMIT_CPU && new_rlim->rlim_cur == 0) {
>  		/*
>  		 * The caller is asking for an immediate RLIMIT_CPU
> @@ -1309,11 +1305,13 @@ int do_setrlimit(struct task_struct *tsk, unsigned int resource,
>  
>  	old_rlim = tsk->signal->rlim + resource;
>  	task_lock(tsk->group_leader);
> -	if ((new_rlim->rlim_max <= old_rlim->rlim_max) ||
> -				capable(CAP_SYS_RESOURCE))
> -		*old_rlim = *new_rlim;
> -	else
> +	if ((new_rlim->rlim_max > old_rlim->rlim_max) &&
> +				!capable(CAP_SYS_RESOURCE))
>  		retval = -EPERM;
> +	if (!retval)
> +		retval = security_task_setrlimit(tsk, resource, new_rlim);
> +	if (!retval)
> +		*old_rlim = *new_rlim;
>  	task_unlock(tsk->group_leader);
>  
>  	if (retval || resource != RLIMIT_CPU)

Yikes, so the locking around all that selinux code becomes even more
brutal.  How much rope are you tying around the selinux developers'
hands here?


--
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[PATCH v3 01/11] rlimits: security, add task_struct to set ..., Jiri Slaby, (Mon May 10, 11:00 am)

[PATCH v3 02/11] rlimits: add task_struct to update_rlimit_cpu, Jiri Slaby, (Mon May 10, 11:00 am)

[PATCH v3 04/11] rlimits: split sys_setrlimit, Jiri Slaby, (Mon May 10, 11:00 am)

[PATCH v3 05/11] rlimits: allow setrlimit to non-current tasks, Jiri Slaby, (Mon May 10, 11:00 am)

[PATCH v3 06/11] rlimits: do security check under task_lock, Jiri Slaby, (Mon May 10, 11:00 am)

[PATCH v3 08/11] rlimits: redo do_setrlimit to more generi ..., Jiri Slaby, (Mon May 10, 11:00 am)

[PATCH v3 09/11] rlimits: switch more rlimit syscalls to d ..., Jiri Slaby, (Mon May 10, 11:00 am)

[PATCH v3 10/11] rlimits: implement prlimit64 syscall, Jiri Slaby, (Mon May 10, 11:00 am)

[PATCH v3 11/11] unistd: add __NR_prlimit64 syscall numbers, Jiri Slaby, (Mon May 10, 11:00 am)

Re: [PATCH v3 05/11] rlimits: allow setrlimit to non-curre ..., Andrew Morton, (Thu May 13, 3:56 pm)

Re: [PATCH v3 06/11] rlimits: do security check under task ..., Andrew Morton, (Thu May 13, 3:56 pm)

Re: [PATCH v3 10/11] rlimits: implement prlimit64 syscall, Andrew Morton, (Thu May 13, 3:56 pm)

Re: [PATCH v3 10/11] rlimits: implement prlimit64 syscall, Jiri Slaby, (Wed May 26, 5:58 am)

Re: [PATCH v3 10/11] rlimits: implement prlimit64 syscall, Andrew Morton, (Wed May 26, 7:30 am)

Re: [PATCH v3 10/11] rlimits: implement prlimit64 syscall, Jiri Slaby, (Wed May 26, 8:13 am)

Re: [PATCH v3 06/11] rlimits: do security check under task ..., Jiri Slaby, (Sun Jun 6, 1:23 pm)

Re: [PATCH v3 06/11] rlimits: do security check under task ..., Oleg Nesterov, (Mon Jun 7, 11:08 am)

Re: [PATCH v3 06/11] rlimits: do security check under task ..., Jiri Slaby, (Wed Jun 23, 8:20 am)

Re: [PATCH v3 06/11] rlimits: do security check under task ..., Oleg Nesterov, (Wed Jun 23, 9:12 am)

Re: [PATCH v3 06/11] rlimits: do security check under task ..., Jiri Slaby, (Wed Jun 23, 10:44 am)

Re: [PATCH v3 06/11] rlimits: do security check under task ..., Oleg Nesterov, (Wed Jun 23, 10:56 am)

Re: [PATCH v3 06/11] rlimits: do security check under task ..., Stephen Smalley, (Wed Jun 23, 11:37 am)

Re: [PATCH v3 06/11] rlimits: do security check under task ..., Jiri Slaby, (Wed Jun 23, 2:35 pm)


linux-kernel:
Jesse Barnes	Re: [stable] [BUG][PATCH] cpqphp: fix kernel NULL pointer dereference
Greg KH	[003/136] p54usb: add Zcomax XG-705A usbid
Magnus Damm	[PATCH 03/07] ARM: Use shared GIC entry macros on Realview
Oliver Neukum	Re: [Bug #13682] The webcam stopped working when upgrading from 2.6.29 to 2.6.30
Martin Schwidefsky	Re: [PATCH] optimized ktime_get[_ts] for GENERIC_TIME=y
git:
Junio C Hamano	Re: Some advanced index playing
Jeff King	Re: confusion over the new branch and merge config
Robin Rosenberg	Re: cvs2svn conversion directly to git ready for experimentation
Linus Torvalds	git binary size...
Ævar Arnfjörð Bjarmason	Re: Challenge with Git-Bash
git-commits-head:
Linux Kernel Mailing List	md: move allocation of ->queue from mddev_find to md_probe
Linux Kernel Mailing List	md: raid0: Represent zone->zone_offset in sectors.
Linux Kernel Mailing List