[CRIU] [PATCH] files-reg: fix /proc/<pid>/* ownership for linkat restore
Andrey Wagin
avagin at gmail.com
Thu Dec 17 11:36:07 PST 2015
2015-12-17 16:28 GMT+03:00 Dmitry Safonov <dsafonov at odin.com>:
> On 12/17/2015 03:58 PM, Pavel Emelyanov wrote:
>>
>> On 12/17/2015 03:25 PM, Dmitry Safonov wrote:
>>>
>>> After linkat_hard with setfsuid permissions of files in
>>> /proc/<pid>/* changes to root because of pid_getattr @ fs/proc/base.c
>>> will fail to check has_pid_permissions() in ptrace_may_access()
>>
>> Wait, the __ptrace_may_access starts with
>>
>> if (same_thread_group(task, current))
>> return 0;
>>
>> so writing to self is always granted.
>
> Seems so, will check it.
The dumpable flag is checked in proc_pid_make_inode
if (task_dumpable(task)) {
rcu_read_lock();
cred = __task_cred(task);
inode->i_uid = cred->euid;
inode->i_gid = cred->egid;
rcu_read_unlock();
}
>>
>>
>>> Fix it with PR_SET_DUMPABLE.
>>>
>>> Cc: Andrew Vagin <avagin at virtuozzo.com>
>>> Signed-off-by: Dmitry Safonov <dsafonov at odin.com>
>>> ---
>>> files-reg.c | 2 ++
>>> 1 file changed, 2 insertions(+)
>>>
>>> diff --git a/files-reg.c b/files-reg.c
>>> index 425dc04..082e46c 100644
>>> --- a/files-reg.c
>>> +++ b/files-reg.c
>>> @@ -6,6 +6,7 @@
>>> #include <sys/mman.h>
>>> #include <sys/types.h>
>>> #include <sys/stat.h>
>>> +#include <sys/prctl.h>
>>> #include <sys/vfs.h>
>>> #include <ctype.h>
>>> @@ -1100,6 +1101,7 @@ static int linkat_hard(int odir, char *opath, int
>>> ndir, char *npath, uid_t owner
>>> */
>>> }
>>> errno = errno_save;
>>> + prctl(PR_SET_DUMPABLE, 1, 0);
>>> return ret;
>>> }
>>>
>
>
> --
> Regards,
> Dmitry Safonov
>
>
> _______________________________________________
> CRIU mailing list
> CRIU at openvz.org
> https://lists.openvz.org/mailman/listinfo/criu
More information about the CRIU
mailing list