[Devel] [PATCH RHEL8 COMMIT] ve/mm/trace: Improve vps_dumpable check in __ptrace_may_access()

Konstantin Khorenko khorenko at virtuozzo.com
Tue May 11 18:37:05 MSK 2021 

The commit is pushed to "branch-rh8-4.18.0-240.1.1.vz8.5.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh8-4.18.0-240.1.1.vz8.5.27
------>
commit 5ebb79b68a3f15e45bcb4ef9be4fa2267d75ce21
Author: Vasily Averin <vvs at virtuozzo.com>
Date:   Tue May 11 18:37:05 2021 +0300

    ve/mm/trace: Improve vps_dumpable check in __ptrace_may_access()
    
    __ptrace_may_access() is used when someone tries to
    readlink /proc/$PID/ns/$SOMENS and gets -EPERM for kthreads
    because they lack task->mm and thus "vps_dumpable" field.
    
    Let's return error only for non-kernel threads and follow usual
    restrictions for kernel threads.
    
    https://jira.sw.ru/browse/PSBM-92107
    Signed-off-by: Vasily Averin <vvs at virtuozzo.com>
    
    Rebase to vz8:
    
    - Lets remove excess vps_dumpable variable.
    - Also do the same mm precheck for vps_dumpable use in ptrace_attach(),
      with also replacing EACCES with more suitable EPERM.
    - Note that we don't have mm for zombies too, but it looks like there is
      no point to prohibit access to them via proc, and we can't ptrace dead
      tasks anyway.
    
    (cherry-picked from vz7 commit 5f24adbea638 ("Improve vps_dumpable check in
    __ptrace_may_access()"))
    Fixes: 8e582a4301dfc ("ve/mm/trace: introduce vps_dumpable flag")
    
    https://jira.sw.ru/browse/PSBM-127780
    
    Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
---
 kernel/ptrace.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/kernel/ptrace.c b/kernel/ptrace.c
index ad3878fb48ba..c55b0326cf83 100644
--- a/kernel/ptrace.c
+++ b/kernel/ptrace.c
@@ -272,7 +272,6 @@ static int __ptrace_may_access(struct task_struct *task, unsigned int mode)
 	struct mm_struct *mm;
 	kuid_t caller_uid;
 	kgid_t caller_gid;
-	int vps_dumpable = 0;
 
 	if (!(mode & PTRACE_MODE_FSCREDS) == !(mode & PTRACE_MODE_REALCREDS)) {
 		WARN(1, "denying ptrace access check without PTRACE_MODE_*CREDS\n");
@@ -337,8 +336,8 @@ static int __ptrace_may_access(struct task_struct *task, unsigned int mode)
 	     !ptrace_has_cap(mm->user_ns, mode)))
 	    return -EPERM;
 
-	vps_dumpable = (mm ? mm->vps_dumpable == VD_PTRACE_COREDUMP : 0);
-	if (!vps_dumpable && !ve_is_super(get_exec_env()))
+	if (mm && (mm->vps_dumpable != VD_PTRACE_COREDUMP) &&
+	    !ve_is_super(get_exec_env()))
 		return -EPERM;
 
 	return security_ptrace_access_check(task, mode);
@@ -391,8 +390,8 @@ static int ptrace_attach(struct task_struct *task, long request,
 	task_lock(task);
 	retval = __ptrace_may_access(task, PTRACE_MODE_ATTACH_REALCREDS);
 	if (!retval) {
-		if (!task->mm || task->mm->vps_dumpable == VD_LICDATA_ACCESS)
-			retval = -EACCES;
+		if (task->mm && task->mm->vps_dumpable == VD_LICDATA_ACCESS)
+			retval = -EPERM;
 	}
 	task_unlock(task);
 	if (retval)

More information about the Devel mailing list