Re: [PATCH 7/7] ptrace: s/tracehook_tracer_task()/ptrace_parent()/

All of lore.kernel.org
 help / color / mirror / Atom feed

From: John Johansen <john.johansen@canonical.com>
To: Oleg Nesterov <oleg@redhat.com>
Cc: Tejun Heo <tj@kernel.org>,
	linux-kernel@vger.kernel.org, akpm@linux-foundation.org,
	torvalds@linux-foundation.org, hch@infradead.org,
	Stephen Smalley <sds@tycho.nsa.gov>
Subject: Re: [PATCH 7/7] ptrace: s/tracehook_tracer_task()/ptrace_parent()/
Date: Tue, 21 Jun 2011 04:44:31 -0700	[thread overview]
Message-ID: <4E00841F.6000202@canonical.com> (raw)
In-Reply-To: <20110620201603.GA17157@redhat.com>

On 06/20/2011 01:16 PM, Oleg Nesterov wrote:
> On 06/17, Tejun Heo wrote:
>>
>> tracehook.h is on the way out.  Rename tracehook_tracer_task() to
>> ptrace_parent() and move it from tracehook.h to ptrace.h.
> 
> I am a bit surpised you decided to keep this helper. Can't we simply
> kill it?
> 
> OK, we will see. I guess this change is mostly needed to remove yet
> another function from tracehook.h.
> 
>> @@ -216,7 +216,7 @@ static struct mm_struct *__check_mem_permission(struct task_struct *task)
>>  	if (task_is_stopped_or_traced(task)) {
>>  		int match;
>>  		rcu_read_lock();
>> -		match = (tracehook_tracer_task(task) == current);
>> +		match = (ptrace_parent(task) == current);
>>  		rcu_read_unlock();
>>  		if (match && ptrace_may_access(task, PTRACE_MODE_ATTACH))
> 
> All we need
> 
> 	if (task_is_traced(task) && task->parent == current) {
> 		if (ptrace_may_access()
> 			return mm;
> 	}
> 
> Of course I do not blame this patch, my only point is that this helper
> only adds more confusion imho.
> 
> 
> 
> 
>> @@ -67,7 +67,7 @@ static int may_change_ptraced_domain(struct task_struct *task,
>>  	int error = 0;
>>
>>  	rcu_read_lock();
>> -	tracer = tracehook_tracer_task(task);
>> +	tracer = ptrace_parent(task);
>>  	if (tracer) {
>>  		/* released below */
>>  		cred = get_task_cred(tracer);
> 
> Hmm. And then this task_struct is used after we dropped rcu_read_lock().
> 
> John, is this correct?
> 
nope this use is wrong.  The following patch should fix this

===

AppArmor: Fix reference to rcu protected pointer outside of rcu_read_lock

The pointer returned from tracehook_tracer_task() is only valid inside
the rcu_read_lock.  However the tracer pointer obtained is being passed
to aa_may_ptrace outside of the rcu_read_lock critical section.

Mover the aa_may_ptrace test into the rcu_read_lock critical section, to
fix this.

Signed-off-by: John Johansen <john.johansen@canonical.com>
---
 security/apparmor/domain.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
index c825c6e..78adc43 100644
--- a/security/apparmor/domain.c
+++ b/security/apparmor/domain.c
@@ -73,7 +73,6 @@ static int may_change_ptraced_domain(struct task_struct *task,
 		cred = get_task_cred(tracer);
 		tracerp = aa_cred_profile(cred);
 	}
-	rcu_read_unlock();
 
 	/* not ptraced */
 	if (!tracer || unconfined(tracerp))
@@ -82,6 +81,7 @@ static int may_change_ptraced_domain(struct task_struct *task,
 	error = aa_may_ptrace(tracer, tracerp, to_profile, PTRACE_MODE_ATTACH);
 
 out:
+	rcu_read_unlock();
 	if (cred)
 		put_cred(cred);
 
-- 
1.7.4.1

next prev parent reply	other threads:[~2011-06-21 11:44 UTC|newest]

Thread overview: 44+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-06-17 14:50 [PATCHSET] ptrace: kill most tracehooks Tejun Heo
2011-06-17 14:50 ` [PATCH 1/7] ptrace: kill task_ptrace() Tejun Heo
2011-06-17 14:50 ` [PATCH 2/7] ptrace: introduce ptrace_event_enabled() and simplify ptrace_event() and tracehook_prepare_clone() Tejun Heo
2011-06-17 14:50 ` [PATCH 3/7] ptrace: move SIGTRAP on exec(2) logic to ptrace_event() Tejun Heo
2011-06-20 20:25   ` Oleg Nesterov
2011-06-21  7:21     ` Tejun Heo
2011-06-21 20:40       ` Oleg Nesterov
2011-06-23  8:58         ` Tejun Heo
2011-06-17 14:50 ` [PATCH 4/7] ptrace: kill trivial tracehooks Tejun Heo
2011-06-17 14:50 ` [PATCH 5/7] ptrace: kill clone/exec tracehooks Tejun Heo
2011-06-20 20:33   ` Oleg Nesterov
2011-06-21  7:24     ` Tejun Heo
2011-06-17 14:50 ` [PATCH 6/7] ptrace: kill detah tracehooks Tejun Heo
2011-06-20 19:39   ` Oleg Nesterov
2011-06-21 20:23     ` Oleg Nesterov
2011-06-23  9:24     ` Tejun Heo
2011-06-22 21:07   ` [PATCH 0/8] kill task_detached() (Was: ptrace: kill detah tracehooks) Oleg Nesterov
2011-06-22 21:08     ` [PATCH 1/8] make do_notify_parent() return bool Oleg Nesterov
2011-06-23  9:52       ` Tejun Heo
2011-06-22 21:08     ` [PATCH 2/8] kill tracehook_notify_death() Oleg Nesterov
2011-06-23 12:22       ` Tejun Heo
2011-06-23 13:21         ` Oleg Nesterov
2011-06-23 13:27           ` Tejun Heo
2011-06-23 13:28             ` Oleg Nesterov
2011-06-23 17:06               ` Oleg Nesterov
2011-06-25 14:15                 ` Tejun Heo
2011-06-26 20:51                   ` Oleg Nesterov
2011-06-27  8:24                     ` Tejun Heo
2011-06-27 14:21                       ` Oleg Nesterov
2011-06-27 14:36                         ` Tejun Heo
2011-06-22 21:08     ` [PATCH 3/8] __ptrace_detach: avoid task_detached(), check do_notify_parent() Oleg Nesterov
2011-06-23 13:25       ` Tejun Heo
2011-06-22 21:09     ` [PATCH 4/8] make do_notify_parent() __must_check, update the callers Oleg Nesterov
2011-06-23 13:38       ` Tejun Heo
2011-06-22 21:09     ` [PATCH 5/8] reparent_leader: check EXIT_DEAD instead of task_detached() Oleg Nesterov
2011-06-22 21:09     ` [PATCH 6/8] kill task_detached() Oleg Nesterov
2011-06-22 21:10     ` [PATCH 7/8] do not change dead_task->exit_signal Oleg Nesterov
2011-06-22 21:10     ` [PATCH 8/8] redefine thread_group_leader() as exit_signal >= 0 Oleg Nesterov
2011-06-23 13:56       ` Tejun Heo
2011-06-17 14:50 ` [PATCH 7/7] ptrace: s/tracehook_tracer_task()/ptrace_parent()/ Tejun Heo
2011-06-20 20:16   ` Oleg Nesterov
2011-06-21 11:44     ` John Johansen [this message]
2011-06-23  9:14     ` Tejun Heo
2011-06-20 11:16 ` [PATCHSET] ptrace: kill most tracehooks Christoph Hellwig

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:c825c6e dfblob:78adc43 )
 OR (
bs:"Re: [PATCH 7/7] ptrace: s/tracehook_tracer_task()/ptrace_parent()/" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4E00841F.6000202@canonical.com \
    --to=john.johansen@canonical.com \
    --cc=akpm@linux-foundation.org \
    --cc=hch@infradead.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=oleg@redhat.com \
    --cc=sds@tycho.nsa.gov \
    --cc=tj@kernel.org \
    --cc=torvalds@linux-foundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.