[patch] Update move_pages(2) manpage to match kernel change

[patch] Update move_pages(2) manpage to match kernel change

[Otto Ebeling]

[-- Attachment #1: Type: text/plain, Size: 262 bytes --]

Hi,

I recently reported a security bug to the kernel that caused a change to 
be made to the move_pages syscall (kernel commit 
197e7e521384a23b9e585178f3f11c9fa08274b9), the attached patch updates 
the man page to match the new behavior.

Thanks,
Otto Ebeling

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: man.diff --]
[-- Type: text/x-diff; name=man.diff, Size: 592 bytes --]

diff --git a/man2/move_pages.2 b/man2/move_pages.2
index dc3892a..390d23c 100644
--- a/man2/move_pages.2
+++ b/man2/move_pages.2
@@ -47,9 +47,10 @@ indicate constraints on the pages to be moved.
 is the ID of the process in which pages are to be moved.
 To move pages in another process,
 the caller must be privileged
-.RB ( CAP_SYS_NICE )
-or the real or effective user ID of the calling process must match the
-real or saved-set user ID of the target process.
+.RB ( CAP_SYS_PTRACE )
+or otherwise have the permission to use
+.BR ptrace (2)
+on the target process.
 If
 .I pid
 is 0, then

Re: [patch] Update move_pages(2) manpage to match kernel change

[Otto Ebeling]

Hi,

> 
>        To  move  pages  in  another process requires the following 
> privi‐
>        leges:
> 
>        *  In kernels up to and including Linux 4.12: the caller  must  
> be
>           privileged  (CAP_SYS_NICE)  or the real or effective user ID 
> of
>           the calling process must match the real or saved-set user ID 
> of
>           the target process.
> 
>        *  The  older rules allowed the caller to discover various 
> virtual
>           address choices made by the  kernel  that  could  lead  to  
> the
>           defeat  of  address-space-layout  randomization  for  a 
> process
>           owned by the same UID as the caller,  the  rules  were  
> changed
>           starting with Linux 4.13.  Since Linux 4.13, permission is 
> gov‐
>           erned by a ptrace access mode PTRACE_MODE_READ_REALCREDS  
> check
>           with respect to the target process; see ptrace(2).
> 
> Look okay?

Thanks for fixing that up, makes sense to document the historical 
behavior! Regarding the references to "Linux 4.13", I wanted to point 
out I got emails that indicate the patch was/will be merged to 
"3.18-stable tree, 4.12-stable tree, 4.4-stable tree, 4.9-stable". See 
e.g. 
https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/commit/?id=b52c5821b05b33af36b77ba5cfee54818828508f

Not sure how to word this in a man page - maybe something like "4.13, 
and updated versions of 3.18, 4.12, 4.4, and 4.9". What do you think?

Otto
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [patch] Update move_pages(2) manpage to match kernel change

[Michael Kerrisk (man-pages)]

Hello Otto,

On 22 August 2017 at 10:14, Otto Ebeling <oebeling-YEAOTlfEoH7f77WrBdCPMDwVj7d+iGoU@public.gmane.org> wrote:
> Hi,
>
>>
>>        To  move  pages  in  another process requires the following privi‐
>>        leges:
>>
>>        *  In kernels up to and including Linux 4.12: the caller  must  be
>>           privileged  (CAP_SYS_NICE)  or the real or effective user ID of
>>           the calling process must match the real or saved-set user ID of
>>           the target process.
>>
>>        *  The  older rules allowed the caller to discover various virtual
>>           address choices made by the  kernel  that  could  lead  to  the
>>           defeat  of  address-space-layout  randomization  for  a process
>>           owned by the same UID as the caller,  the  rules  were  changed
>>           starting with Linux 4.13.  Since Linux 4.13, permission is gov‐
>>           erned by a ptrace access mode PTRACE_MODE_READ_REALCREDS  check
>>           with respect to the target process; see ptrace(2).
>>
>> Look okay?
>
>
> Thanks for fixing that up, makes sense to document the historical behavior!
> Regarding the references to "Linux 4.13", I wanted to point out I got emails
> that indicate the patch was/will be merged to "3.18-stable tree, 4.12-stable
> tree, 4.4-stable tree, 4.9-stable". See e.g.
> https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/commit/?id=b52c5821b05b33af36b77ba5cfee54818828508f
>
> Not sure how to word this in a man page - maybe something like "4.13, and
> updated versions of 3.18, 4.12, 4.4, and 4.9". What do you think?

The cross-product if individual patches that hit stable and the
various stable versions is just too complex too track in man pages, so
I do not even try...

Cheers,

Michael


-- 
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [patch] Update move_pages(2) manpage to match kernel change

[Otto Ebeling]

Hi Michael,

>> Not sure how to word this in a man page - maybe something like "4.13, 
>> and
>> updated versions of 3.18, 4.12, 4.4, and 4.9". What do you think?
> 
> The cross-product if individual patches that hit stable and the
> various stable versions is just too complex too track in man pages, so
> I do not even try...

OK, I'm fine with that too - so let's make the change in the form you 
proposed?

Thanks,
Otto
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html