From: Jeff Layton <jlayton@poochiereds.net>
To: Olga Kornievskaia <kolga@netapp.com>, steved@redhat.com
Cc: linux-nfs@vger.kernel.org
Subject: Re: [PATCH v3 2/3] gssd: using syscalls directly to change thread's identity
Date: Mon, 25 Apr 2016 16:23:12 -0400 [thread overview]
Message-ID: <1461615792.4288.31.camel@poochiereds.net> (raw)
In-Reply-To: <1461603513-67523-3-git-send-email-kolga@netapp.com>
On Mon, 2016-04-25 at 12:58 -0400, Olga Kornievskaia wrote:
> For the threaded version we have to set uid,gid per thread instead
> of per process. glibc setresuid() when called from a thread, it'll
> send a signal to all other threads to synchronize the uid in all
> other threads. To bypass this, we have to call syscall() directly.
>
> Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
> Reviewed-by: Steve Dickson <steved@redhat.com>
> ---
> utils/gssd/gssd_proc.c | 12 +++++++++---
> 1 file changed, 9 insertions(+), 3 deletions(-)
>
> diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c
> index e2e95dc..487a4f5 100644
> --- a/utils/gssd/gssd_proc.c
> +++ b/utils/gssd/gssd_proc.c
> @@ -69,6 +69,7 @@
> #include
> #include
> #include
> +#include
>
> #include "gssd.h"
> #include "err_util.h"
> @@ -436,7 +437,7 @@ change_identity(uid_t uid)
> struct passwd *pw;
>
> /* drop list of supplimentary groups first */
> - if (setgroups(0, NULL) != 0) {
> + if (syscall(SYS_setgroups, 0) != 0) {
> printerr(0, "WARNING: unable to drop supplimentary groups!");
> return errno;
> }
> @@ -457,7 +458,12 @@ change_identity(uid_t uid)
> * Switch the GIDs. Note that we leave the saved-set-gid alone in an
> * attempt to prevent attacks via ptrace()
> */
> - if (setresgid(pw->pw_gid, pw->pw_gid, -1) != 0) {
> + /* For the threaded version we have to set uid,gid per thread instead
> + * of per process. glibc setresuid() when called from a thread, it'll
> + * send a signal to all other threads to synchronize the uid in all
> + * other threads. To bypass this, we have to call syscall() directly.
> + */
> + if (syscall(SYS_setresgid, pw->pw_gid) != 0) {
> printerr(0, "WARNING: failed to set gid to %u!\n", pw->pw_gid);
> return errno;
> }
> @@ -466,7 +472,7 @@ change_identity(uid_t uid)
> * Switch UIDs, but leave saved-set-uid alone to prevent ptrace() by
> * other processes running with this uid.
> */
> - if (setresuid(uid, uid, -1) != 0) {
> + if (syscall(SYS_setresuid, uid) != 0) {
That looks wrong. setresuid takes 3 arguments:
SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid)
Ditto for setresgid above. syscall is a varargs function, so you really
_must_ pass in the right number of args or you'll end up feeding it
random junk in registers or off the stack. The compiler won't save you
here...
> printerr(0, "WARNING: Failed to setuid for user with
uid %u\n",
> uid);
> return errno;
--
Jeff Layton <jlayton@poochiereds.net>
next prev parent reply other threads:[~2016-04-25 20:23 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-25 16:58 [RFC PATCH v3 0/3] adding pthread support to gssd Olga Kornievskaia
2016-04-25 16:58 ` [PATCH v3 1/3] gssd: use pthreads to handle upcalls Olga Kornievskaia
2016-04-27 14:54 ` Steve Dickson
2016-04-27 15:16 ` Kornievskaia, Olga
2016-04-27 15:23 ` Steve Dickson
[not found] ` <57DB10EC-2538-4191-B5D7-03D53FD1F9C9@netapp.com>
[not found] ` <FDB72BF5-75F1-4A03-84B5-F4E1A06263C8@netapp.com>
2016-04-27 17:50 ` Steve Dickson
2016-04-25 16:58 ` [PATCH v3 2/3] gssd: using syscalls directly to change thread's identity Olga Kornievskaia
2016-04-25 20:23 ` Jeff Layton [this message]
2016-04-25 21:34 ` Kornievskaia, Olga
2016-04-25 16:58 ` [PATCH v3 3/3] gssd: always call gss_krb5_ccache_name Olga Kornievskaia
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1461615792.4288.31.camel@poochiereds.net \
--to=jlayton@poochiereds.net \
--cc=kolga@netapp.com \
--cc=linux-nfs@vger.kernel.org \
--cc=steved@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).