[gentoo-commits] repo/gentoo:master commit in: sys-kernel/pf-sources/files/ - gentoo-commits

From:	Michael Palimaka <kensington@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: sys-kernel/pf-sources/files/
Date:	Wed, 06 Dec 2017 13:31:26
Message-Id:	`1512567073.b7b560b99d6b1da4f515659aa461c35f5ee218b4.kensington@gentoo`

1

commit:     b7b560b99d6b1da4f515659aa461c35f5ee218b4

2

Author:     Michael Mair-Keimberger <m.mairkeimberger <AT> gmail <DOT> com>

3

AuthorDate: Fri Dec  1 15:59:06 2017 +0000

4

Commit:     Michael Palimaka <kensington <AT> gentoo <DOT> org>

5

CommitDate: Wed Dec  6 13:31:13 2017 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b7b560b9

7

8

sys-kernel/pf-sources: remove unused patch

9

10

Closes: https://github.com/gentoo/gentoo/pull/6379

11

12

 .../files/2100_proc-mem-handling-fix.patch         | 270 ---------------------

13

 1 file changed, 270 deletions(-)

14

15

diff --git a/sys-kernel/pf-sources/files/2100_proc-mem-handling-fix.patch b/sys-kernel/pf-sources/files/2100_proc-mem-handling-fix.patch

16

deleted file mode 100644

17

index c32934daf89..00000000000

18

--- a/sys-kernel/pf-sources/files/2100_proc-mem-handling-fix.patch

19

+++ /dev/null

20

@@ -1,270 +0,0 @@

21

-From e268337dfe26dfc7efd422a804dbb27977a3cccc Mon Sep 17 00:00:00 2001

22

-From: Linus Torvalds <torvalds@××××××××××××××××.org>

23

-Date: Tue, 17 Jan 2012 15:21:19 -0800

24

-Subject: proc: clean up and fix /proc/<pid>/mem handling

25

-MIME-Version: 1.0

26

-Content-Type: text/plain; charset=UTF-8

27

-Content-Transfer-Encoding: 8bit

28

-

29

-From: Linus Torvalds <torvalds@××××××××××××××××.org>

30

-

31

-commit e268337dfe26dfc7efd422a804dbb27977a3cccc upstream.

32

-

33

-Jüri Aedla reported that the /proc/<pid>/mem handling really isn't very

34

-robust, and it also doesn't match the permission checking of any of the

35

-other related files.

36

-

37

-This changes it to do the permission checks at open time, and instead of

38

-tracking the process, it tracks the VM at the time of the open.  That

39

-simplifies the code a lot, but does mean that if you hold the file

40

-descriptor open over an execve(), you'll continue to read from the _old_

41

-VM.

42

-

43

-That is different from our previous behavior, but much simpler.  If

44

-somebody actually finds a load where this matters, we'll need to revert

45

-this commit.

46

-

47

-I suspect that nobody will ever notice - because the process mapping

48

-addresses will also have changed as part of the execve.  So you cannot

49

-actually usefully access the fd across a VM change simply because all

50

-the offsets for IO would have changed too.

51

-

52

-Reported-by: Jüri Aedla <asd@××.ee>

53

-Cc: Al Viro <viro@×××××××××××××××.uk>

54

-Signed-off-by: Linus Torvalds <torvalds@××××××××××××××××.org>

55

-Signed-off-by: Greg Kroah-Hartman <gregkh@××××.de>

56

-

57

----

58

- fs/proc/base.c |  145 +++++++++++++++------------------------------------------

59

- 1 file changed, 39 insertions(+), 106 deletions(-)

60

-

61

---- a/fs/proc/base.c

62

-+++ b/fs/proc/base.c

63

-@@ -194,65 +194,7 @@ static int proc_root_link(struct inode *

64

- 	return result;

65

- }

66

-

67

--static struct mm_struct *__check_mem_permission(struct task_struct *task)

68

--{

69

--	struct mm_struct *mm;

70

--

71

--	mm = get_task_mm(task);

72

--	if (!mm)

73

--		return ERR_PTR(-EINVAL);

74

--

75

--	/*

76

--	 * A task can always look at itself, in case it chooses

77

--	 * to use system calls instead of load instructions.

78

--	 */

79

--	if (task == current)

80

--		return mm;

81

--

82

--	/*

83

--	 * If current is actively ptrace'ing, and would also be

84

--	 * permitted to freshly attach with ptrace now, permit it.

85

--	 */

86

--	if (task_is_stopped_or_traced(task)) {

87

--		int match;

88

--		rcu_read_lock();

89

--		match = (ptrace_parent(task) == current);

90

--		rcu_read_unlock();

91

--		if (match && ptrace_may_access(task, PTRACE_MODE_ATTACH))

92

--			return mm;

93

--	}

94

--

95

--	/*

96

--	 * No one else is allowed.

97

--	 */

98

--	mmput(mm);

99

--	return ERR_PTR(-EPERM);

100

--}

101

--

102

--/*

103

-- * If current may access user memory in @task return a reference to the

104

-- * corresponding mm, otherwise ERR_PTR.

105

-- */

106

--static struct mm_struct *check_mem_permission(struct task_struct *task)

107

--{

108

--	struct mm_struct *mm;

109

--	int err;

110

--

111

--	/*

112

--	 * Avoid racing if task exec's as we might get a new mm but validate

113

--	 * against old credentials.

114

--	 */

115

--	err = mutex_lock_killable(&task->signal->cred_guard_mutex);

116

--	if (err)

117

--		return ERR_PTR(err);

118

--

119

--	mm = __check_mem_permission(task);

120

--	mutex_unlock(&task->signal->cred_guard_mutex);

121

--

122

--	return mm;

123

--}

124

--

125

--struct mm_struct *mm_for_maps(struct task_struct *task)

126

-+static struct mm_struct *mm_access(struct task_struct *task, unsigned int mode)

127

- {

128

- 	struct mm_struct *mm;

129

- 	int err;

130

-@@ -263,7 +205,7 @@ struct mm_struct *mm_for_maps(struct tas

131

-

132

- 	mm = get_task_mm(task);

133

- 	if (mm && mm != current->mm &&

134

--			!ptrace_may_access(task, PTRACE_MODE_READ)) {

135

-+			!ptrace_may_access(task, mode)) {

136

- 		mmput(mm);

137

- 		mm = ERR_PTR(-EACCES);

138

- 	}

139

-@@ -272,6 +214,11 @@ struct mm_struct *mm_for_maps(struct tas

140

- 	return mm;

141

- }

142

-

143

-+struct mm_struct *mm_for_maps(struct task_struct *task)

144

-+{

145

-+	return mm_access(task, PTRACE_MODE_READ);

146

-+}

147

-+

148

- static int proc_pid_cmdline(struct task_struct *task, char * buffer)

149

- {

150

- 	int res = 0;

151

-@@ -816,38 +763,39 @@ static const struct file_operations proc

152

-

153

- static int mem_open(struct inode* inode, struct file* file)

154

- {

155

--	file->private_data = (void*)((long)current->self_exec_id);

156

-+	struct task_struct *task = get_proc_task(file->f_path.dentry->d_inode);

157

-+	struct mm_struct *mm;

158

-+

159

-+	if (!task)

160

-+		return -ESRCH;

161

-+

162

-+	mm = mm_access(task, PTRACE_MODE_ATTACH);

163

-+	put_task_struct(task);

164

-+

165

-+	if (IS_ERR(mm))

166

-+		return PTR_ERR(mm);

167

-+

168

- 	/* OK to pass negative loff_t, we can catch out-of-range */

169

- 	file->f_mode |= FMODE_UNSIGNED_OFFSET;

170

-+	file->private_data = mm;

171

-+

172

- 	return 0;

173

- }

174

-

175

- static ssize_t mem_read(struct file * file, char __user * buf,

176

- 			size_t count, loff_t *ppos)

177

- {

178

--	struct task_struct *task = get_proc_task(file->f_path.dentry->d_inode);

179

-+	int ret;

180

- 	char *page;

181

- 	unsigned long src = *ppos;

182

--	int ret = -ESRCH;

183

--	struct mm_struct *mm;

184

-+	struct mm_struct *mm = file->private_data;

185

-

186

--	if (!task)

187

--		goto out_no_task;

188

-+	if (!mm)

189

-+		return 0;

190

-

191

--	ret = -ENOMEM;

192

- 	page = (char *)__get_free_page(GFP_TEMPORARY);

193

- 	if (!page)

194

--		goto out;

195

--

196

--	mm = check_mem_permission(task);

197

--	ret = PTR_ERR(mm);

198

--	if (IS_ERR(mm))

199

--		goto out_free;

200

--

201

--	ret = -EIO;

202

--

203

--	if (file->private_data != (void*)((long)current->self_exec_id))

204

--		goto out_put;

205

-+		return -ENOMEM;

206

-

207

- 	ret = 0;

208

-

209

-@@ -874,13 +822,7 @@ static ssize_t mem_read(struct file * fi

210

- 	}

211

- 	*ppos = src;

212

-

213

--out_put:

214

--	mmput(mm);

215

--out_free:

216

- 	free_page((unsigned long) page);

217

--out:

218

--	put_task_struct(task);

219

--out_no_task:

220

- 	return ret;

221

- }

222

-

223

-@@ -889,27 +831,15 @@ static ssize_t mem_write(struct file * f

224

- {

225

- 	int copied;

226

- 	char *page;

227

--	struct task_struct *task = get_proc_task(file->f_path.dentry->d_inode);

228

- 	unsigned long dst = *ppos;

229

--	struct mm_struct *mm;

230

-+	struct mm_struct *mm = file->private_data;

231

-

232

--	copied = -ESRCH;

233

--	if (!task)

234

--		goto out_no_task;

235

-+	if (!mm)

236

-+		return 0;

237

-

238

--	copied = -ENOMEM;

239

- 	page = (char *)__get_free_page(GFP_TEMPORARY);

240

- 	if (!page)

241

--		goto out_task;

242

--

243

--	mm = check_mem_permission(task);

244

--	copied = PTR_ERR(mm);

245

--	if (IS_ERR(mm))

246

--		goto out_free;

247

--

248

--	copied = -EIO;

249

--	if (file->private_data != (void *)((long)current->self_exec_id))

250

--		goto out_mm;

251

-+		return -ENOMEM;

252

-

253

- 	copied = 0;

254

- 	while (count > 0) {

255

-@@ -933,13 +863,7 @@ static ssize_t mem_write(struct file * f

256

- 	}

257

- 	*ppos = dst;

258

-

259

--out_mm:

260

--	mmput(mm);

261

--out_free:

262

- 	free_page((unsigned long) page);

263

--out_task:

264

--	put_task_struct(task);

265

--out_no_task:

266

- 	return copied;

267

- }

268

-

269

-@@ -959,11 +883,20 @@ loff_t mem_lseek(struct file *file, loff

270

- 	return file->f_pos;

271

- }

272

-

273

-+static int mem_release(struct inode *inode, struct file *file)

274

-+{

275

-+	struct mm_struct *mm = file->private_data;

276

-+

277

-+	mmput(mm);

278

-+	return 0;

279

-+}

280

-+

281

- static const struct file_operations proc_mem_operations = {

282

- 	.llseek		= mem_lseek,

283

- 	.read		= mem_read,

284

- 	.write		= mem_write,

285

- 	.open		= mem_open,

286

-+	.release	= mem_release,

287

- };

288

-

289

- static ssize_t environ_read(struct file *file, char __user *buf,

290

-

1	commit: b7b560b99d6b1da4f515659aa461c35f5ee218b4
2	Author: Michael Mair-Keimberger <m.mairkeimberger <AT> gmail <DOT> com>
3	AuthorDate: Fri Dec 1 15:59:06 2017 +0000
4	Commit: Michael Palimaka <kensington <AT> gentoo <DOT> org>
5	CommitDate: Wed Dec 6 13:31:13 2017 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b7b560b9
7
8	sys-kernel/pf-sources: remove unused patch
9
10	Closes: https://github.com/gentoo/gentoo/pull/6379
11
12	.../files/2100_proc-mem-handling-fix.patch \| 270 ---------------------
13	1 file changed, 270 deletions(-)
14
15	diff --git a/sys-kernel/pf-sources/files/2100_proc-mem-handling-fix.patch b/sys-kernel/pf-sources/files/2100_proc-mem-handling-fix.patch
16	deleted file mode 100644
17	index c32934daf89..00000000000
18	--- a/sys-kernel/pf-sources/files/2100_proc-mem-handling-fix.patch
19	+++ /dev/null
20	@@ -1,270 +0,0 @@
21	-From e268337dfe26dfc7efd422a804dbb27977a3cccc Mon Sep 17 00:00:00 2001
22	-From: Linus Torvalds <torvalds@××××××××××××××××.org>
23	-Date: Tue, 17 Jan 2012 15:21:19 -0800
24	-Subject: proc: clean up and fix /proc/<pid>/mem handling
25	-MIME-Version: 1.0
26	-Content-Type: text/plain; charset=UTF-8
27	-Content-Transfer-Encoding: 8bit
28	-
29	-From: Linus Torvalds <torvalds@××××××××××××××××.org>
30	-
31	-commit e268337dfe26dfc7efd422a804dbb27977a3cccc upstream.
32	-
33	-Jüri Aedla reported that the /proc/<pid>/mem handling really isn't very
34	-robust, and it also doesn't match the permission checking of any of the
35	-other related files.
36	-
37	-This changes it to do the permission checks at open time, and instead of
38	-tracking the process, it tracks the VM at the time of the open. That
39	-simplifies the code a lot, but does mean that if you hold the file
40	-descriptor open over an execve(), you'll continue to read from the _old_
41	-VM.
42	-
43	-That is different from our previous behavior, but much simpler. If
44	-somebody actually finds a load where this matters, we'll need to revert
45	-this commit.
46	-
47	-I suspect that nobody will ever notice - because the process mapping
48	-addresses will also have changed as part of the execve. So you cannot
49	-actually usefully access the fd across a VM change simply because all
50	-the offsets for IO would have changed too.
51	-
52	-Reported-by: Jüri Aedla <asd@××.ee>
53	-Cc: Al Viro <viro@×××××××××××××××.uk>
54	-Signed-off-by: Linus Torvalds <torvalds@××××××××××××××××.org>
55	-Signed-off-by: Greg Kroah-Hartman <gregkh@××××.de>
56	-
57	----
58	- fs/proc/base.c \| 145 +++++++++++++++------------------------------------------
59	- 1 file changed, 39 insertions(+), 106 deletions(-)
60	-
61	---- a/fs/proc/base.c
62	-+++ b/fs/proc/base.c
63	-@@ -194,65 +194,7 @@ static int proc_root_link(struct inode *
64	- return result;
65	- }
66	-
67	--static struct mm_struct __check_mem_permission(struct task_struct task)
68	--{
69	-- struct mm_struct *mm;
70	--
71	-- mm = get_task_mm(task);
72	-- if (!mm)
73	-- return ERR_PTR(-EINVAL);
74	--
75	-- /*
76	-- * A task can always look at itself, in case it chooses
77	-- * to use system calls instead of load instructions.
78	-- */
79	-- if (task == current)
80	-- return mm;
81	--
82	-- /*
83	-- * If current is actively ptrace'ing, and would also be
84	-- * permitted to freshly attach with ptrace now, permit it.
85	-- */
86	-- if (task_is_stopped_or_traced(task)) {
87	-- int match;
88	-- rcu_read_lock();
89	-- match = (ptrace_parent(task) == current);
90	-- rcu_read_unlock();
91	-- if (match && ptrace_may_access(task, PTRACE_MODE_ATTACH))
92	-- return mm;
93	-- }
94	--
95	-- /*
96	-- * No one else is allowed.
97	-- */
98	-- mmput(mm);
99	-- return ERR_PTR(-EPERM);
100	--}
101	--
102	--/*
103	-- * If current may access user memory in @task return a reference to the
104	-- * corresponding mm, otherwise ERR_PTR.
105	-- */
106	--static struct mm_struct check_mem_permission(struct task_struct task)
107	--{
108	-- struct mm_struct *mm;
109	-- int err;
110	--
111	-- /*
112	-- * Avoid racing if task exec's as we might get a new mm but validate
113	-- * against old credentials.
114	-- */
115	-- err = mutex_lock_killable(&task->signal->cred_guard_mutex);
116	-- if (err)
117	-- return ERR_PTR(err);
118	--
119	-- mm = __check_mem_permission(task);
120	-- mutex_unlock(&task->signal->cred_guard_mutex);
121	--
122	-- return mm;
123	--}
124	--
125	--struct mm_struct mm_for_maps(struct task_struct task)
126	-+static struct mm_struct mm_access(struct task_struct task, unsigned int mode)
127	- {
128	- struct mm_struct *mm;
129	- int err;
130	-@@ -263,7 +205,7 @@ struct mm_struct *mm_for_maps(struct tas
131	-
132	- mm = get_task_mm(task);
133	- if (mm && mm != current->mm &&
134	-- !ptrace_may_access(task, PTRACE_MODE_READ)) {
135	-+ !ptrace_may_access(task, mode)) {
136	- mmput(mm);
137	- mm = ERR_PTR(-EACCES);
138	- }
139	-@@ -272,6 +214,11 @@ struct mm_struct *mm_for_maps(struct tas
140	- return mm;
141	- }
142	-
143	-+struct mm_struct mm_for_maps(struct task_struct task)
144	-+{
145	-+ return mm_access(task, PTRACE_MODE_READ);
146	-+}
147	-+
148	- static int proc_pid_cmdline(struct task_struct task, char buffer)
149	- {
150	- int res = 0;
151	-@@ -816,38 +763,39 @@ static const struct file_operations proc
152	-
153	- static int mem_open(struct inode* inode, struct file* file)
154	- {
155	-- file->private_data = (void*)((long)current->self_exec_id);
156	-+ struct task_struct *task = get_proc_task(file->f_path.dentry->d_inode);
157	-+ struct mm_struct *mm;
158	-+
159	-+ if (!task)
160	-+ return -ESRCH;
161	-+
162	-+ mm = mm_access(task, PTRACE_MODE_ATTACH);
163	-+ put_task_struct(task);
164	-+
165	-+ if (IS_ERR(mm))
166	-+ return PTR_ERR(mm);
167	-+
168	- /* OK to pass negative loff_t, we can catch out-of-range */
169	- file->f_mode \|= FMODE_UNSIGNED_OFFSET;
170	-+ file->private_data = mm;
171	-+
172	- return 0;
173	- }
174	-
175	- static ssize_t mem_read(struct file * file, char __user * buf,
176	- size_t count, loff_t *ppos)
177	- {
178	-- struct task_struct *task = get_proc_task(file->f_path.dentry->d_inode);
179	-+ int ret;
180	- char *page;
181	- unsigned long src = *ppos;
182	-- int ret = -ESRCH;
183	-- struct mm_struct *mm;
184	-+ struct mm_struct *mm = file->private_data;
185	-
186	-- if (!task)
187	-- goto out_no_task;
188	-+ if (!mm)
189	-+ return 0;
190	-
191	-- ret = -ENOMEM;
192	- page = (char *)__get_free_page(GFP_TEMPORARY);
193	- if (!page)
194	-- goto out;
195	--
196	-- mm = check_mem_permission(task);
197	-- ret = PTR_ERR(mm);
198	-- if (IS_ERR(mm))
199	-- goto out_free;
200	--
201	-- ret = -EIO;
202	--
203	-- if (file->private_data != (void*)((long)current->self_exec_id))
204	-- goto out_put;
205	-+ return -ENOMEM;
206	-
207	- ret = 0;
208	-
209	-@@ -874,13 +822,7 @@ static ssize_t mem_read(struct file * fi
210	- }
211	- *ppos = src;
212	-
213	--out_put:
214	-- mmput(mm);
215	--out_free:
216	- free_page((unsigned long) page);
217	--out:
218	-- put_task_struct(task);
219	--out_no_task:
220	- return ret;
221	- }
222	-
223	-@@ -889,27 +831,15 @@ static ssize_t mem_write(struct file * f
224	- {
225	- int copied;
226	- char *page;
227	-- struct task_struct *task = get_proc_task(file->f_path.dentry->d_inode);
228	- unsigned long dst = *ppos;
229	-- struct mm_struct *mm;
230	-+ struct mm_struct *mm = file->private_data;
231	-
232	-- copied = -ESRCH;
233	-- if (!task)
234	-- goto out_no_task;
235	-+ if (!mm)
236	-+ return 0;
237	-
238	-- copied = -ENOMEM;
239	- page = (char *)__get_free_page(GFP_TEMPORARY);
240	- if (!page)
241	-- goto out_task;
242	--
243	-- mm = check_mem_permission(task);
244	-- copied = PTR_ERR(mm);
245	-- if (IS_ERR(mm))
246	-- goto out_free;
247	--
248	-- copied = -EIO;
249	-- if (file->private_data != (void *)((long)current->self_exec_id))
250	-- goto out_mm;
251	-+ return -ENOMEM;
252	-
253	- copied = 0;
254	- while (count > 0) {
255	-@@ -933,13 +863,7 @@ static ssize_t mem_write(struct file * f
256	- }
257	- *ppos = dst;
258	-
259	--out_mm:
260	-- mmput(mm);
261	--out_free:
262	- free_page((unsigned long) page);
263	--out_task:
264	-- put_task_struct(task);
265	--out_no_task:
266	- return copied;
267	- }
268	-
269	-@@ -959,11 +883,20 @@ loff_t mem_lseek(struct file *file, loff
270	- return file->f_pos;
271	- }
272	-
273	-+static int mem_release(struct inode inode, struct file file)
274	-+{
275	-+ struct mm_struct *mm = file->private_data;
276	-+
277	-+ mmput(mm);
278	-+ return 0;
279	-+}
280	-+
281	- static const struct file_operations proc_mem_operations = {
282	- .llseek = mem_lseek,
283	- .read = mem_read,
284	- .write = mem_write,
285	- .open = mem_open,
286	-+ .release = mem_release,
287	- };
288	-
289	- static ssize_t environ_read(struct file file, char __user buf,
290	-

Gentoo Archives: gentoo-commits