From nobody Thu Apr 9 21:51:17 2026 Received: from esa2.hc2706-39.iphmx.com (esa2.hc2706-39.iphmx.com [216.71.152.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 33F8F3E1205 for ; Thu, 5 Mar 2026 17:19:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=216.71.152.49 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772731187; cv=none; b=qtzv7zwCXbJcJHGFySRmzpvkSGahrZiebhMvOYAfI2BI3KBpTy1h7S7E+Dfulke0jTtqyxBp9dQqQOOpY3hgjhOPwC+77czt2pDRrxgofhKFHqh1yY9mP34ziqpvK8+jC2UTSL/oftcGNOcxYrandhx42twGpwN5W2Ehy0pMxco= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772731187; c=relaxed/simple; bh=nRCrhUOIo63R9XkCJqU4KBz/K/cOwTCWSEb/cwYjjQ0=; h=Message-ID:Date:MIME-Version:To:Cc:From:Subject:Content-Type; b=o2YHgRUkvw+W9v8I5tCuZ+NfXBZkop0XMC3XS+oBZxTn9cOIhYwyAhSaLmGiQ7kMcWkyoIdCivX9ixUn9JXB8g43bks0SO/gxvrwlLGQ0NwbyU7ucPhH2Z6iSBoQrx+muWsSBg6DOmGACwY7S/havXetcuXhki+2u9sYXQcuQvs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=bu.edu; spf=pass smtp.mailfrom=bu.edu; dkim=pass (2048-bit key) header.d=bu.edu header.i=@bu.edu header.b=fVXwMvpU; arc=none smtp.client-ip=216.71.152.49 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=bu.edu Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=bu.edu Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=bu.edu header.i=@bu.edu header.b="fVXwMvpU" X-CSE-ConnectionGUID: c9yEydHqSR+NMzq+xnGGHw== X-CSE-MsgGUID: 8Q3pcgJ9RmGs3gx49EO7tg== Authentication-Results: ob1.hc2706-39.iphmx.com; dkim=pass (signature verified) header.i=@bu.edu; spf=SoftFail smtp.mailfrom=meak@bu.edu; dmarc=pass (p=reject dis=none) d=bu.edu X-IronPort-RemoteIP: 209.85.221.71 X-IronPort-MID: 117224992 X-IronPort-Reputation: None X-IronPort-Listener: OutgoingMail X-IronPort-SenderGroup: RELAY_GSUITE X-IronPort-MailFlowPolicy: $RELAYED IronPort-Data: A9a23:wesOvqB/IXYzgxVW/3viw5YqxClBgxIJ4kV8jS/XYbTApDN0gjcCx zMaWjjVaK2CZjPyfot3bY3k9EpTvZCHy4BjTANkpHpgcSl2pJueD7x1DKtR0wB+jCHnZBg6h ynLQoCYdKjYdleF+FH1dOSn9SAivU2xbuKUIPbePSxsThNTRi4kiBZy88Y0mYctitWia++3k YqaT/b3Zhn/gFaYDkpOs/jd8Eg34ayp0N8llgdWic5j7Qe2e0Y9Ucp3yZGZdxPQXoRSF+imc OfPpJnR1n/Z5RokFuS+mb/9dEAQKpaKVeRZoiMLM0QKqkEqSh0ai87XBtJFAatko2zhc+RK9 Tl4ncfYpTHFnEH7sL91vxFwS0mSNEDdkVPNCSHXXce7liUqf5ZwqhnH4Y5f0YAwo45K7W9yG fMwI2EcQwGPp/uN+vGdb/t1xdQlA+bLI9ZK0p1g5Wmx4fcORJnCR+DV/4Yd0mhpwM9JGvnaa owSbj8HgBboOUUefAdKTshkxaH33xETcBUBwL6Rja866mv7xhE33bTwWDbQUoXTGp8PwhfJ/ Aoq+UypO0oCP9O9mACA3Wn3if+TzA7cB54dQejQGvlCxQf7KnYoIBkXU0ar5Pq0kEizX/pBJ EEOvCkjt64/8AqsVNaVYvGjiHuNvxpZRMAJVuNlsUeCza3b5wvfDW8BJtJcVOEbWAYNbWVC/ neDgpXkCSEHjVFfYSn1Gmu8xd9qBRUoEA== IronPort-HdrOrdr: A9a23:nvGkba33B/7zA/APHXaFfAqjBFwkLtp133Aq2lEZdPU1SL3sqy nKpp8mPHDP+UUssG1Jo7290da7MA7hHPJOkPgs1M6ZPTUO4VHHEGgA1/qd/9SDIULDH4dmvM 8LT0EXMrHN5DNB/LTHCWeDYqYdKLXtytHWuQ6n9RdQpW4DUdAd0++1YjzraHGfp2F9dP8E/H j13Ls9m9JEEU5nDPhS4BE+Lov+TyairuOfXfbjbyRXjjVnaluTmdrH++Dx5GZ4b9u3qY1SiF T4rw== X-Talos-CUID: 9a23:y7UtnG0MO50a9bf4GuK7xLxfEZE0X2zR7G7rGQyeLHRwC62TZnCw5/Yx X-Talos-MUID: 9a23:J9Q6TwVB8GvaGKDq/G/V3ylpO+U52aGBExsCgclXlu7bKSMlbg== Received: from mail-wr1-f71.google.com ([209.85.221.71]) by ob1.hc2706-39.iphmx.com with ESMTP/TLS/TLS_AES_256_GCM_SHA384; 05 Mar 2026 12:18:36 -0500 Received: by mail-wr1-f71.google.com with SMTP id ffacd0b85a97d-439c2a0d821so2180072f8f.1 for ; Thu, 05 Mar 2026 09:18:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bu.edu; s=s1gsbu; t=1772731114; x=1773335914; darn=vger.kernel.org; h=content-transfer-encoding:subject:from:cc:to:content-language :user-agent:mime-version:date:message-id:from:to:cc:subject:date :message-id:reply-to; bh=8EqIu5SFRR2sREQtx13v2NfWyUgpLkm/lVxyfLzcX5A=; b=fVXwMvpUyOmdf8ex/reGgvj8cU/giZf0Y+J7LEhthhJMDc11rVRyTtIAOTL1PcLsZd nhHVOXesRfaCZn/kFWEBoIySMLNlbAOZ2uVIl/Tdk22HgoZxu/qws1NLThz9Fo6QWNbU +Dr7q7sAVZeXGpmwvq5mqhRcj7fPdB4BZWQ4tGs2lVvK0ZUEcZ6rW8Kk6QpG4hZjPqER iBNQottzsZKIvM9A1I+wQueeIJa3oJ2efG2J06Guic7yvKvskWszlnQ9gQS+dcWuO+Ep Q1ud58xmzUywXtcBVF57Tc7r7cTGYsOM53xVx0fF5wyR0wlPHANSugP9WDKmnzZktcEy wzGA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772731114; x=1773335914; h=content-transfer-encoding:subject:from:cc:to:content-language :user-agent:mime-version:date:message-id:x-gm-gg:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=8EqIu5SFRR2sREQtx13v2NfWyUgpLkm/lVxyfLzcX5A=; b=os4jCJnOHaJaiWAZzrPPyVB3ZcKuvrVJUeg7sVj33PtMIkCVqSgxt1mSQ5U7oULgJT Q0wlxZ1sh2I3rockpzbqsqrh8++U/VwQmluajvch/SU8ewgUZUF1NSMyLOFsRznN5X7+ BVun+TPAhTpWtAD7WhY6u9qwqmyNy4VBjGnM3Jne+zvg13UFATicYWrb3DVE7S60fqvA 3LYepctO2vL1kFY6HYgVXMRRKzn2f45lk2TUAs3L3nZjlewlqxuqSbzR53LQC6yBJ5W3 hUO+MtuicSZWuZs1pky++Hycn3/lFoHZk93iV/hflcnJARmdW9yyL+4Lk3126zT/KE9z FCTw== X-Gm-Message-State: AOJu0YyDh1b2QFZcWnjwIjjbbSCWpkAY2X+nX8X3p8G+GrtlMGpFrHEQ g6fHfvv9lB5pzltLbmr8xiQo71wPCIMx+mwZc5Lk/F9chikGgLr/o+SSBfQij0FtcWVuGfr7LHe eSfh7IaN4Iq6GIZSuoThSD2TeP7/X0j6ixKR4n/gpukFxrnaXgsGk8CGoNxrj7/TeGVV+vW3Si/ AJvRiceoWMJOnzxRDjSg== X-Gm-Gg: ATEYQzyoyOldmIog09Lo439Xj3pM253WinGx/jK/keYYhsKFsjHEuxRpWtwvYL5nNWF 4035jv3YGCVR7IeuFLK5ExwZrI3nBDbW+E8zAVQI550mRteYOdSX2T2uopDZ8LwUQ64xIZ+X5WJ UujN0GfblGdTH6SEBoi3TfJFsc2vxKSZ2i4q8823+G9Orwin8FMd3nfnQM5Oa64GmYQDmHmJX2C 1wMygba00X/bj8iHuB1nk4TkthSOkHfI9ne5jCw5I5s591/PaEEv7oOhj2gzhO+J1xThQotJUfD Y0rTG7fAtDcxYzn6B3Xzcd9zrbG3Gu2puROaY/ulv0m3l0VOaZFLBhKdIJfWff9bywa3xP1hE8W sY+VezW39A+p04pI= X-Received: by 2002:a05:6000:4027:b0:439:be66:1c84 with SMTP id ffacd0b85a97d-439c7fe36e5mr11290118f8f.43.1772731114480; Thu, 05 Mar 2026 09:18:34 -0800 (PST) X-Received: by 2002:a05:6000:4027:b0:439:be66:1c84 with SMTP id ffacd0b85a97d-439c7fe36e5mr11290042f8f.43.1772731113886; Thu, 05 Mar 2026 09:18:33 -0800 (PST) Received: from [192.168.1.111] ([176.240.164.75]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-439c6129017sm16643116f8f.31.2026.03.05.09.18.32 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 05 Mar 2026 09:18:33 -0800 (PST) Message-ID: Date: Thu, 5 Mar 2026 12:18:31 -0500 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Content-Language: en-US To: linux-kernel@vger.kernel.org Cc: bsingharora@gmail.com From: Mehmet Akbulut Subject: [PATCH] taskstats: allow query for ptrace-able tasks Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Taskstats netlink interface requires CAP_NET_ADMIN which prevents unprivileged users from accessing statistics of their own processes. procfs interface already allows unprivileged access via ptrace check. Prior to CAP_NET_ADMIN check was added in v3.1, taskstats was unsecured. Although this check was a major improvement, it wasn't optimal because now system administrators had to expose unnecessary network management capability to process monitoring software. This patch aligns taskstats permissions with procfs to permit use of taskstats for processes that one could already trace. GENL_ADMIN_PERM is removed from TASKSTATS_CMD_GET op, instead each command attribute does its own validation. _ATTR_PID and _ATTR_TGID require the caller to have either CAP_NET_ADMIN in init namespace or ptrace access to target task. _ATTR_REGISTER_CPUMASK and _ATTR_DEREGISTER_CPUMASK continue to require CAP_NET_ADMIN in init namespace as before. Permissions weren't loosened in this case to avoid any regression due to ptrace checks for every task exit. Signed-off-by: Mehmet Akbulut --- kernel/taskstats.c | 47 ++++++++++++++++++++++++++++++++-------------- 1 file changed, 33 insertions(+), 14 deletions(-) diff --git a/kernel/taskstats.c b/kernel/taskstats.c index 0cd680ccc7e5..b3bdba67af45 100644 --- a/kernel/taskstats.c +++ b/kernel/taskstats.c @@ -22,6 +22,8 @@ #include #include #include +#include +#include =20 /* * Maximum length of a cpumask that can be specified in @@ -198,19 +200,24 @@ static void fill_stats(struct user_namespace *user_ns, exe_add_tsk(stats, tsk); } =20 -static int fill_stats_for_pid(pid_t pid, struct taskstats *stats) +static int fill_stats_for_pid(struct sk_buff *skb, pid_t pid, struct tasks= tats *stats) { struct task_struct *tsk; =20 tsk =3D find_get_task_by_vpid(pid); if (!tsk) return -ESRCH; + if (!(netlink_capable(skb, CAP_NET_ADMIN) || + ptrace_may_access(tsk, PTRACE_MODE_READ_FSCREDS))) { + put_task_struct(tsk); + return -EPERM; + } fill_stats(current_user_ns(), task_active_pid_ns(current), tsk, stats); put_task_struct(tsk); return 0; } =20 -static int fill_stats_for_tgid(pid_t tgid, struct taskstats *stats) +static int fill_stats_for_tgid(struct sk_buff *skb, pid_t tgid, struct tas= kstats *stats) { struct task_struct *tsk, *first; unsigned long flags; @@ -225,7 +232,14 @@ static int fill_stats_for_tgid(pid_t tgid, struct task= stats *stats) rcu_read_lock(); first =3D find_task_by_vpid(tgid); =20 - if (!first || !lock_task_sighand(first, &flags)) + if (!first) + goto out; + if (!(netlink_capable(skb, CAP_NET_ADMIN) || + ptrace_may_access(first, PTRACE_MODE_READ_FSCREDS))) { + rc =3D -EPERM; + goto out; + } + if (!lock_task_sighand(first, &flags)) goto out; =20 if (first->signal->stats) @@ -447,11 +461,14 @@ static int cgroupstats_user_cmd(struct sk_buff *skb, = struct genl_info *info) return send_reply(rep_skb, info); } =20 -static int cmd_attr_register_cpumask(struct genl_info *info) +static int cmd_attr_register_cpumask(struct sk_buff *skb, struct genl_info= *info) { cpumask_var_t mask; int rc; =20 + if (!netlink_capable(skb, CAP_NET_ADMIN)) + return -EPERM; + if (!alloc_cpumask_var(&mask, GFP_KERNEL)) return -ENOMEM; rc =3D parse(info->attrs[TASKSTATS_CMD_ATTR_REGISTER_CPUMASK], mask); @@ -463,11 +480,14 @@ static int cmd_attr_register_cpumask(struct genl_info= *info) return rc; } =20 -static int cmd_attr_deregister_cpumask(struct genl_info *info) +static int cmd_attr_deregister_cpumask(struct sk_buff *skb, struct genl_in= fo *info) { cpumask_var_t mask; int rc; =20 + if (!netlink_capable(skb, CAP_NET_ADMIN)) + return -EPERM; + if (!alloc_cpumask_var(&mask, GFP_KERNEL)) return -ENOMEM; rc =3D parse(info->attrs[TASKSTATS_CMD_ATTR_DEREGISTER_CPUMASK], mask); @@ -490,7 +510,7 @@ static size_t taskstats_packet_size(void) return size; } =20 -static int cmd_attr_pid(struct genl_info *info) +static int cmd_attr_pid(struct sk_buff *skb, struct genl_info *info) { struct taskstats *stats; struct sk_buff *rep_skb; @@ -510,7 +530,7 @@ static int cmd_attr_pid(struct genl_info *info) if (!stats) goto err; =20 - rc =3D fill_stats_for_pid(pid, stats); + rc =3D fill_stats_for_pid(skb, pid, stats); if (rc < 0) goto err; return send_reply(rep_skb, info); @@ -519,7 +539,7 @@ static int cmd_attr_pid(struct genl_info *info) return rc; } =20 -static int cmd_attr_tgid(struct genl_info *info) +static int cmd_attr_tgid(struct sk_buff *skb, struct genl_info *info) { struct taskstats *stats; struct sk_buff *rep_skb; @@ -539,7 +559,7 @@ static int cmd_attr_tgid(struct genl_info *info) if (!stats) goto err; =20 - rc =3D fill_stats_for_tgid(tgid, stats); + rc =3D fill_stats_for_tgid(skb, tgid, stats); if (rc < 0) goto err; return send_reply(rep_skb, info); @@ -551,13 +571,13 @@ static int cmd_attr_tgid(struct genl_info *info) static int taskstats_user_cmd(struct sk_buff *skb, struct genl_info *info) { if (info->attrs[TASKSTATS_CMD_ATTR_REGISTER_CPUMASK]) - return cmd_attr_register_cpumask(info); + return cmd_attr_register_cpumask(skb, info); else if (info->attrs[TASKSTATS_CMD_ATTR_DEREGISTER_CPUMASK]) - return cmd_attr_deregister_cpumask(info); + return cmd_attr_deregister_cpumask(skb, info); else if (info->attrs[TASKSTATS_CMD_ATTR_PID]) - return cmd_attr_pid(info); + return cmd_attr_pid(skb, info); else if (info->attrs[TASKSTATS_CMD_ATTR_TGID]) - return cmd_attr_tgid(info); + return cmd_attr_tgid(skb, info); else return -EINVAL; } @@ -664,7 +684,6 @@ static const struct genl_ops taskstats_ops[] =3D { .doit =3D taskstats_user_cmd, .policy =3D taskstats_cmd_get_policy, .maxattr =3D ARRAY_SIZE(taskstats_cmd_get_policy) - 1, - .flags =3D GENL_ADMIN_PERM, }, { .cmd =3D CGROUPSTATS_CMD_GET, --=20 2.34.1