mm/mempolicy: kernel_migrate_pages: fix race between security checks and suid exec

[PATCH 0/4] mm/mempolicy: kernel_migrate_pages: fix race between security checks and suid exec

Posted by Oleg Nesterov 2 weeks, 1 day ago

Hello,

Sorry, I have no idea how to test these changes. Please review.
Hopefully sashiko.dev will take a look too ;)

find_mm_struct() has the same problem, will send a patch tomorrow.
Unless you tell me this race doesn't need a fix.

Oleg.
---

 mm/mempolicy.c | 53 +++++++++++++++++++++++++----------------------------
 1 file changed, 25 insertions(+), 28 deletions(-)

Re: [PATCH 0/4] mm/mempolicy: kernel_migrate_pages: fix race between security checks and suid exec

Posted by Oleg Nesterov 2 weeks, 1 day ago

On 05/24, Oleg Nesterov wrote:
>
> Hopefully sashiko.dev will take a look too ;)

See https://sashiko.dev/#/patchset/ahMt6xyUNnacZU8-%40redhat.com
Thanks Sashiko, let me reply.

As for reply to 3/4:

	I honestly think this is not a problem... but a) I will think
	again, and b) I rely on review from mm experts anyway.

	The main motivation for this patch is that we can create a common
	helper for find_mm_struct() and kernel_migrate_pages(), but it is
	not strictly necessary.

As for reply to 4/4:

	Yes! And I have already mentioned this in 0/4 and in the previous
	discussions.

	Plus (say) proc_coredump_filter_write() which relies on the open-time
	checks and don't use ptrace_may_access() at all. This looks wrong.

	But this need other changes/discussions, so I think we can ignore this
	comment.

Oleg.