diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2017-12-06 18:23:20 +0000 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2017-12-06 18:23:20 +0000 |
commit | d37b97a25b8b10f748eead6574b01f893f140b01 (patch) | |
tree | 13e2a142a31cd193a39c63042a64cab29a1f7ae9 /sys-kernel/pf-sources | |
parent | a833e3f4a431b8eea751b7420e127787f9c92117 (diff) |
gentoo resync : 06.12.2017
Diffstat (limited to 'sys-kernel/pf-sources')
-rw-r--r-- | sys-kernel/pf-sources/Manifest | 1 | ||||
-rw-r--r-- | sys-kernel/pf-sources/files/2100_proc-mem-handling-fix.patch | 270 |
2 files changed, 0 insertions, 271 deletions
diff --git a/sys-kernel/pf-sources/Manifest b/sys-kernel/pf-sources/Manifest index 894a0afe3301..ad1c5c7a3384 100644 --- a/sys-kernel/pf-sources/Manifest +++ b/sys-kernel/pf-sources/Manifest @@ -1,4 +1,3 @@ -AUX 2100_proc-mem-handling-fix.patch 6683 BLAKE2B f903eb437f2251c06d61b0618bfc5e9b930dbe9afb810efb7953d6fa90b5ac57eb0e528ba8d865c82f31541200b1274d14f2b188202de55e264ec5b5a0043fa5 SHA512 4746b1706cbd1fc2066b3b4a4cdcced65c65072f93f7e8d711841fb49c670455b17fbd6d74f4c7b33f5a75cb36dee503f48a68bc0d99c01d135876b035ad0bcc DIST linux-4.10.tar.xz 94231404 SHA256 3c95d9f049bd085e5c346d2c77f063b8425f191460fcd3ae9fe7e94e0477dc4b SHA512 c3690125a8402df638095bd98a613fcf1a257b81de7611c84711d315cd11e2634ab4636302b3742aedf1e3ba9ce0fea53fe8c7d48e37865d8ee5db3565220d90 WHIRLPOOL 86d021bae2dbfc4ef80c22d9e886bed4fbd9476473a2851d7beaf8ed0c7f7fbc1fa0da230eb9e763eb231b7c164c17b2a73fd336ab233543f57be280d6173738 DIST linux-4.11.tar.xz 95447768 SHA256 b67ecafd0a42b3383bf4d82f0850cbff92a7e72a215a6d02f42ddbafcf42a7d6 SHA512 6610eed97ffb7207c71771198c36179b8244ace7222bebb109507720e26c5f17d918079a56d5febdd8605844d67fb2df0ebe910fa2f2f53690daf6e2a8ad09c3 WHIRLPOOL f577b7c5c209cb8dfef2f1d56d77314fbd53323743a34b900e2559ab0049b7c2d6262bda136dd3d005bc0527788106e0484e46558448a8720dac389a969e5886 DIST linux-4.13.tar.xz 100579888 SHA256 2db3d6066c3ad93eb25b973a3d2951e022a7e975ee2fa7cbe5bddf84d9a49a2c SHA512 a557c2f0303ae618910b7106ff63d9978afddf470f03cb72aa748213e099a0ecd5f3119aea6cbd7b61df30ca6ef3ec57044d524b7babbaabddf8b08b8bafa7d2 WHIRLPOOL d3d332e02cd3c5056c76c28cf1f81504c6f7b8f2caed7238e7dd7866747fb03154b88d8d7aec4d0eddf5760624bc7d6c5485fb52a3e32d098a2742eba96c0d05 diff --git a/sys-kernel/pf-sources/files/2100_proc-mem-handling-fix.patch b/sys-kernel/pf-sources/files/2100_proc-mem-handling-fix.patch deleted file mode 100644 index c32934daf899..000000000000 --- a/sys-kernel/pf-sources/files/2100_proc-mem-handling-fix.patch +++ /dev/null @@ -1,270 +0,0 @@ -From e268337dfe26dfc7efd422a804dbb27977a3cccc Mon Sep 17 00:00:00 2001 -From: Linus Torvalds <torvalds@linux-foundation.org> -Date: Tue, 17 Jan 2012 15:21:19 -0800 -Subject: proc: clean up and fix /proc/<pid>/mem handling -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -From: Linus Torvalds <torvalds@linux-foundation.org> - -commit e268337dfe26dfc7efd422a804dbb27977a3cccc upstream. - -Jüri Aedla reported that the /proc/<pid>/mem handling really isn't very -robust, and it also doesn't match the permission checking of any of the -other related files. - -This changes it to do the permission checks at open time, and instead of -tracking the process, it tracks the VM at the time of the open. That -simplifies the code a lot, but does mean that if you hold the file -descriptor open over an execve(), you'll continue to read from the _old_ -VM. - -That is different from our previous behavior, but much simpler. If -somebody actually finds a load where this matters, we'll need to revert -this commit. - -I suspect that nobody will ever notice - because the process mapping -addresses will also have changed as part of the execve. So you cannot -actually usefully access the fd across a VM change simply because all -the offsets for IO would have changed too. - -Reported-by: Jüri Aedla <asd@ut.ee> -Cc: Al Viro <viro@zeniv.linux.org.uk> -Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> -Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> - ---- - fs/proc/base.c | 145 +++++++++++++++------------------------------------------ - 1 file changed, 39 insertions(+), 106 deletions(-) - ---- a/fs/proc/base.c -+++ b/fs/proc/base.c -@@ -194,65 +194,7 @@ static int proc_root_link(struct inode * - return result; - } - --static struct mm_struct *__check_mem_permission(struct task_struct *task) --{ -- struct mm_struct *mm; -- -- mm = get_task_mm(task); -- if (!mm) -- return ERR_PTR(-EINVAL); -- -- /* -- * A task can always look at itself, in case it chooses -- * to use system calls instead of load instructions. -- */ -- if (task == current) -- return mm; -- -- /* -- * If current is actively ptrace'ing, and would also be -- * permitted to freshly attach with ptrace now, permit it. -- */ -- if (task_is_stopped_or_traced(task)) { -- int match; -- rcu_read_lock(); -- match = (ptrace_parent(task) == current); -- rcu_read_unlock(); -- if (match && ptrace_may_access(task, PTRACE_MODE_ATTACH)) -- return mm; -- } -- -- /* -- * No one else is allowed. -- */ -- mmput(mm); -- return ERR_PTR(-EPERM); --} -- --/* -- * If current may access user memory in @task return a reference to the -- * corresponding mm, otherwise ERR_PTR. -- */ --static struct mm_struct *check_mem_permission(struct task_struct *task) --{ -- struct mm_struct *mm; -- int err; -- -- /* -- * Avoid racing if task exec's as we might get a new mm but validate -- * against old credentials. -- */ -- err = mutex_lock_killable(&task->signal->cred_guard_mutex); -- if (err) -- return ERR_PTR(err); -- -- mm = __check_mem_permission(task); -- mutex_unlock(&task->signal->cred_guard_mutex); -- -- return mm; --} -- --struct mm_struct *mm_for_maps(struct task_struct *task) -+static struct mm_struct *mm_access(struct task_struct *task, unsigned int mode) - { - struct mm_struct *mm; - int err; -@@ -263,7 +205,7 @@ struct mm_struct *mm_for_maps(struct tas - - mm = get_task_mm(task); - if (mm && mm != current->mm && -- !ptrace_may_access(task, PTRACE_MODE_READ)) { -+ !ptrace_may_access(task, mode)) { - mmput(mm); - mm = ERR_PTR(-EACCES); - } -@@ -272,6 +214,11 @@ struct mm_struct *mm_for_maps(struct tas - return mm; - } - -+struct mm_struct *mm_for_maps(struct task_struct *task) -+{ -+ return mm_access(task, PTRACE_MODE_READ); -+} -+ - static int proc_pid_cmdline(struct task_struct *task, char * buffer) - { - int res = 0; -@@ -816,38 +763,39 @@ static const struct file_operations proc - - static int mem_open(struct inode* inode, struct file* file) - { -- file->private_data = (void*)((long)current->self_exec_id); -+ struct task_struct *task = get_proc_task(file->f_path.dentry->d_inode); -+ struct mm_struct *mm; -+ -+ if (!task) -+ return -ESRCH; -+ -+ mm = mm_access(task, PTRACE_MODE_ATTACH); -+ put_task_struct(task); -+ -+ if (IS_ERR(mm)) -+ return PTR_ERR(mm); -+ - /* OK to pass negative loff_t, we can catch out-of-range */ - file->f_mode |= FMODE_UNSIGNED_OFFSET; -+ file->private_data = mm; -+ - return 0; - } - - static ssize_t mem_read(struct file * file, char __user * buf, - size_t count, loff_t *ppos) - { -- struct task_struct *task = get_proc_task(file->f_path.dentry->d_inode); -+ int ret; - char *page; - unsigned long src = *ppos; -- int ret = -ESRCH; -- struct mm_struct *mm; -+ struct mm_struct *mm = file->private_data; - -- if (!task) -- goto out_no_task; -+ if (!mm) -+ return 0; - -- ret = -ENOMEM; - page = (char *)__get_free_page(GFP_TEMPORARY); - if (!page) -- goto out; -- -- mm = check_mem_permission(task); -- ret = PTR_ERR(mm); -- if (IS_ERR(mm)) -- goto out_free; -- -- ret = -EIO; -- -- if (file->private_data != (void*)((long)current->self_exec_id)) -- goto out_put; -+ return -ENOMEM; - - ret = 0; - -@@ -874,13 +822,7 @@ static ssize_t mem_read(struct file * fi - } - *ppos = src; - --out_put: -- mmput(mm); --out_free: - free_page((unsigned long) page); --out: -- put_task_struct(task); --out_no_task: - return ret; - } - -@@ -889,27 +831,15 @@ static ssize_t mem_write(struct file * f - { - int copied; - char *page; -- struct task_struct *task = get_proc_task(file->f_path.dentry->d_inode); - unsigned long dst = *ppos; -- struct mm_struct *mm; -+ struct mm_struct *mm = file->private_data; - -- copied = -ESRCH; -- if (!task) -- goto out_no_task; -+ if (!mm) -+ return 0; - -- copied = -ENOMEM; - page = (char *)__get_free_page(GFP_TEMPORARY); - if (!page) -- goto out_task; -- -- mm = check_mem_permission(task); -- copied = PTR_ERR(mm); -- if (IS_ERR(mm)) -- goto out_free; -- -- copied = -EIO; -- if (file->private_data != (void *)((long)current->self_exec_id)) -- goto out_mm; -+ return -ENOMEM; - - copied = 0; - while (count > 0) { -@@ -933,13 +863,7 @@ static ssize_t mem_write(struct file * f - } - *ppos = dst; - --out_mm: -- mmput(mm); --out_free: - free_page((unsigned long) page); --out_task: -- put_task_struct(task); --out_no_task: - return copied; - } - -@@ -959,11 +883,20 @@ loff_t mem_lseek(struct file *file, loff - return file->f_pos; - } - -+static int mem_release(struct inode *inode, struct file *file) -+{ -+ struct mm_struct *mm = file->private_data; -+ -+ mmput(mm); -+ return 0; -+} -+ - static const struct file_operations proc_mem_operations = { - .llseek = mem_lseek, - .read = mem_read, - .write = mem_write, - .open = mem_open, -+ .release = mem_release, - }; - - static ssize_t environ_read(struct file *file, char __user *buf, - |