Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / ccc2aae5c4df7c6830b79280bf6fd1bf57dd5a72
commitccc2aae5c4df7c6830b79280bf6fd1bf57dd5a72[log] [tgz]
authorEric Biggers <ebiggers@google.com>Mon Sep 18 11:38:29 2017 -0700
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>Tue Mar 19 13:14:08 2019 +0100
treed47845d02340aecfc00db380c25fce090c2414d2
parent45eaae2527707aaf871821eaccc5cbf9d3b841b2 [diff]
KEYS: restrict /proc/keys by credentials at open time

commit 4aa68e07d845562561f5e73c04aa521376e95252 upstream.

When checking for permission to view keys whilst reading from
/proc/keys, we should use the credentials with which the /proc/keys file
was opened.  This is because, in a classic type of exploit, it can be
possible to bypass checks for the *current* credentials by passing the
file descriptor to a suid program.

Following commit 34dbbcdbf633 ("Make file credentials available to the
seqfile interfaces") we can finally fix it.  So let's do it.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Zubin Mithra <zsm@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
1 file changed
tree: d47845d02340aecfc00db380c25fce090c2414d2
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .cocciconfig
  24. .get_maintainer.ignore
  25. .gitattributes
  26. .gitignore
  27. .mailmap
  28. COPYING
  29. CREDITS
  30. Kbuild
  31. Kconfig
  32. MAINTAINERS
  33. Makefile
  34. README
  35. REPORTING-BUGS