mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2024-11-29 23:24:11 +08:00
userns: allow killing tasks in your own or child userns
Changelog: Dec 8: Fixed bug in my check_kill_permission pointed out by Eric Biederman. Dec 13: Apply Eric's suggestion to pass target task into kill_ok_by_cred() for clarity Dec 31: address comment by Eric Biederman: don't need cred/tcred in check_kill_permission. Jan 1: use const cred struct. Jan 11: Per Bastian Blank's advice, clean up kill_ok_by_cred(). Feb 16: kill_ok_by_cred: fix bad parentheses Feb 23: per akpm, let compiler inline kill_ok_by_cred Signed-off-by: Serge E. Hallyn <serge.hallyn@canonical.com> Acked-by: "Eric W. Biederman" <ebiederm@xmission.com> Acked-by: Daniel Lezcano <daniel.lezcano@free.fr> Acked-by: David Howells <dhowells@redhat.com> Cc: James Morris <jmorris@namei.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
parent
bb96a6f50b
commit
39fd33933b
@ -635,6 +635,27 @@ static inline bool si_fromuser(const struct siginfo *info)
|
|||||||
(!is_si_special(info) && SI_FROMUSER(info));
|
(!is_si_special(info) && SI_FROMUSER(info));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* called with RCU read lock from check_kill_permission()
|
||||||
|
*/
|
||||||
|
static int kill_ok_by_cred(struct task_struct *t)
|
||||||
|
{
|
||||||
|
const struct cred *cred = current_cred();
|
||||||
|
const struct cred *tcred = __task_cred(t);
|
||||||
|
|
||||||
|
if (cred->user->user_ns == tcred->user->user_ns &&
|
||||||
|
(cred->euid == tcred->suid ||
|
||||||
|
cred->euid == tcred->uid ||
|
||||||
|
cred->uid == tcred->suid ||
|
||||||
|
cred->uid == tcred->uid))
|
||||||
|
return 1;
|
||||||
|
|
||||||
|
if (ns_capable(tcred->user->user_ns, CAP_KILL))
|
||||||
|
return 1;
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Bad permissions for sending the signal
|
* Bad permissions for sending the signal
|
||||||
* - the caller must hold the RCU read lock
|
* - the caller must hold the RCU read lock
|
||||||
@ -642,7 +663,6 @@ static inline bool si_fromuser(const struct siginfo *info)
|
|||||||
static int check_kill_permission(int sig, struct siginfo *info,
|
static int check_kill_permission(int sig, struct siginfo *info,
|
||||||
struct task_struct *t)
|
struct task_struct *t)
|
||||||
{
|
{
|
||||||
const struct cred *cred, *tcred;
|
|
||||||
struct pid *sid;
|
struct pid *sid;
|
||||||
int error;
|
int error;
|
||||||
|
|
||||||
@ -656,14 +676,8 @@ static int check_kill_permission(int sig, struct siginfo *info,
|
|||||||
if (error)
|
if (error)
|
||||||
return error;
|
return error;
|
||||||
|
|
||||||
cred = current_cred();
|
|
||||||
tcred = __task_cred(t);
|
|
||||||
if (!same_thread_group(current, t) &&
|
if (!same_thread_group(current, t) &&
|
||||||
(cred->euid ^ tcred->suid) &&
|
!kill_ok_by_cred(t)) {
|
||||||
(cred->euid ^ tcred->uid) &&
|
|
||||||
(cred->uid ^ tcred->suid) &&
|
|
||||||
(cred->uid ^ tcred->uid) &&
|
|
||||||
!capable(CAP_KILL)) {
|
|
||||||
switch (sig) {
|
switch (sig) {
|
||||||
case SIGCONT:
|
case SIGCONT:
|
||||||
sid = task_session(t);
|
sid = task_session(t);
|
||||||
|
Loading…
Reference in New Issue
Block a user