korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-11 12:28:41 +08:00
Code Issues Packages Projects Releases Wiki Activity

libbpf: Fix the case of running as non-root with capabilities

Browse Source 
When running rootless with special capabilities like:
FOWNER / DAC_OVERRIDE / DAC_READ_SEARCH

The "access" API will not make the proper check if there is really
access to a file or not.

>From the access man page:
"
The check is done using the calling process's real UID and GID, rather
than the effective IDs as is done when actually attempting an operation
(e.g., open(2)) on the file.  Similarly, for the root user, the check
uses the set of permitted capabilities  rather than the set of effective
capabilities; ***and for non-root users, the check uses an empty set of
capabilities.***
"

What that means is that for non-root user the access API will not do the
proper validation if the process really has permission to a file or not.

To resolve this this patch replaces all the access API calls with
faccessat with AT_EACCESS flag.

Signed-off-by: Jon Doron <jond@wiz.io>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/bpf/20220925070431.1313680-1-arilou@gmail.com
This commit is contained in:
Jon Doron 2022-09-25 10:04:31 +03:00 committed by Andrii Nakryiko
parent 9666a70265
commit 6a4ab8869d
3 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
tools/lib/bpf/btf.c
View File

@ -4664,7 +4664,7 @@ struct btf *btf__load_vmlinux_btf(void)
for (i = 0; i < ARRAY_SIZE(locations); i++) { for (i = 0; i < ARRAY_SIZE(locations); i++) {
snprintf(path, PATH_MAX, locations[i], buf.release); snprintf(path, PATH_MAX, locations[i], buf.release);
if (access(path, R_OK)) if (faccessat(AT_FDCWD, path, R_OK, AT_EACCESS))
continue; continue;
btf = btf__parse(path, NULL); btf = btf__parse(path, NULL);

6
tools/lib/bpf/libbpf.c
View File

@ -884,7 +884,7 @@ __u32 get_kernel_version(void)
__u32 major, minor, patch; __u32 major, minor, patch;
struct utsname info; struct utsname info;
if (access(ubuntu_kver_file, R_OK) == 0) { if (faccessat(AT_FDCWD, ubuntu_kver_file, R_OK, AT_EACCESS) == 0) {
FILE *f; FILE *f;
f = fopen(ubuntu_kver_file, "r"); f = fopen(ubuntu_kver_file, "r");
@ -9904,7 +9904,7 @@ static bool use_debugfs(void)
static int has_debugfs = -1; static int has_debugfs = -1;
if (has_debugfs < 0) if (has_debugfs < 0)
has_debugfs = access(DEBUGFS, F_OK) == 0; has_debugfs = faccessat(AT_FDCWD, DEBUGFS, F_OK, AT_EACCESS) == 0;
return has_debugfs == 1; return has_debugfs == 1;
} }
@ -10721,7 +10721,7 @@ static int resolve_full_path(const char *file, char *result, size_t result_sz)
continue; continue;
snprintf(result, result_sz, "%.*s/%s", seg_len, s, file); snprintf(result, result_sz, "%.*s/%s", seg_len, s, file);
/* ensure it has required permissions */ /* ensure it has required permissions */
if (access(result, perm) < 0) if (faccessat(AT_FDCWD, result, perm, AT_EACCESS) < 0)
continue; continue;
pr_debug("resolved '%s' to '%s'\n", file, result); pr_debug("resolved '%s' to '%s'\n", file, result);
return 0; return 0;

2
tools/lib/bpf/usdt.c
View File

@ -282,7 +282,7 @@ struct usdt_manager *usdt_manager_new(struct bpf_object *obj)
* If this is not supported, USDTs with semaphores will not be supported. * If this is not supported, USDTs with semaphores will not be supported.
* Added in: a6ca88b241d5 ("trace_uprobe: support reference counter in fd-based uprobe") * Added in: a6ca88b241d5 ("trace_uprobe: support reference counter in fd-based uprobe")
*/ */
man->has_sema_refcnt = access(ref_ctr_sysfs_path, F_OK) == 0; man->has_sema_refcnt = faccessat(AT_FDCWD, ref_ctr_sysfs_path, F_OK, AT_EACCESS) == 0;
return man; return man;
} }