]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blobdiff - kernel/ptrace.c
projects / mirror_ubuntu-bionic-kernel.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
futex: Provide distinct return value when owner is exiting
[mirror_ubuntu-bionic-kernel.git] / kernel / ptrace.c
diff --git a/kernel/ptrace.c b/kernel/ptrace.c
index 7a42c97b2625597360b20edeb862450b1d16d56f..09fb3f58a838ef39d558fd2a1c777979857eceaa 100644 (file)
--- a/kernel/ptrace.c
+++ b/kernel/ptrace.c
@@ -321,6 +321,16 @@ static int __ptrace_may_access(struct task_struct *task, unsigned int mode)
        return -EPERM;
 ok:
        rcu_read_unlock();
+       /*
+        * If a task drops privileges and becomes nondumpable (through a syscall
+        * like setresuid()) while we are trying to access it, we must ensure
+        * that the dumpability is read after the credentials; otherwise,
+        * we may be able to attach to a task that we shouldn't be able to
+        * attach to (as if the task had dropped privileges without becoming
+        * nondumpable).
+        * Pairs with a write barrier in commit_creds().
+        */
+       smp_rmb();
        mm = task->mm;
        if (mm &&
            ((get_dumpable(mm) != SUID_DUMP_USER) &&
ubuntu-bionic-kernel mirror