gh0s7/mckernel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Reject "setfsuid: Specify mcexec tid when asking mcexec for fsuid"

Browse Source 
This fix is rejected because it only makes the setfsuid test in ostest
pass and doesn't fix the other issues including the one in which file
I/O could be done with the old fsuid because an mcexec thread with an
arbitrary tid could handle the system-call offload request.

Explanation of the rejected fix:

  setfsuid() proceeds as follows:

  1. McKernel asks mcexec for __NR_setfsuid (set)
  2. mcexec calls setfsuid, reports the id to McKernel
  3. McKernel asks mcexec for __NR_setfsuid (get)
  4. mcexec calls mcexec_getcred(), reports the id to Mckernel
  5. McKernel sets proc->fsuid to the obtained value

  tid of mcexec on the 2nd and 4th step could be different. So this
  fix lets mcexec report its tid on the 2nd step and McKernel specify
  it in the 3rd step.

Change-Id: Id5cfeed18c64430d576a56e961bbca1ecb2e39ad
Fujitsu: POSTK_DEBUG_TEMP_FIX_45
This commit is contained in:
Masamichi Takagi
2019-01-29 12:39:29 +09:00
committed by Dominique Martinet
parent cd42d186b7
commit 950ea678dd
3 changed files with 0 additions and 100 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
executer/kernel/mcctrl/control.c
View File

@ -1647,42 +1647,6 @@ mcexec_getcred(unsigned long phys)
{
int *virt = phys_to_virt(phys);
#ifdef POSTK_DEBUG_TEMP_FIX_45 /* setfsgid()/setfsuid() mismatch fix. */
int ret = -EINVAL;
if (virt[0] == 0 || virt[0] == task_pid_vnr(current)) {
virt[0] = GUIDVAL(current_uid());
virt[1] = GUIDVAL(current_euid());
virt[2] = GUIDVAL(current_suid());
virt[3] = GUIDVAL(current_fsuid());
virt[4] = GUIDVAL(current_gid());
virt[5] = GUIDVAL(current_egid());
virt[6] = GUIDVAL(current_sgid());
virt[7] = GUIDVAL(current_fsgid());
ret = 0;
} else {
const struct task_struct *task_p =
pid_task(find_get_pid(virt[0]), PIDTYPE_PID);
if (task_p) {
const struct cred *t_cred = __task_cred(task_p);
rcu_read_lock();
virt[0] = GUIDVAL(t_cred->uid);
virt[1] = GUIDVAL(t_cred->euid);
virt[2] = GUIDVAL(t_cred->suid);
virt[3] = GUIDVAL(t_cred->fsuid);
virt[4] = GUIDVAL(t_cred->gid);
virt[5] = GUIDVAL(t_cred->egid);
virt[6] = GUIDVAL(t_cred->sgid);
virt[7] = GUIDVAL(t_cred->fsgid);
rcu_read_unlock();
ret = 0;
}
}
return ret;
#else /* POSTK_DEBUG_TEMP_FIX_45 */
virt[0] = GUIDVAL(current_uid());
virt[1] = GUIDVAL(current_euid());
virt[2] = GUIDVAL(current_suid());
@ -1692,7 +1656,6 @@ mcexec_getcred(unsigned long phys)
virt[6] = GUIDVAL(current_sgid());
virt[7] = GUIDVAL(current_fsgid());
return 0;
#endif /* POSTK_DEBUG_TEMP_FIX_45 */
}
int