From patchwork Fri Jan 25 09:19:18 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kleber Sacilotto de Souza X-Patchwork-Id: 1030860 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 43mD4N67yFz9s9h; Fri, 25 Jan 2019 20:19:32 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1gmxe0-0000kE-9X; Fri, 25 Jan 2019 09:19:24 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.86_2) (envelope-from ) id 1gmxdz-0000k7-7v for kernel-team@lists.ubuntu.com; Fri, 25 Jan 2019 09:19:23 +0000 Received: from mail-wm1-f72.google.com ([209.85.128.72]) by youngberry.canonical.com with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.76) (envelope-from ) id 1gmxdy-0000pR-TV for kernel-team@lists.ubuntu.com; Fri, 25 Jan 2019 09:19:22 +0000 Received: by mail-wm1-f72.google.com with SMTP id e192so1791519wmg.4 for ; Fri, 25 Jan 2019 01:19:22 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id; bh=4HpakyBLJLH5XsmfGAPbx+CRdiFwh64lHBERdUh4rNU=; b=dqUeq+3csv1Wsnza3C1wmWdXxKOjjp1WlNvW7vwm5mvL9zjLAzYP+e13HQ5Yobwv8p PpME9Rex2D3z0lyA8uNHiDGO3AK+kCcu3bc1JxclAvHSWLx0ZEfj5l0k0lFQfXa0uGrx bRaeKvAk9iC8BqgI6Xwz1Znf/RIeaxaszjNp4IYPbR4uFcRO0bNYqsqQrH/53E8vypBg kmEjQSSObC6KiLbAJgpAyBCVLd+FXcfhWYBXehQgm1HqrZcAQ8Nc8ASC27Dyw7hLwU6N GK6OsrfgORNJA+SkYaHBj4Uscmy2oYMtB5QZ3guxVTw6aDNTk4rNzar7jWHlnPjbHh0i j0FQ== X-Gm-Message-State: AJcUukfa6azj0dlLiTxeA087dDquyJPsU8upahhStZgj3vudyI7FxvKm 0sHc73T+rAoktcnOH1j8AsZTTb2YC+x3M9PMWGf8dLMzRvLyt3CO3uUXCWETpnioDy2H9+6PNgV SFghnZ3xm0ytx1L7YfOT0k1yh+9t5rUJN9aIcNGt5xw== X-Received: by 2002:a1c:c90b:: with SMTP id f11mr5979834wmb.33.1548407962265; Fri, 25 Jan 2019 01:19:22 -0800 (PST) X-Google-Smtp-Source: ALg8bN4FCeh8dZTlaq+jK3/MPu5JmobvzpAav9L6IH/HZtJV8MI9gpov5b0YS4KtIsDaJqau8W3wQg== X-Received: by 2002:a1c:c90b:: with SMTP id f11mr5979813wmb.33.1548407961834; Fri, 25 Jan 2019 01:19:21 -0800 (PST) Received: from localhost ([2a02:8109:98c0:1604:b805:d6bf:1dc:55f4]) by smtp.gmail.com with ESMTPSA id x186sm82085471wmg.41.2019.01.25.01.19.20 for (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 25 Jan 2019 01:19:20 -0800 (PST) From: Kleber Sacilotto de Souza To: kernel-team@lists.ubuntu.com Subject: [SRU][Trusty][PATCH 0/1] Fix /proc/*/stack permission (LP: #1813001) Date: Fri, 25 Jan 2019 10:19:18 +0100 Message-Id: <20190125091919.21414-1-kleber.souza@canonical.com> X-Mailer: git-send-email 2.17.1 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" BugLink: https://bugs.launchpad.net/bugs/1813001 [Impact] The testcase test_095_kernel_symbols_missing_proc_self_stack from ubuntu_qrt_kernel_security testsuite started to fail with Trusty kernel (3.13) after the fix for CVE-2018-17972 ("proc: restrict kernel stack dumps to root"), which prevents a regular user to read from /proc/self/stack. Kernel: 3.13.0-165.215~precise1 The test failed with: AssertionError: cat: /proc/self/stack: Permission denied FAIL: test_095_kernel_symbols_missing_proc_self_stack (__main__.KernelSecurityTest) kernel addresses in /proc/self/stack are zeroed out ---------------------------------------------------------------------- Traceback (most recent call last): File "./test-kernel-security.py", line 1364, in test_095_kernel_symbols_missing_proc_self_stack self._check_pK_files(self._095_kernel_symbols_missing_proc_self_stack, expected=expected) File "./test-kernel-security.py", line 1209, in _check_pK_files test_function(expected_restricted) File "./test-kernel-security.py", line 1320, in _095_kernel_symbols_missing_proc_self_stack expected, retry=True) File "./test-kernel-security.py", line 1146, in _read_twice self.assertEqual(rc, 0, regular) AssertionError: cat: /proc/self/stack: Permission denied The testcase checks the file permission before trying to read it, and for kernel 3.13 the permissions became inconsistent with what the user can actually do: $ cat /proc/self/stack cat: /proc/self/stack: Permission denied $ ls -l /proc/self/stack -r--r--r-- 1 ubuntu ubuntu 0 Jan 24 04:06 /proc/self/stack [Test Case] Run 'cat' and 'ls' on the file as stated above, or run the ubuntu_qrt_kernel_security testsuite and check for the results of the test_095_kernel_symbols_missing_proc_self_stack testcase. [Fix] Upstream commit 35a35046e4f9 ("procfs: make /proc/*/{stack,syscall,personality} 0400") applied for v3.15-rc1 fixes the issue. [Regression Potential] The upstream fix changes the permissions of the files /proc/*/{stack,syscall,personality}, so userspace which relies on reading these files as regular users might fail. However, this fixes a security issue and is already applied on our later series. Djalal Harouni (1): procfs: make /proc/*/{stack,syscall,personality} 0400 fs/proc/base.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) Acked-by: Po-Hsu Lin Acked-by: Thadeu Lima de Souza Cascardo