diff options
author | Daniel Mentz <danielmentz@google.com> | 2017-07-06 18:13:08 -0700 |
---|---|---|
committer | Amit Pundir <amit.pundir@linaro.org> | 2017-08-23 18:53:22 +0530 |
commit | 04233a18865f542cad26eff9a1790df94c491e59 (patch) | |
tree | 913d1c349465a47b683ec78b2ab0cfdf9e2e26c8 | |
parent | 8160d0f1b78577da77f7980135f1110f7213bd48 (diff) | |
download | linaro-android-04233a18865f542cad26eff9a1790df94c491e59.tar.gz |
Revert "ANDROID: proc: smaps: Allow smaps access for CAP_SYS_RESOURCE"
This reverts commit ff8b80819cf4d76ff7fdfeb85d35f28f916105bd.
This fixes CVE-2017-0710.
SELinux allows more fine grained control: We grant processes that need
access to smaps CAP_SYS_PTRACE but prohibit them from using ptrace
attach().
Bug: 34951864
Bug: 36468447
Change-Id: I00a513188245a30bc63dcbdafbb9746bc6d9d6ff
Signed-off-by: Daniel Mentz <danielmentz@google.com>
-rw-r--r-- | kernel/fork.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/kernel/fork.c b/kernel/fork.c index 103b55097dbd..17921b0390b4 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -1050,8 +1050,7 @@ struct mm_struct *mm_access(struct task_struct *task, unsigned int mode) mm = get_task_mm(task); if (mm && mm != current->mm && - !ptrace_may_access(task, mode) && - !capable(CAP_SYS_RESOURCE)) { + !ptrace_may_access(task, mode)) { mmput(mm); mm = ERR_PTR(-EACCES); } |