APPLIED: [SRU][Trusty][PATCH 0/1] Fix /proc/*/stack permission (LP: #1813001)

Khaled Elmously khalid.elmously at canonical.com
Sun Jan 27 22:17:43 UTC 2019 

On 2019-01-25 10:19:18 , Kleber Souza wrote:
> BugLink: https://bugs.launchpad.net/bugs/1813001
> 
> [Impact]
> 
> The testcase test_095_kernel_symbols_missing_proc_self_stack from
> ubuntu_qrt_kernel_security testsuite started to fail with Trusty kernel (3.13)
> after the fix for CVE-2018-17972 ("proc: restrict kernel stack dumps to root"),
> which prevents a regular user to read from /proc/self/stack.
> 
> Kernel: 3.13.0-165.215~precise1
> The test failed with:
>     AssertionError: cat: /proc/self/stack: Permission denied
> 
> FAIL: test_095_kernel_symbols_missing_proc_self_stack (__main__.KernelSecurityTest)
> kernel addresses in /proc/self/stack are zeroed out
> ----------------------------------------------------------------------
> Traceback (most recent call last):
> File "./test-kernel-security.py", line 1364, in test_095_kernel_symbols_missing_proc_self_stack
> self._check_pK_files(self._095_kernel_symbols_missing_proc_self_stack, expected=expected)
> File "./test-kernel-security.py", line 1209, in _check_pK_files
> test_function(expected_restricted)
> File "./test-kernel-security.py", line 1320, in _095_kernel_symbols_missing_proc_self_stack
> expected, retry=True)
> File "./test-kernel-security.py", line 1146, in _read_twice
> self.assertEqual(rc, 0, regular)
> AssertionError: cat: /proc/self/stack: Permission denied
> 
> The testcase checks the file permission before trying to read it, and for kernel
> 3.13 the permissions became inconsistent with what the user can actually do:
> 
> $ cat /proc/self/stack
> cat: /proc/self/stack: Permission denied
> $ ls -l /proc/self/stack
> -r--r--r-- 1 ubuntu ubuntu 0 Jan 24 04:06 /proc/self/stack
> 
> [Test Case]
> Run 'cat' and 'ls' on the file as stated above, or run the
> ubuntu_qrt_kernel_security testsuite and check for the results of the
> test_095_kernel_symbols_missing_proc_self_stack testcase.
> 
> [Fix]
> Upstream commit 35a35046e4f9 ("procfs: make /proc/*/{stack,syscall,personality}
> 0400") applied for v3.15-rc1 fixes the issue.
> 
> [Regression Potential]
> The upstream fix changes the permissions of the files
> /proc/*/{stack,syscall,personality}, so userspace which relies on reading these
> files as regular users might fail. However, this fixes a security issue and is
> already applied on our later series.
> 
> Djalal Harouni (1):
>   procfs: make /proc/*/{stack,syscall,personality} 0400
> 
>  fs/proc/base.c | 12 ++++++------
>  1 file changed, 6 insertions(+), 6 deletions(-)
> 
> -- 
> 2.17.1
> 
> 
> -- 
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team

More information about the kernel-team mailing list