diff options
| author | Tom Marshall <tdm.code@gmail.com> | 2017-01-25 18:01:03 +0100 |
|---|---|---|
| committer | Davide Garberi <dade.garberi@gmail.com> | 2022-07-27 19:23:19 +0200 |
| commit | 08ff8a2e58eb226015fa68d577121137a7e0953f (patch) | |
| tree | 6804e0881c1588dd335fbcdacb7a46f2c95f412f /kernel | |
| parent | e604a08d460859ac6de5dff7a19f2340edcc7ae8 (diff) | |
kernel: Only expose su when daemon is running
It has been claimed that the PG implementation of 'su' has security
vulnerabilities even when disabled. Unfortunately, the people that
find these vulnerabilities often like to keep them private so they
can profit from exploits while leaving users exposed to malicious
hackers.
In order to reduce the attack surface for vulnerabilites, it is
therefore necessary to make 'su' completely inaccessible when it
is not in use (except by the root and system users).
Change-Id: I79716c72f74d0b7af34ec3a8054896c6559a181d
Signed-off-by: Davide Garberi <dade.garberi@gmail.com>
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/exit.c | 4 | ||||
| -rw-r--r-- | kernel/fork.c | 1 | ||||
| -rw-r--r-- | kernel/sched/core.c | 32 |
3 files changed, 37 insertions, 0 deletions
diff --git a/kernel/exit.c b/kernel/exit.c index babbc3c0a181..4a8dbc4bf4f6 100644 --- a/kernel/exit.c +++ b/kernel/exit.c @@ -719,6 +719,10 @@ void do_exit(long code) sched_exit(tsk); schedtune_exit_task(tsk); + if (tsk->flags & PF_SU) { + su_exit(); + } + if (unlikely(in_atomic())) { pr_info("note: %s[%d] exited with preempt_count %d\n", current->comm, task_pid_nr(current), diff --git a/kernel/fork.c b/kernel/fork.c index 92a0df862115..dcdbb9f7216f 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -360,6 +360,7 @@ static struct task_struct *dup_task_struct(struct task_struct *orig, int node) if (err) goto free_stack; + tsk->flags &= ~PF_SU; tsk->stack = stack; err = kaiser_map_thread_stack(tsk->stack); diff --git a/kernel/sched/core.c b/kernel/sched/core.c index 6c3f46e759d2..09e1d83a9f09 100644 --- a/kernel/sched/core.c +++ b/kernel/sched/core.c @@ -98,6 +98,38 @@ #define CREATE_TRACE_POINTS #include <trace/events/sched.h> +static atomic_t __su_instances; + +int su_instances(void) +{ + return atomic_read(&__su_instances); +} + +bool su_running(void) +{ + return su_instances() > 0; +} + +bool su_visible(void) +{ + kuid_t uid = current_uid(); + if (su_running()) + return true; + if (uid_eq(uid, GLOBAL_ROOT_UID) || uid_eq(uid, GLOBAL_SYSTEM_UID)) + return true; + return false; +} + +void su_exec(void) +{ + atomic_inc(&__su_instances); +} + +void su_exit(void) +{ + atomic_dec(&__su_instances); +} + ATOMIC_NOTIFIER_HEAD(load_alert_notifier_head); DEFINE_MUTEX(sched_domains_mutex); |