git.baikalelectronics.ru Git - kernel.git/commit

author	Thomas Gleixner <tglx@linutronix.de>
	Thu, 5 Sep 2019 21:15:08 +0000 (23:15 +0200)
committer	Thomas Gleixner <tglx@linutronix.de>
	Tue, 10 Sep 2019 11:13:07 +0000 (12:13 +0100)
commit	8c26ec6dc73dcf6e5d6a3d46e832da901273b622
tree	cee7c8992713ec720329fc0d28d832fabc0923d1	tree \| snapshot
parent	b67b3c3eee336cbac7f67b3eb5bacff662287401	commit \| diff

posix-cpu-timers: Fix permission check regression

The recent consolidation of the three permission checks introduced a subtle
regression. For timer_create() with a process wide timer it returns the
current task if the lookup through the PID which is encoded into the
clockid results in returning current.

That's broken because it does not validate whether the current task is the
group leader.

That was caused by the two different variants of permission checks:

  - posix_cpu_timer_get() allowed access to the process wide clock when the
    looked up task is current. That's not an issue because the process wide
    clock is in the shared sighand.

  - posix_cpu_timer_create() made sure that the looked up task is the group
    leader.

Restore the previous state.

Note, that these permission checks are more than questionable, but that's
subject to follow up changes.

Fixes: 897098504f59 ("posix-cpu-timers: Provide task validation functions")
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Frederic Weisbecker <frederic@kernel.org>
Link: https://lkml.kernel.org/r/alpine.DEB.2.21.1909052314110.1902@nanos.tec.linutronix.de