git.baikalelectronics.ru Git - kernel.git/commit

author	Thomas Gleixner <tglx@linutronix.de>
	Thu, 5 Sep 2019 21:15:08 +0000 (23:15 +0200)
committer	Thomas Gleixner <tglx@linutronix.de>
	Tue, 10 Sep 2019 11:13:07 +0000 (12:13 +0100)
commit	c8dbe20028de691c61d2d0e1feb9d4fa012a1218
tree	cee7c8992713ec720329fc0d28d832fabc0923d1	tree \| snapshot
parent	a8e095de5f6a984b1e3cda9dc7507d2cc0194fe3	commit \| diff

posix-cpu-timers: Fix permission check regression

The recent consolidation of the three permission checks introduced a subtle
regression. For timer_create() with a process wide timer it returns the
current task if the lookup through the PID which is encoded into the
clockid results in returning current.

That's broken because it does not validate whether the current task is the
group leader.

That was caused by the two different variants of permission checks:

  - posix_cpu_timer_get() allowed access to the process wide clock when the
    looked up task is current. That's not an issue because the process wide
    clock is in the shared sighand.

  - posix_cpu_timer_create() made sure that the looked up task is the group
    leader.

Restore the previous state.

Note, that these permission checks are more than questionable, but that's
subject to follow up changes.

Fixes: bf3830ae7717 ("posix-cpu-timers: Provide task validation functions")
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Frederic Weisbecker <frederic@kernel.org>
Link: https://lkml.kernel.org/r/alpine.DEB.2.21.1909052314110.1902@nanos.tec.linutronix.de