Re: [PATCH] Yama: turn process ancestry check into function

From: Serge E. Hallyn
Date: Tue Jul 13 2010 - 22:15:29 EST

Next message: KOSAKI Motohiro: "Re: [PATCH v2 1/2] vmscan: don't subtraction of unsined"
Previous message: Yinghai Lu: "[PATCH] x86: only set early_serial_base after port is initialized"
In reply to: Kees Cook: "Re: [PATCH] Yama: turn process ancestry check into function"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Quoting Kees Cook (kees.cook@xxxxxxxxxxxxx):
> On Wed, Jul 14, 2010 at 09:19:09AM +0900, Tetsuo Handa wrote:
> > > + if (mode == PTRACE_MODE_ATTACH &&
> > > + ptrace_scope &&
> > > + !task_is_descendant(current, child) &&
> > > + !capable(CAP_SYS_PTRACE))
> > > + rc = -EPERM;
> >
> > I don't know how heavy capable(CAP_SYS_PTRACE) is.
> > But checking !capable(CAP_SYS_PTRACE) before
> > !task_is_descendant(current, child) might be lighter.
>
> That's the order I had before, but in looking at some of the other code, it
> seemed like moving it to the end made more logical sense. Since checking
> PTRACE attach isn't a common or time-sensitive operation, I figured trying
> to tune it wasn't critical.

Yes the reason to keep it like this is that capable(CAP_SYS_PTRACE)
will set PF_SUPERPRIV if it passes. You don't want to do that unless
the capability was actually required.

-serge
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: KOSAKI Motohiro: "Re: [PATCH v2 1/2] vmscan: don't subtraction of unsined"
Previous message: Yinghai Lu: "[PATCH] x86: only set early_serial_base after port is initialized"
In reply to: Kees Cook: "Re: [PATCH] Yama: turn process ancestry check into function"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]