Re: [PATCH v2] HID: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges

From: Jiri Kosina
Date: Mon Nov 19 2018 - 08:26:16 EST

Next message: kbuild test robot: "sound/soc/intel/skylake/skl.c:874: undefined reference to `snd_soc_hdac_hda_get_ops'"
Previous message: Lubomir Rintel: "Re: [PATCH 06/15] Platform: OLPC: Add XO-1.75 EC driver"
In reply to: David Herrmann: "Re: [PATCH v2] HID: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 19 Nov 2018, David Herrmann wrote:

> > Thanks for the patch. I however believe the fix below is more generic, and
> > would prefer taking that one in case noone sees any major flaw in that
> > I've overlooked. Thanks.
>
> As Andy rightly pointed out, the credentials check is actually needed.
> The scenario here is using a uhid-fd as stdout when executing a
> setuid-program. This will possibly end up reading arbitrary memory
> from the setuid program and use it as input for the hid-descriptor.

Ah, right, that's a very good point indeed; I've overlooked that (valid)
concern in the thread. Thanks for spotting that, Andy.

I've now applied Eric's patch. Thanks everybody,

--
Jiri Kosina
SUSE Labs

Next message: kbuild test robot: "sound/soc/intel/skylake/skl.c:874: undefined reference to `snd_soc_hdac_hda_get_ops'"
Previous message: Lubomir Rintel: "Re: [PATCH 06/15] Platform: OLPC: Add XO-1.75 EC driver"
In reply to: David Herrmann: "Re: [PATCH v2] HID: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]