Re: [patch 3/6] posix-cpu-timers: Restrict timer_create() permissions

From: Frederic Weisbecker
Date: Fri Sep 20 2019 - 20:45:26 EST

Next message: Rafael Aquini: "Re: [RESEND PATCH v2] mm/oom_killer: Add task UID to info message on an oom kill"
Previous message: Qiujun Huang: "Re: [PATCH 3/3] mm:fix gup_pud_range"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Sep 05, 2019 at 02:03:42PM +0200, Thomas Gleixner wrote:
> Right now there is no restriction at all to attach a Posix CPU timer to any
> process in the system. Per thread CPU timers are limited to be created by
> threads in the same thread group.
>
> Timers can be used to observe activity of tasks and also impose overhead on
> the process to which they are attached because that process needs to do the
> fine grained CPU time accounting.
>
> Limit the ability to attach timers to a process by checking whether the
> task which is creating the timer has permissions to attach ptrace on the
> target process.
>
> Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>

Makes sense. I hope no serious user currently rely on that lack of
restriction. Let's just apply and wait for complains if any.

Reviewed-by: Frederic Weisbecker <frederic@xxxxxxxxxx>

Next message: Rafael Aquini: "Re: [RESEND PATCH v2] mm/oom_killer: Add task UID to info message on an oom kill"
Previous message: Qiujun Huang: "Re: [PATCH 3/3] mm:fix gup_pud_range"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]