Re: [patch 4/6] posix-cpu-timers: Restrict clock_gettime() permissions

From: Frederic Weisbecker
Date: Mon Sep 23 2019 - 09:39:11 EST

Next message: Sean Paul: "Re: [PATCH v2] drm: tweak drm_print_bits()"
Previous message: Thierry Reding: "Re: [PATCH v9 07/11] dt-bindings: pwm: pwm-mediatek: add a property "num-pwms""
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Sep 05, 2019 at 02:03:43PM +0200, Thomas Gleixner wrote:
> Similar to creating timers on a process there is no restriction at all to
> read the Posix CPU clocks of any process in the system. Per thread CPU
> clock access is limited to threads in the same thread group.
>
> The per process CPU clocks can be used to observe activity of tasks and
> reading them can affect the execution of the process to which they are
> attached as reading can require to lock sighand lock and sum up the fine
> grained accounting for all threads in the process.
>
> Restrict it by checking ptrace MODE_READ permissions of the reader on the
> target process.
>
> Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>

Reviewed-by: Frederic Weisbecker <frederic@xxxxxxxxxx>

Next message: Sean Paul: "Re: [PATCH v2] drm: tweak drm_print_bits()"
Previous message: Thierry Reding: "Re: [PATCH v9 07/11] dt-bindings: pwm: pwm-mediatek: add a property "num-pwms""
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]