Re: [PATCH] ptrace: reintroduce usage of subjective credentials in ptrace_has_cap()

From: Andrei Vagin
Date: Tue Jan 21 2020 - 16:11:41 EST

Next message: Prashant Malani: "Re: [PATCH v7 1/3] platform: chrome: Add cros-usbpd-notify driver"
Previous message: Andrew Morton: "Re: [PATCH] lib/rbtree: avoid pointless rb_node alignment"
In reply to: Christian Brauner: "Re: [PATCH] ptrace: reintroduce usage of subjective credentials in ptrace_has_cap()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Jan 18, 2020 at 4:47 AM Christian Brauner
<christian.brauner@xxxxxxxxxx> wrote:

> > > The criu process is started with all capabilities in the root user namespace.
> > >
> > > I don't have time to investigate this issue right now, will provide
> > > more details next Tuesday.
> >
> > Yeah, we've detected the issue. security_capable() indicates success by
> > returning 0 for whatever reason whereas has_ns_capability() returns 1.
> > So the logic was inverted. This is fixed in the new version. Sorry for
> > the noise!
>
> So, I just finished compiling criu and running the test suite on the
> criu-dev branch. The test-suite passes fine after the security_capable()
> braino in my original patch was corrected to security_capable() == 0:
>
> ################## ALL TEST(S) PASSED (TOTAL 178/SKIPPED 16) ###################

Thank you for doing this! Not all CRIU contributors can run all tests. You rock!

>
> Thanks!
> Christian

Next message: Prashant Malani: "Re: [PATCH v7 1/3] platform: chrome: Add cros-usbpd-notify driver"
Previous message: Andrew Morton: "Re: [PATCH] lib/rbtree: avoid pointless rb_node alignment"
In reply to: Christian Brauner: "Re: [PATCH] ptrace: reintroduce usage of subjective credentials in ptrace_has_cap()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]