diff options
author | David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 2021-09-07 20:00:29 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2021-09-08 11:50:27 -0700 |
commit | dbd9d6f8fa9c3e676e491ac65c7fa10a1af8321f (patch) | |
tree | b777e6290ad7c9fbd33737009e5f04400b84cac6 /fs | |
parent | 98e2e409e76ef7781d8511f997359e9c504a95c1 (diff) | |
download | linux-rpi-dbd9d6f8fa9c3e676e491ac65c7fa10a1af8321f.tar.gz linux-rpi-dbd9d6f8fa9c3e676e491ac65c7fa10a1af8321f.tar.bz2 linux-rpi-dbd9d6f8fa9c3e676e491ac65c7fa10a1af8321f.zip |
fs/coredump.c: log if a core dump is aborted due to changed file permissions
For obvious security reasons, a core dump is aborted if the filesystem
cannot preserve ownership or permissions of the dump file.
This affects filesystems like e.g. vfat, but also something like a 9pfs
share in a Qemu test setup, running as a regular user, depending on the
security model used. In those cases, the result is an empty core file and
a confused user.
To hopefully save other people a lot of time figuring out the cause, this
patch adds a simple log message for those specific cases.
[akpm@linux-foundation.org: s/|%s/%s/ in printk text]
Link: https://lkml.kernel.org/r/20210701233151.102720-1-david.oberhollenzer@sigma-star.at
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs')
-rw-r--r-- | fs/coredump.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/fs/coredump.c b/fs/coredump.c index 07afb5ddb1c4..4b3c75732c97 100644 --- a/fs/coredump.c +++ b/fs/coredump.c @@ -782,10 +782,17 @@ void do_coredump(const kernel_siginfo_t *siginfo) * filesystem. */ mnt_userns = file_mnt_user_ns(cprm.file); - if (!uid_eq(i_uid_into_mnt(mnt_userns, inode), current_fsuid())) + if (!uid_eq(i_uid_into_mnt(mnt_userns, inode), + current_fsuid())) { + pr_info_ratelimited("Core dump to %s aborted: cannot preserve file owner\n", + cn.corename); goto close_fail; - if ((inode->i_mode & 0677) != 0600) + } + if ((inode->i_mode & 0677) != 0600) { + pr_info_ratelimited("Core dump to %s aborted: cannot preserve file permissions\n", + cn.corename); goto close_fail; + } if (!(cprm.file->f_mode & FMODE_CAN_WRITE)) goto close_fail; if (do_truncate(mnt_userns, cprm.file->f_path.dentry, |