posix-cpu-timers: Fix permission check regression
authorThomas Gleixner <tglx@linutronix.de>
Thu, 5 Sep 2019 21:15:08 +0000 (23:15 +0200)
committerThomas Gleixner <tglx@linutronix.de>
Tue, 10 Sep 2019 11:13:07 +0000 (12:13 +0100)
commit77b4b5420422fc037d00b8f3f0e89b2262e4ae29
treecee7c8992713ec720329fc0d28d832fabc0923d1
parent00d9e47f8ec2a293db9ebed86aab0583d9a49533
posix-cpu-timers: Fix permission check regression

The recent consolidation of the three permission checks introduced a subtle
regression. For timer_create() with a process wide timer it returns the
current task if the lookup through the PID which is encoded into the
clockid results in returning current.

That's broken because it does not validate whether the current task is the
group leader.

That was caused by the two different variants of permission checks:

  - posix_cpu_timer_get() allowed access to the process wide clock when the
    looked up task is current. That's not an issue because the process wide
    clock is in the shared sighand.

  - posix_cpu_timer_create() made sure that the looked up task is the group
    leader.

Restore the previous state.

Note, that these permission checks are more than questionable, but that's
subject to follow up changes.

Fixes: 6ae40e3fdcd3 ("posix-cpu-timers: Provide task validation functions")
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Frederic Weisbecker <frederic@kernel.org>
Link: https://lkml.kernel.org/r/alpine.DEB.2.21.1909052314110.1902@nanos.tec.linutronix.de
kernel/time/posix-cpu-timers.c