git.maquefel.me Git - linux.git/commit

author	Jon Doron <jond@wiz.io>
	Sun, 25 Sep 2022 07:04:31 +0000 (10:04 +0300)
committer	Andrii Nakryiko <andrii@kernel.org>
	Tue, 27 Sep 2022 04:38:32 +0000 (21:38 -0700)
commit	6a4ab8869d0bfcf83d7c5184561df8235553cf28
tree	c5097b79b9f57ab28cf3f5cc901b40249fa24e7c	tree \| snapshot
parent	9666a702657e25e33f03dd326341e0d79b974662	commit \| diff

libbpf: Fix the case of running as non-root with capabilities

When running rootless with special capabilities like:
FOWNER / DAC_OVERRIDE / DAC_READ_SEARCH

The "access" API will not make the proper check if there is really
access to a file or not.

>From the access man page:
"
The check is done using the calling process's real UID and GID, rather
than the effective IDs as is done when actually attempting an operation
(e.g., open(2)) on the file. Similarly, for the root user, the check
uses the set of permitted capabilities rather than the set of effective
capabilities; ***and for non-root users, the check uses an empty set of
capabilities.***
"

What that means is that for non-root user the access API will not do the
proper validation if the process really has permission to a file or not.

To resolve this this patch replaces all the access API calls with
faccessat with AT_EACCESS flag.

Signed-off-by: Jon Doron <jond@wiz.io>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/bpf/20220925070431.1313680-1-arilou@gmail.com

tools/lib/bpf/btf.c		diff \| blob \| history
tools/lib/bpf/libbpf.c		diff \| blob \| history
tools/lib/bpf/usdt.c		diff \| blob \| history