6896514 tss code doesn't do correct privilege check when using mlock
authorDan Anderson <dan.anderson@oracle.com>
Mon, 23 Apr 2012 09:17:24 -0700
changeset 791 4b6378a2fe0a
parent 790 dcdb1da2980b
child 792 5aa7760aa098
6896514 tss code doesn't do correct privilege check when using mlock 7162897 tcsd daemon goes into maintenance mode after reboot
components/trousers/patches/tcsd_svrside.c.patch
components/trousers/patches/tspi_tsp_policy.c.patch
--- a/components/trousers/patches/tcsd_svrside.c.patch	Mon Apr 23 09:12:44 2012 -0700
+++ b/components/trousers/patches/tcsd_svrside.c.patch	Mon Apr 23 09:17:24 2012 -0700
@@ -1,5 +1,5 @@
 --- src/tcsd/svrside.c	2010-06-09 13:19:00.000000000 -0700
-+++ src/tcsd/svrside.c	2012-04-11 14:37:28.993408000 -0700
++++ src/tcsd/svrside.c	2012-04-19 11:27:31.232524632 -0700
 @@ -27,6 +27,15 @@
  #include <arpa/inet.h>
  #include <errno.h>
@@ -210,7 +210,7 @@
  	char *hostname = NULL;
  	struct passwd *pwd;
  	struct hostent *client_hostent = NULL;
[email protected]@ -245,26 +418,49 @@
[email protected]@ -245,26 +418,50 @@
  	if ((result = tcsd_startup()))
  		return (int)result;
  
@@ -231,6 +231,7 @@
 +		serv_addr.un.sun_family = AF_UNIX;
 +		strncpy(serv_addr.un.sun_path, TCSD_DEFAULT_SOCKET,
 +			sizeof (serv_addr.un.sun_path));
++		(void) unlink(TCSD_DEFAULT_SOCKET);
 +
 +	} else { /* TCP socket */
 +		sd = socket(AF_INET, SOCK_STREAM, 0);
@@ -279,7 +280,7 @@
  		LogError("Failed bind: %s", strerror(errno));
  		return -1;
  	}
[email protected]@ -285,7 +481,6 @@
[email protected]@ -285,7 +482,6 @@
  		LogError("Failed listen: %s", strerror(errno));
  		return -1;
  	}
@@ -287,7 +288,7 @@
  	
  	if (getenv("TCSD_FOREGROUND") == NULL) {
  		if (daemon(0, 0) == -1) {
[email protected]@ -295,6 +490,12 @@
[email protected]@ -295,6 +491,12 @@
  		}
  	}
  
@@ -300,7 +301,7 @@
  	LogInfo("%s: TCSD up and running.", PACKAGE_STRING);
  	do {
  		newsd = accept(sd, (struct sockaddr *) &client_addr, &client_len);
[email protected]@ -314,20 +515,22 @@
[email protected]@ -314,20 +516,22 @@
  		}
  		LogDebug("accepted socket %i", newsd);
  
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/trousers/patches/tspi_tsp_policy.c.patch	Mon Apr 23 09:17:24 2012 -0700
@@ -0,0 +1,40 @@
+--- src/tspi/tsp_policy.c	2010-05-01 19:39:11.000000000 -0700
++++ src/tspi/tsp_policy.c	2012-04-20 18:10:16.757128000 -0700
[email protected]@ -86,15 +86,13 @@
+ int
+ pin_mem(void *addr, size_t len)
+ {
+-	/* only root can lock pages into RAM */
+-	if (getuid() != (uid_t)0) {
+-		LogWarn("Not pinning secrets in memory due to insufficient perms.");
+-		return 0;
+-	}
+-
+ 	len += (uintptr_t)addr & PGOFFSET;
+ 	addr = (void *)((uintptr_t)addr & PGMASK);
+ 	if (mlock(addr, len) == -1) {
++		if (errno == EPERM) {
++			LogWarn("Not pinning secrets in memory due to insufficient perms.");
++			return 0;
++		}
+ 		LogError("mlock: %s", strerror(errno));
+ 		return 1;
+ 	}
[email protected]@ -105,14 +103,12 @@
+ int
+ unpin_mem(void *addr, size_t len)
+ {
+-	/* only root can lock pages into RAM */
+-	if (getuid() != (uid_t)0) {
+-		return 0;
+-	}
+-
+ 	len += (uintptr_t)addr & PGOFFSET;
+ 	addr = (void *)((uintptr_t)addr & PGMASK);
+ 	if (munlock(addr, len) == -1) {
++		if (errno == EPERM) {
++			return 0;
++		}
+ 		LogError("mlock: %s", strerror(errno));
+ 		return 1;
+ 	}