aboutsummaryrefslogtreecommitdiffstats
path: root/fs/proc
diff options
context:
space:
mode:
authorRoland McGrath <roland@redhat.com>2008-07-25 22:45:49 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2008-07-26 15:00:08 -0400
commit0d094efeb1e98010c6b99923f1eb7e17bf1e3a74 (patch)
tree6ee271b6da5796e5321d2ab6f9d7d9ba03c300a2 /fs/proc
parentdae33574dcf5211e1f43c7e45fa29f73ba3e00cb (diff)
tracehook: tracehook_tracer_task
This adds the tracehook_tracer_task() hook to consolidate all forms of "Who is using ptrace on me?" logic. This is used for "TracerPid:" in /proc and for permission checks. We also clean up the selinux code the called an identical accessor. Signed-off-by: Roland McGrath <roland@redhat.com> Cc: Oleg Nesterov <oleg@tv-sign.ru> Reviewed-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs/proc')
-rw-r--r--fs/proc/array.c9
-rw-r--r--fs/proc/base.c13
2 files changed, 16 insertions, 6 deletions
diff --git a/fs/proc/array.c b/fs/proc/array.c
index 797d775e035..0d6eb33597c 100644
--- a/fs/proc/array.c
+++ b/fs/proc/array.c
@@ -80,6 +80,7 @@
80#include <linux/delayacct.h> 80#include <linux/delayacct.h>
81#include <linux/seq_file.h> 81#include <linux/seq_file.h>
82#include <linux/pid_namespace.h> 82#include <linux/pid_namespace.h>
83#include <linux/tracehook.h>
83 84
84#include <asm/pgtable.h> 85#include <asm/pgtable.h>
85#include <asm/processor.h> 86#include <asm/processor.h>
@@ -168,8 +169,12 @@ static inline void task_state(struct seq_file *m, struct pid_namespace *ns,
168 rcu_read_lock(); 169 rcu_read_lock();
169 ppid = pid_alive(p) ? 170 ppid = pid_alive(p) ?
170 task_tgid_nr_ns(rcu_dereference(p->real_parent), ns) : 0; 171 task_tgid_nr_ns(rcu_dereference(p->real_parent), ns) : 0;
171 tpid = pid_alive(p) && p->ptrace ? 172 tpid = 0;
172 task_pid_nr_ns(rcu_dereference(p->parent), ns) : 0; 173 if (pid_alive(p)) {
174 struct task_struct *tracer = tracehook_tracer_task(p);
175 if (tracer)
176 tpid = task_pid_nr_ns(tracer, ns);
177 }
173 seq_printf(m, 178 seq_printf(m,
174 "State:\t%s\n" 179 "State:\t%s\n"
175 "Tgid:\t%d\n" 180 "Tgid:\t%d\n"
diff --git a/fs/proc/base.c b/fs/proc/base.c
index a891fe4cb43..4b74dba69a6 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -69,6 +69,7 @@
69#include <linux/mount.h> 69#include <linux/mount.h>
70#include <linux/security.h> 70#include <linux/security.h>
71#include <linux/ptrace.h> 71#include <linux/ptrace.h>
72#include <linux/tracehook.h>
72#include <linux/cgroup.h> 73#include <linux/cgroup.h>
73#include <linux/cpuset.h> 74#include <linux/cpuset.h>
74#include <linux/audit.h> 75#include <linux/audit.h>
@@ -231,10 +232,14 @@ static int check_mem_permission(struct task_struct *task)
231 * If current is actively ptrace'ing, and would also be 232 * If current is actively ptrace'ing, and would also be
232 * permitted to freshly attach with ptrace now, permit it. 233 * permitted to freshly attach with ptrace now, permit it.
233 */ 234 */
234 if (task->parent == current && (task->ptrace & PT_PTRACED) && 235 if (task_is_stopped_or_traced(task)) {
235 task_is_stopped_or_traced(task) && 236 int match;
236 ptrace_may_access(task, PTRACE_MODE_ATTACH)) 237 rcu_read_lock();
237 return 0; 238 match = (tracehook_tracer_task(task) == current);
239 rcu_read_unlock();
240 if (match && ptrace_may_access(task, PTRACE_MODE_ATTACH))
241 return 0;
242 }
238 243
239 /* 244 /*
240 * Noone else is allowed. 245 * Noone else is allowed.