diff options
| author | Tejun Heo <tj@kernel.org> | 2011-06-17 10:50:38 -0400 |
|---|---|---|
| committer | Oleg Nesterov <oleg@redhat.com> | 2011-06-22 13:26:29 -0400 |
| commit | 4b9d33e6d83cc05a8005a8f9a8b9677fa0f53626 (patch) | |
| tree | 250b740d22f9604326ecfd769dd2f74d60187a19 /include/linux/tracehook.h | |
| parent | a288eecce5253cc1565d400a52b9b476a157e040 (diff) | |
ptrace: kill clone/exec tracehooks
At this point, tracehooks aren't useful to mainline kernel and mostly
just add an extra layer of obfuscation. Although they have comments,
without actual in-kernel users, it is difficult to tell what are their
assumptions and they're actually trying to achieve. To mainline
kernel, they just aren't worth keeping around.
This patch kills the following clone and exec related tracehooks.
tracehook_prepare_clone()
tracehook_finish_clone()
tracehook_report_clone()
tracehook_report_clone_complete()
tracehook_unsafe_exec()
The changes are mostly trivial - logic is moved to the caller and
comments are merged and adjusted appropriately.
The only exception is in check_unsafe_exec() where LSM_UNSAFE_PTRACE*
are OR'd to bprm->unsafe instead of setting it, which produces the
same result as the field is always zero on entry. It also tests
p->ptrace instead of (p->ptrace & PT_PTRACED) for consistency, which
also gives the same result.
This doesn't introduce any behavior change.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Christoph Hellwig <hch@infradead.org>
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Diffstat (limited to 'include/linux/tracehook.h')
| -rw-r--r-- | include/linux/tracehook.h | 121 |
1 files changed, 0 insertions, 121 deletions
diff --git a/include/linux/tracehook.h b/include/linux/tracehook.h index 8b06d4f2b81..bcc4ca762ae 100644 --- a/include/linux/tracehook.h +++ b/include/linux/tracehook.h | |||
| @@ -130,27 +130,6 @@ static inline void tracehook_report_syscall_exit(struct pt_regs *regs, int step) | |||
| 130 | } | 130 | } |
| 131 | 131 | ||
| 132 | /** | 132 | /** |
| 133 | * tracehook_unsafe_exec - check for exec declared unsafe due to tracing | ||
| 134 | * @task: current task doing exec | ||
| 135 | * | ||
| 136 | * Return %LSM_UNSAFE_* bits applied to an exec because of tracing. | ||
| 137 | * | ||
| 138 | * @task->signal->cred_guard_mutex is held by the caller through the do_execve(). | ||
| 139 | */ | ||
| 140 | static inline int tracehook_unsafe_exec(struct task_struct *task) | ||
| 141 | { | ||
| 142 | int unsafe = 0; | ||
| 143 | int ptrace = task->ptrace; | ||
| 144 | if (ptrace & PT_PTRACED) { | ||
| 145 | if (ptrace & PT_PTRACE_CAP) | ||
| 146 | unsafe |= LSM_UNSAFE_PTRACE_CAP; | ||
| 147 | else | ||
| 148 | unsafe |= LSM_UNSAFE_PTRACE; | ||
| 149 | } | ||
| 150 | return unsafe; | ||
| 151 | } | ||
| 152 | |||
| 153 | /** | ||
| 154 | * tracehook_tracer_task - return the task that is tracing the given task | 133 | * tracehook_tracer_task - return the task that is tracing the given task |
| 155 | * @tsk: task to consider | 134 | * @tsk: task to consider |
| 156 | * | 135 | * |
| @@ -169,106 +148,6 @@ static inline struct task_struct *tracehook_tracer_task(struct task_struct *tsk) | |||
| 169 | } | 148 | } |
| 170 | 149 | ||
| 171 | /** | 150 | /** |
| 172 | * tracehook_prepare_clone - prepare for new child to be cloned | ||
| 173 | * @clone_flags: %CLONE_* flags from clone/fork/vfork system call | ||
| 174 | * | ||
| 175 | * This is called before a new user task is to be cloned. | ||
| 176 | * Its return value will be passed to tracehook_finish_clone(). | ||
| 177 | * | ||
| 178 | * Called with no locks held. | ||
| 179 | */ | ||
| 180 | static inline int tracehook_prepare_clone(unsigned clone_flags) | ||
| 181 | { | ||
| 182 | int event = 0; | ||
| 183 | |||
| 184 | if (clone_flags & CLONE_UNTRACED) | ||
| 185 | return 0; | ||
| 186 | |||
| 187 | if (clone_flags & CLONE_VFORK) | ||
| 188 | event = PTRACE_EVENT_VFORK; | ||
| 189 | else if ((clone_flags & CSIGNAL) != SIGCHLD) | ||
| 190 | event = PTRACE_EVENT_CLONE; | ||
| 191 | else | ||
| 192 | event = PTRACE_EVENT_FORK; | ||
| 193 | |||
| 194 | return ptrace_event_enabled(current, event) ? event : 0; | ||
| 195 | } | ||
| 196 | |||
| 197 | /** | ||
| 198 | * tracehook_finish_clone - new child created and being attached | ||
| 199 | * @child: new child task | ||
| 200 | * @clone_flags: %CLONE_* flags from clone/fork/vfork system call | ||
| 201 | * @trace: return value from tracehook_prepare_clone() | ||
| 202 | * | ||
| 203 | * This is called immediately after adding @child to its parent's children list. | ||
| 204 | * The @trace value is that returned by tracehook_prepare_clone(). | ||
| 205 | * | ||
| 206 | * Called with current's siglock and write_lock_irq(&tasklist_lock) held. | ||
| 207 | */ | ||
| 208 | static inline void tracehook_finish_clone(struct task_struct *child, | ||
| 209 | unsigned long clone_flags, int trace) | ||
| 210 | { | ||
| 211 | ptrace_init_task(child, (clone_flags & CLONE_PTRACE) || trace); | ||
| 212 | } | ||
| 213 | |||
| 214 | /** | ||
| 215 | * tracehook_report_clone - in parent, new child is about to start running | ||
| 216 | * @regs: parent's user register state | ||
| 217 | * @clone_flags: flags from parent's system call | ||
| 218 | * @pid: new child's PID in the parent's namespace | ||
| 219 | * @child: new child task | ||
| 220 | * | ||
| 221 | * Called after a child is set up, but before it has been started running. | ||
| 222 | * This is not a good place to block, because the child has not started | ||
| 223 | * yet. Suspend the child here if desired, and then block in | ||
| 224 | * tracehook_report_clone_complete(). This must prevent the child from | ||
| 225 | * self-reaping if tracehook_report_clone_complete() uses the @child | ||
| 226 | * pointer; otherwise it might have died and been released by the time | ||
| 227 | * tracehook_report_clone_complete() is called. | ||
| 228 | * | ||
| 229 | * Called with no locks held, but the child cannot run until this returns. | ||
| 230 | */ | ||
| 231 | static inline void tracehook_report_clone(struct pt_regs *regs, | ||
| 232 | unsigned long clone_flags, | ||
| 233 | pid_t pid, struct task_struct *child) | ||
| 234 | { | ||
| 235 | if (unlikely(child->ptrace)) { | ||
| 236 | /* | ||
| 237 | * It doesn't matter who attached/attaching to this | ||
| 238 | * task, the pending SIGSTOP is right in any case. | ||
| 239 | */ | ||
| 240 | sigaddset(&child->pending.signal, SIGSTOP); | ||
| 241 | set_tsk_thread_flag(child, TIF_SIGPENDING); | ||
| 242 | } | ||
| 243 | } | ||
| 244 | |||
| 245 | /** | ||
| 246 | * tracehook_report_clone_complete - new child is running | ||
| 247 | * @trace: return value from tracehook_prepare_clone() | ||
| 248 | * @regs: parent's user register state | ||
| 249 | * @clone_flags: flags from parent's system call | ||
| 250 | * @pid: new child's PID in the parent's namespace | ||
| 251 | * @child: child task, already running | ||
| 252 | * | ||
| 253 | * This is called just after the child has started running. This is | ||
| 254 | * just before the clone/fork syscall returns, or blocks for vfork | ||
| 255 | * child completion if @clone_flags has the %CLONE_VFORK bit set. | ||
| 256 | * The @child pointer may be invalid if a self-reaping child died and | ||
| 257 | * tracehook_report_clone() took no action to prevent it from self-reaping. | ||
| 258 | * | ||
| 259 | * Called with no locks held. | ||
| 260 | */ | ||
| 261 | static inline void tracehook_report_clone_complete(int trace, | ||
| 262 | struct pt_regs *regs, | ||
| 263 | unsigned long clone_flags, | ||
| 264 | pid_t pid, | ||
| 265 | struct task_struct *child) | ||
| 266 | { | ||
| 267 | if (unlikely(trace)) | ||
| 268 | ptrace_event(trace, pid); | ||
| 269 | } | ||
| 270 | |||
| 271 | /** | ||
| 272 | * tracehook_signal_handler - signal handler setup is complete | 151 | * tracehook_signal_handler - signal handler setup is complete |
| 273 | * @sig: number of signal being delivered | 152 | * @sig: number of signal being delivered |
| 274 | * @info: siginfo_t of signal being delivered | 153 | * @info: siginfo_t of signal being delivered |