aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux/hooks.c
diff options
context:
space:
mode:
authorRoland McGrath <roland@redhat.com>2008-07-25 22:45:49 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2008-07-26 15:00:08 -0400
commit0d094efeb1e98010c6b99923f1eb7e17bf1e3a74 (patch)
tree6ee271b6da5796e5321d2ab6f9d7d9ba03c300a2 /security/selinux/hooks.c
parentdae33574dcf5211e1f43c7e45fa29f73ba3e00cb (diff)
tracehook: tracehook_tracer_task
This adds the tracehook_tracer_task() hook to consolidate all forms of "Who is using ptrace on me?" logic. This is used for "TracerPid:" in /proc and for permission checks. We also clean up the selinux code the called an identical accessor. Signed-off-by: Roland McGrath <roland@redhat.com> Cc: Oleg Nesterov <oleg@tv-sign.ru> Reviewed-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'security/selinux/hooks.c')
-rw-r--r--security/selinux/hooks.c22
1 files changed, 3 insertions, 19 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 63f131fc42e4..3481cde5bf15 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -25,7 +25,7 @@
25 25
26#include <linux/init.h> 26#include <linux/init.h>
27#include <linux/kernel.h> 27#include <linux/kernel.h>
28#include <linux/ptrace.h> 28#include <linux/tracehook.h>
29#include <linux/errno.h> 29#include <linux/errno.h>
30#include <linux/sched.h> 30#include <linux/sched.h>
31#include <linux/security.h> 31#include <linux/security.h>
@@ -1971,22 +1971,6 @@ static int selinux_vm_enough_memory(struct mm_struct *mm, long pages)
1971 return __vm_enough_memory(mm, pages, cap_sys_admin); 1971 return __vm_enough_memory(mm, pages, cap_sys_admin);
1972} 1972}
1973 1973
1974/**
1975 * task_tracer_task - return the task that is tracing the given task
1976 * @task: task to consider
1977 *
1978 * Returns NULL if noone is tracing @task, or the &struct task_struct
1979 * pointer to its tracer.
1980 *
1981 * Must be called under rcu_read_lock().
1982 */
1983static struct task_struct *task_tracer_task(struct task_struct *task)
1984{
1985 if (task->ptrace & PT_PTRACED)
1986 return rcu_dereference(task->parent);
1987 return NULL;
1988}
1989
1990/* binprm security operations */ 1974/* binprm security operations */
1991 1975
1992static int selinux_bprm_alloc_security(struct linux_binprm *bprm) 1976static int selinux_bprm_alloc_security(struct linux_binprm *bprm)
@@ -2238,7 +2222,7 @@ static void selinux_bprm_apply_creds(struct linux_binprm *bprm, int unsafe)
2238 u32 ptsid = 0; 2222 u32 ptsid = 0;
2239 2223
2240 rcu_read_lock(); 2224 rcu_read_lock();
2241 tracer = task_tracer_task(current); 2225 tracer = tracehook_tracer_task(current);
2242 if (likely(tracer != NULL)) { 2226 if (likely(tracer != NULL)) {
2243 sec = tracer->security; 2227 sec = tracer->security;
2244 ptsid = sec->sid; 2228 ptsid = sec->sid;
@@ -5247,7 +5231,7 @@ static int selinux_setprocattr(struct task_struct *p,
5247 Otherwise, leave SID unchanged and fail. */ 5231 Otherwise, leave SID unchanged and fail. */
5248 task_lock(p); 5232 task_lock(p);
5249 rcu_read_lock(); 5233 rcu_read_lock();
5250 tracer = task_tracer_task(p); 5234 tracer = tracehook_tracer_task(p);
5251 if (tracer != NULL) { 5235 if (tracer != NULL) {
5252 struct task_security_struct *ptsec = tracer->security; 5236 struct task_security_struct *ptsec = tracer->security;
5253 u32 ptsid = ptsec->sid; 5237 u32 ptsid = ptsec->sid;