aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux/hooks.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/selinux/hooks.c')
-rw-r--r--security/selinux/hooks.c13
1 files changed, 11 insertions, 2 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index eca70f42e678..4be156334b22 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1686,14 +1686,23 @@ static inline u32 file_to_av(struct file *file)
1686 1686
1687/* Hook functions begin here. */ 1687/* Hook functions begin here. */
1688 1688
1689static int selinux_ptrace(struct task_struct *parent, struct task_struct *child) 1689static int selinux_ptrace(struct task_struct *parent,
1690 struct task_struct *child,
1691 unsigned int mode)
1690{ 1692{
1691 int rc; 1693 int rc;
1692 1694
1693 rc = secondary_ops->ptrace(parent, child); 1695 rc = secondary_ops->ptrace(parent, child, mode);
1694 if (rc) 1696 if (rc)
1695 return rc; 1697 return rc;
1696 1698
1699 if (mode == PTRACE_MODE_READ) {
1700 struct task_security_struct *tsec = parent->security;
1701 struct task_security_struct *csec = child->security;
1702 return avc_has_perm(tsec->sid, csec->sid,
1703 SECCLASS_FILE, FILE__READ, NULL);
1704 }
1705
1697 return task_has_perm(parent, child, PROCESS__PTRACE); 1706 return task_has_perm(parent, child, PROCESS__PTRACE);
1698} 1707}
1699 1708
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-15 19:06:43 -0500