Smack: Ptrace access check mode

When the ptrace security hooks were split the addition of
a mode parameter was not taken advantage of in the Smack
ptrace access check. This changes the access check from
always looking for read and write access to using the
passed mode. This will make use of /proc much happier.

Targeted for git://git.gitorious.org/smack-next/kernel.git

Change-Id: I979f36da1b26d0fba5d73744f340422aaae5cc74
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>

diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 88d366e55793fba5beb255fc6acbcddc2eaf40f6..b0be893ad44d52bd0f062a1747199330c4d6940d 100644 (file)
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -185,7 +185,7 @@ static int smack_ptrace_access_check(struct task_struct *ctp, unsigned int mode)
        smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK);
        smk_ad_setfield_u_tsk(&ad, ctp);
 
-       rc = smk_curacc(skp->smk_known, MAY_READWRITE, &ad);
+       rc = smk_curacc(skp->smk_known, mode, &ad);
        return rc;
 }