projects / platform / kernel / linux-rpi3.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1672851)
WORKAROUND: security: smack: Allow ptracing even processes in onlycap set 09/240609/1 accepted/tizen/unified/20200810.123103 submit/tizen/20200810.050403
authorKarol Lewandowski <k.lewandowsk@samsung.com>
Fri, 7 Aug 2020 11:49:30 +0000 (13:49 +0200)
committerSeung-Woo Kim <sw0312.kim@samsung.com>
Mon, 10 Aug 2020 05:04:58 +0000 (14:04 +0900)
Change-Id: I708d19703da0f1b83950454fda1362bec7369b5c
Signed-off-by: Karol Lewandowski <k.lewandowsk@samsung.com>
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
security/smack/smack_lsm.c patch | blob | history

diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 017c47e..a4405f4 100644 (file)
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -441,6 +441,8 @@ static int smk_ptrace_rule_check(struct task_struct *tracer,
                        rc = 0;
                else if (smack_ptrace_rule == SMACK_PTRACE_DRACONIAN)
                        rc = -EACCES;
+               else if (smack_ptrace_rule == SMACK_PTRACE_EXACT)
+                       rc = capable(CAP_SYS_PTRACE) != 0 ? 0 : -EACCES;
                else if (smack_privileged_cred(CAP_SYS_PTRACE, tracercred))
                        rc = 0;
                else
Domain: System / Kernel; Licenses: GPL-2.0;