projects / platform / kernel / kernel-clovertrail.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 910a836)
Smack: Ptrace access check mode 64/14364/1
authorCasey Schaufler <casey@schaufler-ca.com>
Tue, 22 Oct 2013 18:47:45 +0000 (11:47 -0700)
committerYin Kangkai <kangkai.yin@intel.com>
Fri, 3 Jan 2014 16:05:19 +0000 (00:05 +0800)
When the ptrace security hooks were split the addition of
a mode parameter was not taken advantage of in the Smack
ptrace access check. This changes the access check from
always looking for read and write access to using the
passed mode. This will make use of /proc much happier.

Targeted for git://git.gitorious.org/smack-next/kernel.git

Change-Id: I979f36da1b26d0fba5d73744f340422aaae5cc74
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Ɓukasz Stelmach <l.stelmach@samsung.com>
(cherry picked from commit dfb6577817caddd151dda1c4a3be2d2b314fba57)
Signed-off-by: Yin Kangkai <kangkai.yin@intel.com>
security/smack/smack_lsm.c patch | blob | history

diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 8264ec8..ffd6492 100644 (file)
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -185,7 +185,7 @@ static int smack_ptrace_access_check(struct task_struct *ctp, unsigned int mode)
        smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK);
        smk_ad_setfield_u_tsk(&ad, ctp);
 
-       rc = smk_curacc(skp->smk_known, MAY_READWRITE, &ad);
+       rc = smk_curacc(skp->smk_known, mode, &ad);
        return rc;
 }
 
Domain: System / Uncategorized;