projects / platform / kernel / linux-rpi3.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 718567d)
Revert "WORKAROUND: security: smack: Allow ptracing even processes in onlycap set" 17/241917/1 accepted/tizen_6.0_unified accepted/tizen_6.0_unified_hotfix tizen_6.0 tizen_6.0_hotfix accepted/tizen/6.0/unified/20201030.104525 accepted/tizen/6.0/unified/hotfix/20201103.000028 accepted/tizen/unified/20200824.030014 submit/tizen/20200820.145124 submit/tizen_6.0/20201029.205501 submit/tizen_6.0_hotfix/20201102.192901 submit/tizen_6.0_hotfix/20201103.115101 tizen_6.0.m2_release
authorSeung-Woo Kim <sw0312.kim@samsung.com>
Fri, 21 Aug 2020 01:10:27 +0000 (10:10 +0900)
committerSeung-Woo Kim <sw0312.kim@samsung.com>
Fri, 21 Aug 2020 01:10:27 +0000 (10:10 +0900)
This reverts commit 718567d336d0b0943385905bb12707552d8bef66.

Now crash-worker has System::Privileged privilege, so not anymore
ptrace related workaround is necessary. So revert the workaround.

Change-Id: I42b535e4152eb742df011a5a08324764b49f989a
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
security/smack/smack_lsm.c patch | blob | history

diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index a4405f4..017c47e 100644 (file)
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -441,8 +441,6 @@ static int smk_ptrace_rule_check(struct task_struct *tracer,
                        rc = 0;
                else if (smack_ptrace_rule == SMACK_PTRACE_DRACONIAN)
                        rc = -EACCES;
-               else if (smack_ptrace_rule == SMACK_PTRACE_EXACT)
-                       rc = capable(CAP_SYS_PTRACE) != 0 ? 0 : -EACCES;
                else if (smack_privileged_cred(CAP_SYS_PTRACE, tracercred))
                        rc = 0;
                else
Domain: System / Kernel; Licenses: GPL-2.0;