From: Jann Horn Date: Wed, 20 Jan 2016 23:00:01 +0000 (-0800) Subject: BACKPORT: security: let security modules use PTRACE_MODE_* with bitmasks X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=6b1ad9ab2f5dde6ebdf656598a6b60a0096cd2ef;p=platform%2Fkernel%2Flinux-stable.git BACKPORT: security: let security modules use PTRACE_MODE_* with bitmasks It looks like smack and yama weren't aware that the ptrace mode can have flags ORed into it - PTRACE_MODE_NOAUDIT until now, but only for /proc/$pid/stat, and with the PTRACE_MODE_*CREDS patch, all modes have flags ORed into them. Signed-off-by: Jann Horn Acked-by: Kees Cook Acked-by: Casey Schaufler Cc: Oleg Nesterov Cc: Ingo Molnar Cc: James Morris Cc: "Serge E. Hallyn" Cc: Andy Shevchenko Cc: Andy Lutomirski Cc: Al Viro Cc: "Eric W. Biederman" Cc: Willy Tarreau Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds (cherry-picked from upstream 3dfb7d8cdbc7ea0c2970450e60818bb3eefbad69) --- diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index b1eddcec70c9..d4f96c9bacf7 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -398,12 +398,10 @@ static int smk_copy_relabel(struct list_head *nhead, struct list_head *ohead, */ static inline unsigned int smk_ptrace_mode(unsigned int mode) { - switch (mode) { - case PTRACE_MODE_READ: - return MAY_READ; - case PTRACE_MODE_ATTACH: + if (mode & PTRACE_MODE_ATTACH) return MAY_READWRITE; - } + if (mode & PTRACE_MODE_READ) + return MAY_READ; return 0; } diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c index c7bdfd77eda7..653d5c834a8b 100644 --- a/security/yama/yama_lsm.c +++ b/security/yama/yama_lsm.c @@ -240,7 +240,7 @@ static int yama_ptrace_access_check(struct task_struct *child, int rc = 0; /* require ptrace target be a child of ptracer on attach */ - if (mode == PTRACE_MODE_ATTACH && + if (mode & PTRACE_MODE_ATTACH && ptrace_scope && !task_is_descendant(current, child) && !ptracer_exception_found(current, child) &&