• Eric W. Biederman's avatar
    [PATCH] proc: Cleanup proc_fd_access_allowed · df26c40e
    Eric W. Biederman authored
    In process of getting proc_fd_access_allowed to work it has developed a few
    warts.  In particular the special case that always allows introspection and
    the special case to allow inspection of kernel threads.
    
    The special case for introspection is needed for /proc/self/mem.
    
    The special case for kernel threads really should be overridable
    by security modules.
    
    So consolidate these checks into ptrace.c:may_attach().
    
    The check to always allow introspection is trivial.
    
    The check to allow access to kernel threads, and zombies is a little
    trickier.  mem_read and mem_write already verify an mm exists so it isn't
    needed twice.  proc_fd_access_allowed only doesn't want a check to verify
    task->mm exits, s it prevents all access to kernel threads.  So just move
    the task->mm check into ptrace_attach where it is needed for practical
    reasons.
    
    I did a quick audit and none of the security modules in the kernel seem to
    care if they are passed a task without an mm into security_ptrace.  So the
    above move should be safe and it allows security modules to come up with
    more restrictive policy.
    Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
    Cc: Stephen Smalley <sds@tycho.nsa.gov>
    Cc: Chris Wright <chrisw@sous-sol.org>
    Cc: James Morris <jmorris@namei.org>
    Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
    df26c40e
base.c 55.6 KB