From patchwork Thu Jul 31 03:26:49 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Damian Hobson-Garcia X-Patchwork-Id: 4653061 Return-Path: X-Original-To: patchwork-ltsi-dev@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.19.201]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 70AEFC0338 for ; Thu, 31 Jul 2014 03:28:19 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id A9FCB201B4 for ; Thu, 31 Jul 2014 03:28:18 +0000 (UTC) Received: from mail.linuxfoundation.org (mail.linuxfoundation.org [140.211.169.12]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 8D9812015E for ; Thu, 31 Jul 2014 03:28:17 +0000 (UTC) Received: from mail.linux-foundation.org (localhost [IPv6:::1]) by mail.linuxfoundation.org (Postfix) with ESMTP id 5FDEAA4D; Thu, 31 Jul 2014 03:27:18 +0000 (UTC) X-Original-To: ltsi-dev@lists.linuxfoundation.org Delivered-To: ltsi-dev@mail.linuxfoundation.org Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 7587CAEB for ; Thu, 31 Jul 2014 03:27:17 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-pa0-f41.google.com (mail-pa0-f41.google.com [209.85.220.41]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 1EB3F1FD2D for ; Thu, 31 Jul 2014 03:27:17 +0000 (UTC) Received: by mail-pa0-f41.google.com with SMTP id rd3so2770278pab.0 for ; Wed, 30 Jul 2014 20:27:16 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references; bh=Nu73IUsovjU2TKScOHJJX4Fd6pmhLIFc9EILGx7s50A=; b=Ay6kk8XpV9tIFkFOHLbgntJr9DK0xJRPQO0d07M8wclH6YyPCDfnyVgkZu9lXgaKgC yEFTcmF4UqbinE9/IVd/ICRzFiPMTTnd9xi50qqJPSe21TdOwfzxwNjJ33h4LSJQEpYl YwjxlQAqSV4NTYQp2xcb6OnzXhtXKfsPwEItFqUBtyl6ZyIWAMBnmrnNWdAYjWtBq7fy ifTSRpjCkKSlXuX74+XLbmnCQGy7X3AvVqCJm3BNzW42TrrF9jCBqgP+4sLplEPBF5Co 1lj6ZwYZDO77ggbp97WiEcjj48bQAu67Ht4eNMSsG9rglD1WUUzSNQO4AH14cFUyXAEu yEew== X-Gm-Message-State: ALoCoQmE03PrNpfKLTtLI1ZGMgjrUCMVXuv4kkOTHeZPs9aDJvn/AocYXd5Qv74Gd+4lArCfIeJV X-Received: by 10.66.161.194 with SMTP id xu2mr1233295pab.128.1406777236897; Wed, 30 Jul 2014 20:27:16 -0700 (PDT) Received: from v400.hq.igel.co.jp (napt.igel.co.jp. [219.106.231.132]) by mx.google.com with ESMTPSA id d13sm3843861pbu.72.2014.07.30.20.27.15 for (version=TLSv1.1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 30 Jul 2014 20:27:16 -0700 (PDT) From: Damian Hobson-Garcia To: ltsi-dev@lists.linuxfoundation.org Date: Thu, 31 Jul 2014 12:26:49 +0900 Message-Id: <1406777210-28425-16-git-send-email-dhobsong@igel.co.jp> X-Mailer: git-send-email 1.7.9.5 In-Reply-To: <1406777210-28425-1-git-send-email-dhobsong@igel.co.jp> References: <1406777210-28425-1-git-send-email-dhobsong@igel.co.jp> X-Spam-Status: No, score=-4.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_MED, RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org Subject: [LTSI-dev] [PATCH 15/16] Smack: Ptrace access check mode X-BeenThere: ltsi-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: "A list to discuss patches, development, and other things related to the LTSI project" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: ltsi-dev-bounces@lists.linuxfoundation.org Errors-To: ltsi-dev-bounces@lists.linuxfoundation.org X-Virus-Scanned: ClamAV using ClamSMTP From: Casey Schaufler When the ptrace security hooks were split the addition of a mode parameter was not taken advantage of in the Smack ptrace access check. This changes the access check from always looking for read and write access to using the passed mode. This will make use of /proc much happier. Targeted for git://git.gitorious.org/smack-next/kernel.git Signed-off-by: Casey Schaufler (cherry picked from commit b5dfd8075bc26636d11c3d8888940198afbf5112) Signed-off-by: Damian Hobson-Garcia Signed-off-by: Tomohito Esaki --- security/smack/smack_lsm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 88d366e5..b0be893 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -185,7 +185,7 @@ static int smack_ptrace_access_check(struct task_struct *ctp, unsigned int mode) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK); smk_ad_setfield_u_tsk(&ad, ctp); - rc = smk_curacc(skp->smk_known, MAY_READWRITE, &ad); + rc = smk_curacc(skp->smk_known, mode, &ad); return rc; }