summaryrefslogtreecommitdiffstats
path: root/kernel/ptrace.c
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2008-11-14 10:39:16 +1100
committerJames Morris <jmorris@namei.org>2008-11-14 10:39:16 +1100
commitb6dff3ec5e116e3af6f537d4caedcad6b9e5082a (patch)
tree9e76f972eb7ce9b84e0146c8e4126a3f86acb428 /kernel/ptrace.c
parent15a2460ed0af7538ca8e6c610fe607a2cd9da142 (diff)
downloadlinux-b6dff3ec5e116e3af6f537d4caedcad6b9e5082a.tar.gz
linux-b6dff3ec5e116e3af6f537d4caedcad6b9e5082a.tar.bz2
linux-b6dff3ec5e116e3af6f537d4caedcad6b9e5082a.zip
CRED: Separate task security context from task_struct
Separate the task security context from task_struct. At this point, the security data is temporarily embedded in the task_struct with two pointers pointing to it. Note that the Alpha arch is altered as it refers to (E)UID and (E)GID in entry.S via asm-offsets. With comment fixes Signed-off-by: Marc Dionne <marc.c.dionne@gmail.com> Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: James Morris <jmorris@namei.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'kernel/ptrace.c')
-rw-r--r--kernel/ptrace.c19
1 files changed, 10 insertions, 9 deletions
diff --git a/kernel/ptrace.c b/kernel/ptrace.c
index 937f6b5b2008..49849d12dd12 100644
--- a/kernel/ptrace.c
+++ b/kernel/ptrace.c
@@ -115,6 +115,8 @@ int ptrace_check_attach(struct task_struct *child, int kill)
int __ptrace_may_access(struct task_struct *task, unsigned int mode)
{
+ struct cred *cred = current->cred, *tcred = task->cred;
+
/* May we inspect the given task?
* This check is used both for attaching with ptrace
* and for allowing access to sensitive information in /proc.
@@ -123,19 +125,18 @@ int __ptrace_may_access(struct task_struct *task, unsigned int mode)
* because setting up the necessary parent/child relationship
* or halting the specified task is impossible.
*/
- uid_t uid;
- gid_t gid;
+ uid_t uid = cred->uid;
+ gid_t gid = cred->gid;
int dumpable = 0;
/* Don't let security modules deny introspection */
if (task == current)
return 0;
- current_uid_gid(&uid, &gid);
- if ((uid != task->euid ||
- uid != task->suid ||
- uid != task->uid ||
- gid != task->egid ||
- gid != task->sgid ||
- gid != task->gid) && !capable(CAP_SYS_PTRACE))
+ if ((uid != tcred->euid ||
+ uid != tcred->suid ||
+ uid != tcred->uid ||
+ gid != tcred->egid ||
+ gid != tcred->sgid ||
+ gid != tcred->gid) && !capable(CAP_SYS_PTRACE))
return -EPERM;
smp_rmb();
if (task->mm)