iMX/i2som-imx-linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

security: Fix mode test in selinux_ptrace_access_check()

Browse Source 
Commit 1c8d42255f "ptrace: use fsuid, fsgid, effective creds for fs access
checks" added flags to the ptrace mode which need to be ignored here.

This change was made upstream in 3.3 as part of commit 69f594a389
"ptrace: do not audit capability check when outputing /proc/pid/stat", but
that's probably not suitable for stable due to its dependencies.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
This commit is contained in:
Ben Hutchings
2017-12-19 23:35:38 +00:00
parent 13b86808f7
commit 9015cf5eb1
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
security/selinux/hooks.c
View File

@ -1845,7 +1845,7 @@ static int selinux_ptrace_access_check(struct task_struct *child,
if (rc)
return rc;
if (mode == PTRACE_MODE_READ) {
if (mode & PTRACE_MODE_READ) {
u32 sid = current_sid();
u32 csid = task_sid(child);
return avc_has_perm(sid, csid, SECCLASS_FILE, FILE__READ, NULL);