On Sat, 22 Sep 2018, Peter Zijlstra wrote: > On Sat, Sep 22, 2018 at 11:53:14AM +0200, Thomas Gleixner wrote: > > +bool ptrace_may_access_sched(struct task_struct *task, unsigned int mode) > > +{ > > + struct mm_struct *mm; > > + int res; > > + > > + res = __ptrace_may_access_basic(task, mode); > > + if (res <= 0) > > + return !res; > > + > > + rcu_read_lock(); > > + res = __ptrace_may_access_cred(__task_cred(task), mode); > > rcu_read_unlock(); > > + if (res) > > + return false; > > + > > + mm = task->mm; > > + if (mm && get_dumpable(mm) != SUID_DUMP_USER) > > + return false; > > + return true; > > +} > > + > > +/* Returns 0 on success, -errno on denial. */ > > +static int __ptrace_may_access(struct task_struct *task, unsigned int mode) > > +{ > > + const struct cred *tcred; > > + struct mm_struct *mm; > > + int res; > > + > > + res = __ptrace_may_access_basic(task, mode); > > + if (res <= 0) > > + return res; > > + > > + rcu_read_lock(); > > + tcred = __task_cred(task); > > + res = __ptrace_may_access_cred(tcred, mode); > > + if (res > 0) > > + res = ptrace_has_cap(tcred->user_ns, mode) ? 0 : -EPERM; > > rcu_read_unlock(); > > + if (res < 0) > > + return res; > > + > > mm = task->mm; > > + if (mm && (get_dumpable(mm) != SUID_DUMP_USER && > > + !ptrace_has_cap(mm->user_ns, mode))) > > + return -EPERM; > > > > return security_ptrace_access_check(task, mode); > > } > > This has some unfortunate duplication. > > Lets go with it for now, but I'll see if I can do something about that > later.
Yes, I know. I tried to make the duplication smaller, but all attempts ended up being a convoluted mess. I'll try again after applying more coffee. Thanks, tglx