On Thu, 4 Oct 2018, Jann Horn wrote:
> > Well, we can't really call out into audit from scheduler code, and the
> > previous versions of the patchsets didn't have PTRACE_MODE_SCHED, so it
> > had to be included in PTRACE_MODE_IBPB in order to make sure we're not
> > calling into audit from
On Thu, 27 Sep 2018, Jann Horn wrote:
> > Yes. Since the PTRACE_MODE_NOAUDIT was in PTRACE_MODE_IBPB in Jiri's
> > previous patch set and not in PTRACE_MODE_SCHED in this one I assumed
> > that there was a good reason for it.
>
> Jiri, was there a good reason for it, and if so, what was it?
[
On Thu, Oct 4, 2018 at 9:47 AM Jiri Kosina wrote:
> On Thu, 27 Sep 2018, Jann Horn wrote:
> > > Yes. Since the PTRACE_MODE_NOAUDIT was in PTRACE_MODE_IBPB in Jiri's
> > > previous patch set and not in PTRACE_MODE_SCHED in this one I assumed
> > > that there was a good reason for it.
> >
> > Jiri,
On Wed, Sep 26, 2018 at 10:35 PM Casey Schaufler
wrote:
> A ptrace access check with mode PTRACE_MODE_SCHED gets called
> from process switching code. This precludes the use of audit,
> as the locking is incompatible. Don't do audit in the PTRACE_MODE_SCHED
> case.
>
> Signed-off-by: Casey
Dock, Deneen T ;
> kris...@linux.intel.com; Arjan van de Ven
> Subject: Re: [PATCH v5 2/5] Smack: Prepare for PTRACE_MODE_SCHED
>
> On Wed, Sep 26, 2018 at 10:35 PM Casey Schaufler
> wrote:
> > A ptrace access check with mode PTRACE_MODE_SCHED gets called
> > from proc
> ; linux-security-module > mod...@vger.kernel.org>; selinux@tycho.nsa.gov; Hansen, Dave
> > ; Dock, Deneen T ;
> > kris...@linux.intel.com; Arjan van de Ven
> > Subject: Re: [PATCH v5 2/5] Smack: Prepare for PTRACE_MODE_SCHED
> >
> > On Wed, Sep 26, 2018 at 10
From: Casey Schaufler
A ptrace access check with mode PTRACE_MODE_SCHED gets called
from process switching code. This precludes the use of audit,
as the locking is incompatible. Don't do audit in the PTRACE_MODE_SCHED
case.
Signed-off-by: Casey Schaufler
---
security/smack/smack_lsm.c | 3 ++-