Introduce utrace_unsafe_exec() used by tracehook_unsafe_exec().
Currently the new helper just copies the old ->ptrace logic.
Whatever we do, we need something like this patch. Once we implement
anything which can be used by unprivileged user we should handle the
security problems, in particular we should worry about suid-execs.
---
include/linux/utrace.h | 2 ++
include/linux/tracehook.h | 10 +++++++---
kernel/utrace.c | 12 ++++++++++++
3 files changed, 21 insertions(+), 3 deletions(-)
--- RHEL6/include/linux/utrace.h~2_UNSAFE_EXEC 2010-01-03 16:53:22.000000000
+0100
+++ RHEL6/include/linux/utrace.h 2010-07-06 23:43:33.000000000 +0200
@@ -107,6 +107,8 @@ bool utrace_report_syscall_entry(struct
void utrace_report_syscall_exit(struct pt_regs *);
void utrace_signal_handler(struct task_struct *, int);
+int utrace_unsafe_exec(struct task_struct *);
+
#ifndef CONFIG_UTRACE
/*
--- RHEL6/include/linux/tracehook.h~2_UNSAFE_EXEC 2010-01-03
16:53:22.000000000 +0100
+++ RHEL6/include/linux/tracehook.h 2010-07-06 23:47:14.000000000 +0200
@@ -163,9 +163,13 @@ static inline void tracehook_report_sysc
*/
static inline int tracehook_unsafe_exec(struct task_struct *task)
{
- int unsafe = 0;
- int ptrace = task_ptrace(task);
- if (ptrace) {
+ int ptrace, unsafe = 0;
+
+ if (task_utrace_flags(task))
+ return utrace_unsafe_exec(task);
+
+ ptrace = task_ptrace(task);
+ if (ptrace & PT_PTRACED) {
if (ptrace & PT_PTRACE_CAP)
unsafe |= LSM_UNSAFE_PTRACE_CAP;
else
--- RHEL6/kernel/utrace.c~2_UNSAFE_EXEC 2010-07-06 22:47:28.000000000 +0200
+++ RHEL6/kernel/utrace.c 2010-07-06 23:55:14.000000000 +0200
@@ -2452,3 +2452,15 @@ void task_utrace_proc_status(struct seq_
{
seq_printf(m, "Utrace:\t%lx\n", p->utrace_flags);
}
+
+int utrace_unsafe_exec(struct task_struct *task)
+{
+ int unsafe = 0;
+
+ if (task->ptrace & PT_PTRACE_CAP)
+ unsafe = LSM_UNSAFE_PTRACE_CAP;
+ else if (task->ptrace)
+ unsafe = LSM_UNSAFE_PTRACE;
+
+ return unsafe;
+}
