• Roland McGrath's avatar
    procfs: mem permission cleanup · 638fa202
    Roland McGrath authored
    This cleans up the permission checks done for /proc/PID/mem i/o calls.  It
    puts all the logic in a new function, check_mem_permission().
    
    The old code repeated the (!MAY_PTRACE(task) || !ptrace_may_attach(task))
    magical expression multiple times.  The new function does all that work in one
    place, with clear comments.
    
    The old code called security_ptrace() twice on successful checks, once in
    MAY_PTRACE() and once in __ptrace_may_attach().  Now it's only called once,
    and only if all other checks have succeeded.
    Signed-off-by: default avatarRoland McGrath <roland@redhat.com>
    Cc: Alexey Dobriyan <adobriyan@gmail.com>
    Cc: Oleg Nesterov <oleg@tv-sign.ru>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    638fa202
base.c 70.4 KB