summaryrefslogtreecommitdiff
path: root/include/linux
diff options
context:
space:
mode:
authorRoland McGrath <roland@redhat.com>2008-07-26 06:45:44 +0400
committerLinus Torvalds <torvalds@linux-foundation.org>2008-07-26 23:00:08 +0400
commit6341c393fcc37d58727865f1ee2f65e632e9d4f0 (patch)
tree6e88d928e17f663b225884e81877a7a069d7c514 /include/linux
parent88ac2921a71f788ed693bcd44731dd6bc1994640 (diff)
downloadlinux-6341c393fcc37d58727865f1ee2f65e632e9d4f0.tar.xz
tracehook: exec
This moves all the ptrace hooks related to exec into tracehook.h inlines. This also lifts the calls for tracing out of the binfmt load_binary hooks into search_binary_handler() after it calls into the binfmt module. This change has no effect, since all the binfmt modules' load_binary functions did the call at the end on success, and now search_binary_handler() does it immediately after return if successful. We consolidate the repeated code, and binfmt modules no longer need to import ptrace_notify(). Signed-off-by: Roland McGrath <roland@redhat.com> Cc: Oleg Nesterov <oleg@tv-sign.ru> Reviewed-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'include/linux')
-rw-r--r--include/linux/tracehook.h46
1 files changed, 46 insertions, 0 deletions
diff --git a/include/linux/tracehook.h b/include/linux/tracehook.h
index bea0f3eeff54..6276353709c1 100644
--- a/include/linux/tracehook.h
+++ b/include/linux/tracehook.h
@@ -48,5 +48,51 @@
#include <linux/sched.h>
#include <linux/ptrace.h>
+#include <linux/security.h>
+struct linux_binprm;
+
+/**
+ * tracehook_unsafe_exec - check for exec declared unsafe due to tracing
+ * @task: current task doing exec
+ *
+ * Return %LSM_UNSAFE_* bits applied to an exec because of tracing.
+ *
+ * Called with task_lock() held on @task.
+ */
+static inline int tracehook_unsafe_exec(struct task_struct *task)
+{
+ int unsafe = 0;
+ int ptrace = task_ptrace(task);
+ if (ptrace & PT_PTRACED) {
+ if (ptrace & PT_PTRACE_CAP)
+ unsafe |= LSM_UNSAFE_PTRACE_CAP;
+ else
+ unsafe |= LSM_UNSAFE_PTRACE;
+ }
+ return unsafe;
+}
+
+/**
+ * tracehook_report_exec - a successful exec was completed
+ * @fmt: &struct linux_binfmt that performed the exec
+ * @bprm: &struct linux_binprm containing exec details
+ * @regs: user-mode register state
+ *
+ * An exec just completed, we are shortly going to return to user mode.
+ * The freshly initialized register state can be seen and changed in @regs.
+ * The name, file and other pointers in @bprm are still on hand to be
+ * inspected, but will be freed as soon as this returns.
+ *
+ * Called with no locks, but with some kernel resources held live
+ * and a reference on @fmt->module.
+ */
+static inline void tracehook_report_exec(struct linux_binfmt *fmt,
+ struct linux_binprm *bprm,
+ struct pt_regs *regs)
+{
+ if (!ptrace_event(PT_TRACE_EXEC, PTRACE_EVENT_EXEC, 0) &&
+ unlikely(task_ptrace(current) & PT_PTRACED))
+ send_sig(SIGTRAP, current, 0);
+}
#endif /* <linux/tracehook.h> */