Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\yama\yama_lsm.c Create Date:2022-07-28 19:55:12
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:yama_ptrace_access_check - validate PTRACE_ATTACH calls*@child: task that current task is attempting to ptrace*@mode: ptrace attach mode* Returns 0 if following the ptrace is allowed, -ve on error.

Proto:static int yama_ptrace_access_check(struct task_struct *child, unsigned int mode)

Type:int

Parameter:

TypeParameterName
struct task_struct *child
unsigned intmode
357  rc = 0
360  If mode & PTRACE_MODE_ATTACH Then
362  Case ptrace_scope == YAMA_SCOPE_DISABLED
364  Break
365  Case ptrace_scope == YAMA_SCOPE_RELATIONAL
366  _read_lock() - mark the beginning of an RCU read-side critical section* When synchronize_rcu() is invoked on one CPU while other CPUs* are within RCU read-side critical sections, then the* synchronize_rcu() is guaranteed to block until after all the other
367  If Not pid_alive - check that a task structure is not stale*@p: Task structure to be checked.* Test if a process is not yet dead (at most zombie state)* If pid_alive fails, then pointers within the task structure* can be stale and must not be dereferenced. Then rc = -EPERM
369  If Not rc && Not ask_is_descendant - walk up a process family tree looking for a match*@parent: the process to compare against while walking up from child*@child: the process to start from while looking upwards for parent && Not ptracer_exception_found - tracer registered as exception for this tracee*@tracer: the task_struct of the process attempting ptrace*@tracee: the task_struct of the process to be ptraced* Returns 1 if tracer has a ptracer exception ancestor for tracee. && Not ns_capable(user_ns, Allow ptrace() of any process ) Then rc = -EPERM
373  _read_unlock() - marks the end of an RCU read-side critical section.* In most situations, rcu_read_unlock() is immune from deadlock.* However, in kernels built with CONFIG_RCU_BOOST, rcu_read_unlock()
374  Break
375  Case ptrace_scope == YAMA_SCOPE_CAPABILITY
376  _read_lock() - mark the beginning of an RCU read-side critical section* When synchronize_rcu() is invoked on one CPU while other CPUs* are within RCU read-side critical sections, then the* synchronize_rcu() is guaranteed to block until after all the other
377  If Not ns_capable(user_ns, Allow ptrace() of any process ) Then rc = -EPERM
379  _read_unlock() - marks the end of an RCU read-side critical section.* In most situations, rcu_read_unlock() is immune from deadlock.* However, in kernels built with CONFIG_RCU_BOOST, rcu_read_unlock()
380  Break
381  Case ptrace_scope == YAMA_SCOPE_NO_ATTACH
382  Default
383  rc = -EPERM
384  Break
388  If rc && (mode & PTRACE_MODE_NOAUDIT) == 0 Then defers execution because cmdline access can sleep
391  Return rc