1 From: Jeff Mahoney <jeffm@suse.com>
2 Subject: apparmor: use new ptrace security_operations
4 This patch implements the new ptrace security_operations members.
6 ->ptrace was changed to ->ptrace_may_access and ->ptrace_traceme.
8 The apparmor versions are really just wrappers for the old function.
10 Signed-off-by: Jeff Mahoney <jeffm@suse.com>
13 security/apparmor/lsm.c | 17 +++++++++++++++--
14 1 file changed, 15 insertions(+), 2 deletions(-)
16 --- a/security/apparmor/lsm.c
17 +++ b/security/apparmor/lsm.c
18 @@ -158,7 +158,7 @@ static int aa_reject_syscall(struct task
21 static int apparmor_ptrace(struct task_struct *parent,
22 - struct task_struct *child, unsigned int mode)
23 + struct task_struct *child)
25 struct aa_task_context *cxt;
27 @@ -207,6 +207,18 @@ static int apparmor_ptrace(struct task_s
31 +static int apparmor_ptrace_may_access(struct task_struct *child,
34 + return apparmor_ptrace(child->parent, child);
38 +static int apparmor_ptrace_traceme(struct task_struct *parent)
40 + return apparmor_ptrace(parent, current);
43 static int apparmor_capable(struct task_struct *task, int cap)
46 @@ -899,7 +911,8 @@ static int apparmor_task_setrlimit(unsig
49 struct security_operations apparmor_ops = {
50 - .ptrace = apparmor_ptrace,
51 + .ptrace_may_access = apparmor_ptrace_may_access,
52 + .ptrace_traceme = apparmor_ptrace_traceme,
54 .capset_check = cap_capset_check,
55 .capset_set = cap_capset_set,