lsm: hold cred_guard_mutex for lsm_set_self_attr()

Just as proc_pid_attr_write() already does before calling the LSM
hook. This only matters for SELinux and AppArmor which check
whether the process is being ptraced and if so, whether to
allow the transition.

Cc: stable@vger.kernel.org
Signed-off-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>

diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c
index 5648b1f0ce9c1a12ad18ff6765d2dfca528536eb..08a017669c02531d0ef3a2ae04372da8fcd94229 100644 (file)
--- a/security/lsm_syscalls.c
+++ b/security/lsm_syscalls.c
@@ -57,7 +57,14 @@ u64 lsm_name_to_attr(const char *name)
 SYSCALL_DEFINE4(lsm_set_self_attr, unsigned int, attr, struct lsm_ctx __user *,
                ctx, u32, size, u32, flags)
 {
-       return security_setselfattr(attr, ctx, size, flags);
+       int rc;
+
+       rc = mutex_lock_interruptible(&current->signal->cred_guard_mutex);
+       if (rc < 0)
+               return rc;
+       rc = security_setselfattr(attr, ctx, size, flags);
+       mutex_unlock(&current->signal->cred_guard_mutex);
+       return rc;
 }
 
 /**