diff options
Diffstat (limited to 'fs/proc/base.c')
-rw-r--r-- | fs/proc/base.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/fs/proc/base.c b/fs/proc/base.c index bd8c26a409a7..b1ff8eb61802 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -2384,6 +2384,13 @@ out: } #ifdef CONFIG_SECURITY +static int proc_pid_attr_open(struct inode *inode, struct file *file) +{ + file->private_data = NULL; + __mem_open(inode, file, PTRACE_MODE_READ_FSCREDS); + return 0; +} + static ssize_t proc_pid_attr_read(struct file * file, char __user * buf, size_t count, loff_t *ppos) { @@ -2413,6 +2420,10 @@ static ssize_t proc_pid_attr_write(struct file * file, const char __user * buf, ssize_t length; struct task_struct *task = get_proc_task(inode); + /* A task may only write when it was the opener. */ + if (file->private_data != current->mm) + return -EPERM; + length = -ESRCH; if (!task) goto out_no_task; @@ -2451,9 +2462,11 @@ out_no_task: } static const struct file_operations proc_pid_attr_operations = { + .open = proc_pid_attr_open, .read = proc_pid_attr_read, .write = proc_pid_attr_write, .llseek = generic_file_llseek, + .release = mem_release, }; static const struct pid_entry attr_dir_stuff[] = { |