diff options
| author | Kees Cook <kees.cook@canonical.com> | 2010-06-28 22:36:00 -0700 |
|---|---|---|
| committer | John Rigby <john.rigby@linaro.org> | 2011-10-17 09:49:12 -0600 |
| commit | ab22b30d7898327bb96c2d9c996b2cde2074ec00 (patch) | |
| tree | 0a251eb1e9450deb78d676b3767596c549c0b517 /include | |
| parent | df3de15fe6c20bd2032790adbbae8eccf0f38b61 (diff) | |
UBUNTU: ubuntu: Yama - add ptrace relationship tracking interface
Some application suites have external crash handlers that depend
on being able to use ptrace to generate crash reports (KDE, Wine,
Chromium, Firefox, etc). Since the inferior process has a defined
application-specific relationship with the debugger, allow the inferior
to express that relationship by declaring who can call PTRACE_ATTACH
against it. The inferior can use prctl() with PR_SET_PTRACER to allow a
specific PID and its descendants to perform the ptrace instead of only
a direct ancestor.
Signed-off-by: Kees Cook <kees.cook@canonical.com>
---
v2:
- kmalloc, spinlock init, and doc typo corrections from Tetsuo Handa.
- make sure to replace if possible on add, thanks to Eric Paris.
v3:
- make sure to use thread group leader when searching for exceptions.
v4:
- make sure to use thread group leader when creating exceptions.
v5:
- make sure to use thread group leader when deleting exceptions.
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
Diffstat (limited to 'include')
| -rw-r--r-- | include/linux/prctl.h | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/include/linux/prctl.h b/include/linux/prctl.h index a3baeb2c216..da7837bbd2c 100644 --- a/include/linux/prctl.h +++ b/include/linux/prctl.h @@ -102,4 +102,10 @@ #define PR_MCE_KILL_GET 34 +/* + * Set specific pid that is allowed to PTRACE the current task. + * A value of 0 mean "no process". + */ +#define PR_SET_PTRACER 0x59616d61 + #endif /* _LINUX_PRCTL_H */ |