UBUNTU: SAUCE: Yama: search for PTRACE exceptions via thread group leader

When looking for PTRACE exceptions, the thread group leader must be used
otherwise the exceptions can be missed for threaded processes.

BugLink: https://bugs.launchpad.net/bugs/603716

Signed-off-by: Kees Cook <kees.cook@canonical.com>
Signed-off-by: Leann Ogasawara <leann.ogasawara@canonical.com>

diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c
index b28d9cc..4a5bc1a 100644 (file)
--- a/security/yama/yama_lsm.c
+++ b/security/yama/yama_lsm.c
@@ -199,11 +199,19 @@ static int ptracer_exception_found(struct task_struct *tracer,
        struct task_struct *parent = NULL;
 
        spin_lock(&ptracer_relations_lock);
+
+       rcu_read_lock();
+       read_lock(&tasklist_lock);
+       if (!thread_group_leader(tracee))
+               tracee = tracee->group_leader;
        list_for_each_entry(relation, &ptracer_relations, node)
                if (relation->tracee == tracee) {
                        parent = relation->tracer;
                        break;
                }
+       read_unlock(&tasklist_lock);
+       rcu_read_unlock();
+
        if (task_is_descendant(parent, tracer))
                rc = 1;
        spin_unlock(&ptracer_relations_lock);