diff options
author | Jamie Liu <jamieliu@google.com> | 2021-06-23 11:13:45 -0700 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2021-06-23 11:17:44 -0700 |
commit | 6b23d2a08e71ce7d93b1d52e545f792f549225dc (patch) | |
tree | 3781356f24237203a2f7554e7b43b2220fd1c23f /pkg/sentry/kernel | |
parent | e5fe488b22734e798df760d9646c6b1c5f25c207 (diff) |
Fix PR_SET_PTRACER applicability to non-leader threads.
Compare
if (!thread_group_leader(tracee))
tracee = rcu_dereference(tracee->group_leader);
in security/yama/yama_lsm.c:ptracer_exception_found().
PiperOrigin-RevId: 381074242
Diffstat (limited to 'pkg/sentry/kernel')
-rw-r--r-- | pkg/sentry/kernel/ptrace.go | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/pkg/sentry/kernel/ptrace.go b/pkg/sentry/kernel/ptrace.go index a6287fd6a..20563f02a 100644 --- a/pkg/sentry/kernel/ptrace.go +++ b/pkg/sentry/kernel/ptrace.go @@ -294,7 +294,7 @@ func (t *Task) isYAMADescendantOfLocked(ancestor *Task) bool { // Precondition: the TaskSet mutex must be locked (for reading or writing). func (t *Task) hasYAMAExceptionForLocked(tracer *Task) bool { - allowed, ok := t.k.ptraceExceptions[t] + allowed, ok := t.k.ptraceExceptions[t.tg.leader] if !ok { return false } |