From 6b23d2a08e71ce7d93b1d52e545f792f549225dc Mon Sep 17 00:00:00 2001
From: Jamie Liu <jamieliu@google.com>
Date: Wed, 23 Jun 2021 11:13:45 -0700
Subject: Fix PR_SET_PTRACER applicability to non-leader threads.

Compare

	if (!thread_group_leader(tracee))
		tracee = rcu_dereference(tracee->group_leader);

in security/yama/yama_lsm.c:ptracer_exception_found().

PiperOrigin-RevId: 381074242
---
 pkg/sentry/kernel/ptrace.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'pkg/sentry')

diff --git a/pkg/sentry/kernel/ptrace.go b/pkg/sentry/kernel/ptrace.go
index a6287fd6a..20563f02a 100644
--- a/pkg/sentry/kernel/ptrace.go
+++ b/pkg/sentry/kernel/ptrace.go
@@ -294,7 +294,7 @@ func (t *Task) isYAMADescendantOfLocked(ancestor *Task) bool {
 
 // Precondition: the TaskSet mutex must be locked (for reading or writing).
 func (t *Task) hasYAMAExceptionForLocked(tracer *Task) bool {
-	allowed, ok := t.k.ptraceExceptions[t]
+	allowed, ok := t.k.ptraceExceptions[t.tg.leader]
 	if !ok {
 		return false
 	}
-- 
cgit v1.2.3