[PATCH 3] utrace: introduce ENGINE_LSM_ flags

[Oleg Nesterov]

Introduce ENGINE_LSM_TRACE and ENGINE_LSM_TRACE_CAP bits for
utrace_unsafe_exec(). These bit should be set when we attach the
new engine by user request.

Note: we use engine->flags and task->utrace_flags, this doesn't
really matter. The only important point is: somehow utrace_engine
should have the security info which we do not currently have.

Note!!!!!! The next patches try to convert ptrace-utrace, but
ptrace is only used for example. gdbstub or whatever has the same
security problems and needs.

---

 kernel/utrace.c |   16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

--- RHEL6/kernel/utrace.c~3_ENGINE_LSM_FLAGS	2010-07-06 23:55:14.000000000 +0200
+++ RHEL6/kernel/utrace.c	2010-07-07 00:48:09.000000000 +0200
@@ -460,7 +460,11 @@ static void put_detached_list(struct lis
  */
 #define ENGINE_STOP		(1UL << _UTRACE_NEVENTS)
 
-#define ENGINE_EXTRA_FLAGS	(ENGINE_STOP)
+#define ENGINE_LSM_TRACE	(1UL << (_UTRACE_NEVENTS + 1))
+#define ENGINE_LSM_TRACE_CAP	(1UL << (_UTRACE_NEVENTS + 2))
+#define ENGINE_LSM_MASK		(ENGINE_LSM_TRACE | ENGINE_LSM_TRACE_CAP)
+
+#define ENGINE_EXTRA_FLAGS	(ENGINE_STOP | ENGINE_LSM_MASK)
 
 static void mark_engine_wants_stop(struct task_struct *task,
 				   struct utrace_engine *engine)
@@ -2457,9 +2461,15 @@ int utrace_unsafe_exec(struct task_struc
 {
 	int unsafe = 0;
 
-	if (task->ptrace & PT_PTRACE_CAP)
+	if (task->utrace_flags & ENGINE_LSM_TRACE)
+		unsafe = LSM_UNSAFE_PTRACE;
+	else if (task->utrace_flags & ENGINE_LSM_TRACE_CAP)
 		unsafe = LSM_UNSAFE_PTRACE_CAP;
-	else if (task->ptrace)
+
+	if (task->ptrace & PT_PTRACE_CAP) {
+		if (!unsafe)
+			unsafe = LSM_UNSAFE_PTRACE_CAP;
+	} else if (task->ptrace)
 		unsafe = LSM_UNSAFE_PTRACE;
 
 	return unsafe;