From: "Christian Brauner (Amutable)" <brauner@kernel.org>
To: Jann Horn <jannh@google.com>,
Linus Torvalds <torvalds@linuxfoundation.org>,
Oleg Nesterov <oleg@redhat.com>
Cc: "David Hildenbrand (Arm)" <david@kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
Qualys Security Advisory <qsa@qualys.com>,
Kees Cook <kees@kernel.org>, Minchan Kim <minchan@kernel.org>,
linux-mm@kvack.org, Suren Baghdasaryan <surenb@google.com>,
Lorenzo Stoakes <ljs@kernel.org>,
"Liam R. Howlett" <liam@infradead.org>,
Vlastimil Babka <vbabka@kernel.org>,
Mike Rapoport <rppt@kernel.org>, Michal Hocko <mhocko@suse.com>,
"Christian Brauner (Amutable)" <brauner@kernel.org>
Subject: [PATCH RFC v3 3/4] ptrace: add ptracer_access_allowed()
Date: Wed, 20 May 2026 23:48:54 +0200 [thread overview]
Message-ID: <20260520-work-task_exec_state-v3-3-69f895bc1385@kernel.org> (raw)
In-Reply-To: <20260520-work-task_exec_state-v3-0-69f895bc1385@kernel.org>
Add a helper that encapsulates all of the logic for checking ptrace
access and remove open-coded versions in follow-up patches.
Reviewed-by: Jann Horn <jannh@google.com>
Signed-off-by: Christian Brauner (Amutable) <brauner@kernel.org>
---
include/linux/ptrace.h | 1 +
kernel/ptrace.c | 27 +++++++++++++++++++++++++++
2 files changed, 28 insertions(+)
diff --git a/include/linux/ptrace.h b/include/linux/ptrace.h
index 90507d4afcd6..ef314f7a9ecc 100644
--- a/include/linux/ptrace.h
+++ b/include/linux/ptrace.h
@@ -17,6 +17,7 @@ struct syscall_info {
struct seccomp_data data;
};
+bool ptracer_access_allowed(struct task_struct *tsk);
extern int ptrace_access_vm(struct task_struct *tsk, unsigned long addr,
void *buf, int len, unsigned int gup_flags);
diff --git a/kernel/ptrace.c b/kernel/ptrace.c
index 07398c9c8fe3..0e1f80f73a7f 100644
--- a/kernel/ptrace.c
+++ b/kernel/ptrace.c
@@ -13,6 +13,7 @@
#include <linux/sched.h>
#include <linux/sched/mm.h>
#include <linux/sched/coredump.h>
+#include <linux/sched/exec_state.h>
#include <linux/sched/task.h>
#include <linux/errno.h>
#include <linux/mm.h>
@@ -36,6 +37,32 @@
#include <asm/syscall.h> /* for syscall_get_* */
+/**
+ * ptracer_access_allowed - may current peek/poke @tsk's address space?
+ * @tsk: tracee
+ *
+ * Per-access check used by ptrace_access_vm() and architecture-specific
+ * tag/register accessors. Returns true iff current is the registered
+ * ptracer of @tsk and either @tsk is owner-dumpable or current holds
+ * CAP_SYS_PTRACE in @tsk's exec namespace. Lighter than
+ * __ptrace_may_access(): it re-validates only dumpability and
+ * capability on every access, without re-running LSM hooks or
+ * cred_cap_issubset() checks performed at attach time.
+ */
+bool ptracer_access_allowed(struct task_struct *tsk)
+{
+ const struct task_exec_state *es;
+
+ if (!tsk->ptrace)
+ return false;
+ if (current != tsk->parent)
+ return false;
+ guard(rcu)();
+ es = task_exec_state_rcu(tsk);
+ return READ_ONCE(es->dumpable) == TASK_DUMPABLE_OWNER ||
+ ptracer_capable(tsk, es->user_ns);
+}
+
/*
* Access another process' address space via ptrace.
* Source/target buffer must be kernel space,
--
2.47.3
next prev parent reply other threads:[~2026-05-20 21:49 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-20 21:48 [PATCH RFC v3 0/4] exec: introduce task_exec_state for exec-time metadata Christian Brauner (Amutable)
2026-05-20 21:48 ` [PATCH RFC v3 1/4] sched/coredump: introduce enum task_dumpable Christian Brauner (Amutable)
2026-05-22 22:14 ` David Hildenbrand (Arm)
2026-05-20 21:48 ` [PATCH RFC v3 2/4] exec: introduce struct task_exec_state Christian Brauner (Amutable)
2026-05-22 15:00 ` Oleg Nesterov
2026-05-26 7:16 ` Christian Brauner
2026-05-26 8:17 ` Oleg Nesterov
2026-05-22 22:21 ` David Hildenbrand (Arm)
2026-05-20 21:48 ` Christian Brauner (Amutable) [this message]
2026-05-22 15:08 ` [PATCH RFC v3 3/4] ptrace: add ptracer_access_allowed() Oleg Nesterov
2026-05-22 22:32 ` David Hildenbrand (Arm)
2026-05-20 21:48 ` [PATCH RFC v3 4/4] exec_state: relocate dumpable information Christian Brauner (Amutable)
2026-05-21 10:05 ` Christian Brauner
2026-05-21 11:16 ` Jann Horn
2026-05-21 13:08 ` Christian Brauner
2026-05-26 13:07 ` David Hildenbrand (Arm)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260520-work-task_exec_state-v3-3-69f895bc1385@kernel.org \
--to=brauner@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=david@kernel.org \
--cc=jannh@google.com \
--cc=kees@kernel.org \
--cc=liam@infradead.org \
--cc=linux-mm@kvack.org \
--cc=ljs@kernel.org \
--cc=mhocko@suse.com \
--cc=minchan@kernel.org \
--cc=oleg@redhat.com \
--cc=qsa@qualys.com \
--cc=rppt@kernel.org \
--cc=surenb@google.com \
--cc=torvalds@linuxfoundation.org \
--cc=vbabka@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.