security: rename ptrace_may_access => ptrace_access_check
The ->ptrace_may_access() methods are named confusingly - the real ptrace_may_access() returns a bool, while these security checks have a retval convention. Rename it to ptrace_access_check, to reduce the confusion factor. [ Impact: cleanup, no code changed ] Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
Ingo Molnar
committed by
James Morris
James Morris
parent
86abcf9ceb
commit
9e48858f7d
@ -52,7 +52,7 @@ struct audit_krule;
|
||||
extern int cap_capable(struct task_struct *tsk, const struct cred *cred,
|
||||
int cap, int audit);
|
||||
extern int cap_settime(struct timespec *ts, struct timezone *tz);
|
||||
extern int cap_ptrace_may_access(struct task_struct *child, unsigned int mode);
|
||||
extern int cap_ptrace_access_check(struct task_struct *child, unsigned int mode);
|
||||
extern int cap_ptrace_traceme(struct task_struct *parent);
|
||||
extern int cap_capget(struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted);
|
||||
extern int cap_capset(struct cred *new, const struct cred *old,
|
||||
@ -1209,7 +1209,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
|
||||
* @alter contains the flag indicating whether changes are to be made.
|
||||
* Return 0 if permission is granted.
|
||||
*
|
||||
* @ptrace_may_access:
|
||||
* @ptrace_access_check:
|
||||
* Check permission before allowing the current process to trace the
|
||||
* @child process.
|
||||
* Security modules may also want to perform a process tracing check
|
||||
@ -1224,7 +1224,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
|
||||
* Check that the @parent process has sufficient permission to trace the
|
||||
* current process before allowing the current process to present itself
|
||||
* to the @parent process for tracing.
|
||||
* The parent process will still have to undergo the ptrace_may_access
|
||||
* The parent process will still have to undergo the ptrace_access_check
|
||||
* checks before it is allowed to trace this one.
|
||||
* @parent contains the task_struct structure for debugger process.
|
||||
* Return 0 if permission is granted.
|
||||
@ -1336,7 +1336,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
|
||||
struct security_operations {
|
||||
char name[SECURITY_NAME_MAX + 1];
|
||||
|
||||
int (*ptrace_may_access) (struct task_struct *child, unsigned int mode);
|
||||
int (*ptrace_access_check) (struct task_struct *child, unsigned int mode);
|
||||
int (*ptrace_traceme) (struct task_struct *parent);
|
||||
int (*capget) (struct task_struct *target,
|
||||
kernel_cap_t *effective,
|
||||
@ -1617,7 +1617,7 @@ extern int security_module_enable(struct security_operations *ops);
|
||||
extern int register_security(struct security_operations *ops);
|
||||
|
||||
/* Security operations */
|
||||
int security_ptrace_may_access(struct task_struct *child, unsigned int mode);
|
||||
int security_ptrace_access_check(struct task_struct *child, unsigned int mode);
|
||||
int security_ptrace_traceme(struct task_struct *parent);
|
||||
int security_capget(struct task_struct *target,
|
||||
kernel_cap_t *effective,
|
||||
@ -1798,10 +1798,10 @@ static inline int security_init(void)
|
||||
return 0;
|
||||
}
|
||||
|
||||
static inline int security_ptrace_may_access(struct task_struct *child,
|
||||
static inline int security_ptrace_access_check(struct task_struct *child,
|
||||
unsigned int mode)
|
||||
{
|
||||
return cap_ptrace_may_access(child, mode);
|
||||
return cap_ptrace_access_check(child, mode);
|
||||
}
|
||||
|
||||
static inline int security_ptrace_traceme(struct task_struct *parent)
|
||||
|
||||
Reference in New Issue
Block a user