[PATCH] lsm: hold cred_guard_mutex for lsm_set_self_attr()
Paul Moore
paul at paul-moore.com
Thu May 14 20:47:58 UTC 2026
On May 13, 2026 Stephen Smalley <stephen.smalley.work at gmail.com> wrote:
>
> Just as proc_pid_attr_write() already does before calling the LSM
> hook. This only matters for SELinux and AppArmor which check
> whether the process is being ptraced and if so, whether to
> allow the transition.
>
> Signed-off-by: Stephen Smalley <stephen.smalley.work at gmail.com>
> Acked-by: Casey Schaufler <casey at schaufler-ca.com>
> ---
> security/lsm_syscalls.c | 9 ++++++++-
> 1 file changed, 8 insertions(+), 1 deletion(-)
Thanks Stephen. I'm going to merge this into lsm/stable-7.1 now, but
hold on to it until next week before sending it to Linus. While I
can't see why John would have any objections to this, the extra time
should give him a chance to respond.
--
paul-moore.com
More information about the Linux-security-module-archive
mailing list