[PATCH 01/26] ptrace: export ptrace_may_access
Joonas Lahtinen
joonas.lahtinen at linux.intel.com
Thu Dec 12 09:16:02 UTC 2024
Quoting Christoph Hellwig (2024-12-10 06:29:38)
> On Mon, Dec 09, 2024 at 03:32:52PM +0200, Mika Kuoppala wrote:
> > xe driver would like to allow fine grained access control
> > for GDB debugger using ptrace. Without this export, the only
> > option would be to check for CAP_SYS_ADMIN.
> >
> > The check intended for an ioctl to attach a GPU debugger
> > is similar to the ptrace use case: allow a calling process
> > to manipulate a target process if it has the necessary
> > capabilities or the same permissions, as described in
> > Documentation/process/adding-syscalls.rst.
> >
> > Export ptrace_may_access function to allow GPU debugger to
> > have identical access control for debugger(s)
> > as a CPU debugger.
>
> This seems to mis an actual user or you forgot to Cc linux-kernel on it.
Right, that is a miss on our side. For the time being, the whole series
can be found in lore archive:
https://lore.kernel.org/dri-devel/20241209133318.1806472-1-mika.kuoppala@linux.intel.com/
The user is introduced in patch: [PATCH 03/26] drm/xe/eudebug: Introduce discovery for resources [1]
Essentially, we want to check if PID1 has permission to ptrace PID2, before we grant the
permission for PID1 to debug the GPU address space/memory of PID2.
Mika, please do Cc the relevant other patches of the series to LKML for next iteration.
Regards, Joonas
[1] https://lore.kernel.org/dri-devel/20241209133318.1806472-1-mika.kuoppala@linux.intel.com/T/#md3d005faaaac1ba01451b139a634e5545c2a266f
More information about the Intel-xe
mailing list