xe driver would like to allow fine grained access control for GDB debugger using ptrace. Without this export, the only option would be to check for CAP_SYS_ADMIN.
The check intended for an ioctl to attach a GPU debugger is similar to the ptrace use case: allow a calling process to manipulate a target process if it has the necessary capabilities or the same permissions, as described in Documentation/process/adding-syscalls.rst. Export ptrace_may_access function to allow GPU debugger to have identical access control for debugger(s) as a CPU debugger. v2: proper commit message (Lucas) Cc: Oleg Nesterov <[email protected]> Cc: [email protected] Cc: Dave Airlie <[email protected]> CC: Lucas De Marchi <[email protected]> Cc: Matthew Brost <[email protected]> CC: Andi Shyti <[email protected]> Cc: Joonas Lahtinen <[email protected]> CC: Maciej Patelczyk <[email protected]> Cc: Dominik Grzegorzek <[email protected]> Signed-off-by: Mika Kuoppala <[email protected]> Signed-off-by: Jonathan Cavitt <[email protected]> Reviewed-by: Andi Shyti <[email protected]> --- kernel/ptrace.c | 1 + 1 file changed, 1 insertion(+) diff --git a/kernel/ptrace.c b/kernel/ptrace.c index d5f89f9ef29f..86be1805ebd8 100644 --- a/kernel/ptrace.c +++ b/kernel/ptrace.c @@ -354,6 +354,7 @@ bool ptrace_may_access(struct task_struct *task, unsigned int mode) task_unlock(task); return !err; } +EXPORT_SYMBOL_GPL(ptrace_may_access); static int check_ptrace_options(unsigned long data) { -- 2.43.0
