From: Serge Hallyn <serue@us.ibm.com>

Introduce a new LSM hook, security_task_lookup.  This hook allows an LSM to
mediate visibility of /proc/<pid> on a per-pid level.  The bsdjail lsm
which will be sent next is a user of this hook.

Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
---

 25-akpm/fs/proc/base.c           |    2 ++
 25-akpm/include/linux/security.h |   16 ++++++++++++++++
 25-akpm/security/dummy.c         |    6 ++++++
 3 files changed, 24 insertions(+)

diff -puN fs/proc/base.c~lsm-add-control-over-proc-pid-visibility fs/proc/base.c
--- 25/fs/proc/base.c~lsm-add-control-over-proc-pid-visibility	Wed Oct  6 16:19:48 2004
+++ 25-akpm/fs/proc/base.c	Wed Oct  6 16:19:48 2004
@@ -1706,6 +1706,8 @@ static int get_tgid_list(int index, unsi
 		int tgid = p->pid;
 		if (!pid_alive(p))
 			continue;
+		if (security_task_lookup(p))
+			continue;
 		if (--index >= 0)
 			continue;
 		tgids[nr_tgids] = tgid;
diff -puN include/linux/security.h~lsm-add-control-over-proc-pid-visibility include/linux/security.h
--- 25/include/linux/security.h~lsm-add-control-over-proc-pid-visibility	Wed Oct  6 16:19:48 2004
+++ 25-akpm/include/linux/security.h	Wed Oct  6 16:19:48 2004
@@ -630,6 +630,11 @@ struct swap_info_struct;
  * 	Set the security attributes in @p->security for a kernel thread that
  * 	is being reparented to the init task.
  *	@p contains the task_struct for the kernel thread.
+ * @task_lookup:
+ *	Check permission to see the /proc/<pid> entry for process @p.
+ *	@p contains the task_struct for task <pid> which is being looked
+ *	up under /proc
+ *	return 0 if permission is granted.
  * @task_to_inode:
  * 	Set the security attributes for an inode based on an associated task's
  * 	security attributes, e.g. for /proc/pid inodes.
@@ -1162,6 +1167,7 @@ struct security_operations {
 			   unsigned long arg3, unsigned long arg4,
 			   unsigned long arg5);
 	void (*task_reparent_to_init) (struct task_struct * p);
+	int (*task_lookup)(struct task_struct *p);
 	void (*task_to_inode)(struct task_struct *p, struct inode *inode);
 
 	int (*ipc_permission) (struct kern_ipc_perm * ipcp, short flag);
@@ -1767,6 +1773,11 @@ static inline void security_task_reparen
 	security_ops->task_reparent_to_init (p);
 }
 
+static inline int security_task_lookup(struct task_struct *p)
+{
+	return security_ops->task_lookup(p);
+}
+
 static inline void security_task_to_inode(struct task_struct *p, struct inode *inode)
 {
 	security_ops->task_to_inode(p, inode);
@@ -2407,6 +2418,11 @@ static inline void security_task_reparen
 	cap_task_reparent_to_init (p);
 }
 
+static inline int security_task_lookup(struct task_struct *p)
+{
+	return 0;
+}
+
 static inline void security_task_to_inode(struct task_struct *p, struct inode *inode)
 { }
 
diff -puN security/dummy.c~lsm-add-control-over-proc-pid-visibility security/dummy.c
--- 25/security/dummy.c~lsm-add-control-over-proc-pid-visibility	Wed Oct  6 16:19:48 2004
+++ 25-akpm/security/dummy.c	Wed Oct  6 16:19:48 2004
@@ -623,6 +623,11 @@ static void dummy_task_reparent_to_init 
 	return;
 }
 
+static int dummy_task_lookup(struct task_struct *p)
+{
+	return 0;
+}
+
 static void dummy_task_to_inode(struct task_struct *p, struct inode *inode)
 { }
 
@@ -986,6 +991,7 @@ void security_fixup_ops (struct security
 	set_to_dummy_if_null(ops, task_kill);
 	set_to_dummy_if_null(ops, task_prctl);
 	set_to_dummy_if_null(ops, task_reparent_to_init);
+ 	set_to_dummy_if_null(ops, task_lookup);
  	set_to_dummy_if_null(ops, task_to_inode);
 	set_to_dummy_if_null(ops, ipc_permission);
 	set_to_dummy_if_null(ops, msg_msg_alloc_security);
_