Commit da67f7cc authored Sep 23, 2025 by Richard Chang Committed by David Stevens Oct 16, 2025

ANDROID: zram: ioctl: remove PTRACE permission check



The zram ioctl for process writeback included a PTRACE_MODE_READ_FSCREDS
permission check, originally added to prevent leaking ASLR metadata,
mirroring the design of process_madvise().

However, the current implementation uses a pidfd of the target process
to iterate over its VMAs entirely within kernel space. This design
prevents userspace from accessing any information that could leak ASLR
details. Therefore, the PTRACE permission check is no longer necessary.

This patch removes the check by replacing mm_access() with
get_task_mm(). The ioctl interface remains protected by the CAP_SYS_NICE
capability.

Bug: 446573436
Change-Id: Id7d3d5c63b382fb5e5f8f90b23f9ba01651b27b4
Signed-off-by: Richard Chang <richardycc@google.com>
(cherry picked from commit 4191645f)
Bug: 446676432
Signed-off-by: David Stevens <stevensd@google.com>

parent 9c6c6608

Show whitespace changes

Inline Side-by-side

CodeLinaro @codelinaro
mentioned in commit 8979fee4
· Nov 05, 2025

mentioned in commit 8979fee4

mentioned in commit 8979fee435bfd762771c71f3cf99f6f279038337

Toggle commit list
CodeLinaro @codelinaro
mentioned in commit 6b6ffe2c
· Nov 05, 2025

mentioned in commit 6b6ffe2c

mentioned in commit 6b6ffe2c091924ce45dff6afb5304312a64ed6f0

Toggle commit list

Please to comment