diff options
author | Li Zefan <lizf@cn.fujitsu.com> | 2008-09-02 17:35:52 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2008-09-02 22:21:38 -0400 |
commit | 36fd71d293898a59b14e49da1f6e81c1a58f2035 (patch) | |
tree | e67d5a0f6fc6caa83558f57588d9f69a46e5f4c9 | |
parent | 09a2910e54646f7a334702fbafa7a6129dc072e6 (diff) |
devcgroup: fix race against rmdir()
During the use of a dev_cgroup, we should guarantee the corresponding
cgroup won't be deleted (i.e. via rmdir). This can be done through
css_get(&dev_cgroup->css), but here we can just get and use the dev_cgroup
under rcu_read_lock.
And also remove checking NULL dev_cgroup, it won't be NULL since a task
always belongs to a cgroup.
Signed-off-by: Li Zefan <lizf@cn.fujitsu.com>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Cc: Paul Menage <menage@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r-- | security/device_cgroup.c | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/security/device_cgroup.c b/security/device_cgroup.c index 7bd296cca041..46f23971f7e4 100644 --- a/security/device_cgroup.c +++ b/security/device_cgroup.c | |||
@@ -508,12 +508,11 @@ int devcgroup_inode_permission(struct inode *inode, int mask) | |||
508 | return 0; | 508 | return 0; |
509 | if (!S_ISBLK(inode->i_mode) && !S_ISCHR(inode->i_mode)) | 509 | if (!S_ISBLK(inode->i_mode) && !S_ISCHR(inode->i_mode)) |
510 | return 0; | 510 | return 0; |
511 | dev_cgroup = css_to_devcgroup(task_subsys_state(current, | ||
512 | devices_subsys_id)); | ||
513 | if (!dev_cgroup) | ||
514 | return 0; | ||
515 | 511 | ||
516 | rcu_read_lock(); | 512 | rcu_read_lock(); |
513 | |||
514 | dev_cgroup = task_devcgroup(current); | ||
515 | |||
517 | list_for_each_entry_rcu(wh, &dev_cgroup->whitelist, list) { | 516 | list_for_each_entry_rcu(wh, &dev_cgroup->whitelist, list) { |
518 | if (wh->type & DEV_ALL) | 517 | if (wh->type & DEV_ALL) |
519 | goto acc_check; | 518 | goto acc_check; |
@@ -533,6 +532,7 @@ acc_check: | |||
533 | rcu_read_unlock(); | 532 | rcu_read_unlock(); |
534 | return 0; | 533 | return 0; |
535 | } | 534 | } |
535 | |||
536 | rcu_read_unlock(); | 536 | rcu_read_unlock(); |
537 | 537 | ||
538 | return -EPERM; | 538 | return -EPERM; |
@@ -543,12 +543,10 @@ int devcgroup_inode_mknod(int mode, dev_t dev) | |||
543 | struct dev_cgroup *dev_cgroup; | 543 | struct dev_cgroup *dev_cgroup; |
544 | struct dev_whitelist_item *wh; | 544 | struct dev_whitelist_item *wh; |
545 | 545 | ||
546 | dev_cgroup = css_to_devcgroup(task_subsys_state(current, | ||
547 | devices_subsys_id)); | ||
548 | if (!dev_cgroup) | ||
549 | return 0; | ||
550 | |||
551 | rcu_read_lock(); | 546 | rcu_read_lock(); |
547 | |||
548 | dev_cgroup = task_devcgroup(current); | ||
549 | |||
552 | list_for_each_entry(wh, &dev_cgroup->whitelist, list) { | 550 | list_for_each_entry(wh, &dev_cgroup->whitelist, list) { |
553 | if (wh->type & DEV_ALL) | 551 | if (wh->type & DEV_ALL) |
554 | goto acc_check; | 552 | goto acc_check; |
@@ -566,6 +564,8 @@ acc_check: | |||
566 | rcu_read_unlock(); | 564 | rcu_read_unlock(); |
567 | return 0; | 565 | return 0; |
568 | } | 566 | } |
567 | |||
569 | rcu_read_unlock(); | 568 | rcu_read_unlock(); |
569 | |||
570 | return -EPERM; | 570 | return -EPERM; |
571 | } | 571 | } |