aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLi Zefan <lizf@cn.fujitsu.com>2008-09-02 17:35:52 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2008-09-02 22:21:38 -0400
commit36fd71d293898a59b14e49da1f6e81c1a58f2035 (patch)
treee67d5a0f6fc6caa83558f57588d9f69a46e5f4c9
parent09a2910e54646f7a334702fbafa7a6129dc072e6 (diff)
devcgroup: fix race against rmdir()
During the use of a dev_cgroup, we should guarantee the corresponding cgroup won't be deleted (i.e. via rmdir). This can be done through css_get(&dev_cgroup->css), but here we can just get and use the dev_cgroup under rcu_read_lock. And also remove checking NULL dev_cgroup, it won't be NULL since a task always belongs to a cgroup. Signed-off-by: Li Zefan <lizf@cn.fujitsu.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Cc: Paul Menage <menage@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r--security/device_cgroup.c18
1 files changed, 9 insertions, 9 deletions
diff --git a/security/device_cgroup.c b/security/device_cgroup.c
index 7bd296cca041..46f23971f7e4 100644
--- a/security/device_cgroup.c
+++ b/security/device_cgroup.c
@@ -508,12 +508,11 @@ int devcgroup_inode_permission(struct inode *inode, int mask)
508 return 0; 508 return 0;
509 if (!S_ISBLK(inode->i_mode) && !S_ISCHR(inode->i_mode)) 509 if (!S_ISBLK(inode->i_mode) && !S_ISCHR(inode->i_mode))
510 return 0; 510 return 0;
511 dev_cgroup = css_to_devcgroup(task_subsys_state(current,
512 devices_subsys_id));
513 if (!dev_cgroup)
514 return 0;
515 511
516 rcu_read_lock(); 512 rcu_read_lock();
513
514 dev_cgroup = task_devcgroup(current);
515
517 list_for_each_entry_rcu(wh, &dev_cgroup->whitelist, list) { 516 list_for_each_entry_rcu(wh, &dev_cgroup->whitelist, list) {
518 if (wh->type & DEV_ALL) 517 if (wh->type & DEV_ALL)
519 goto acc_check; 518 goto acc_check;
@@ -533,6 +532,7 @@ acc_check:
533 rcu_read_unlock(); 532 rcu_read_unlock();
534 return 0; 533 return 0;
535 } 534 }
535
536 rcu_read_unlock(); 536 rcu_read_unlock();
537 537
538 return -EPERM; 538 return -EPERM;
@@ -543,12 +543,10 @@ int devcgroup_inode_mknod(int mode, dev_t dev)
543 struct dev_cgroup *dev_cgroup; 543 struct dev_cgroup *dev_cgroup;
544 struct dev_whitelist_item *wh; 544 struct dev_whitelist_item *wh;
545 545
546 dev_cgroup = css_to_devcgroup(task_subsys_state(current,
547 devices_subsys_id));
548 if (!dev_cgroup)
549 return 0;
550
551 rcu_read_lock(); 546 rcu_read_lock();
547
548 dev_cgroup = task_devcgroup(current);
549
552 list_for_each_entry(wh, &dev_cgroup->whitelist, list) { 550 list_for_each_entry(wh, &dev_cgroup->whitelist, list) {
553 if (wh->type & DEV_ALL) 551 if (wh->type & DEV_ALL)
554 goto acc_check; 552 goto acc_check;
@@ -566,6 +564,8 @@ acc_check:
566 rcu_read_unlock(); 564 rcu_read_unlock();
567 return 0; 565 return 0;
568 } 566 }
567
569 rcu_read_unlock(); 568 rcu_read_unlock();
569
570 return -EPERM; 570 return -EPERM;
571} 571}