diff options
author | Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp> | 2010-02-25 03:19:25 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2010-02-25 17:20:11 -0500 |
commit | 1fcdc7c527010b144d3951f9ce25faedf264933c (patch) | |
tree | 5ab23281aae1de41079f2b4962fe17ab6d59be6d | |
parent | 189b3b1c89761054fee3438f063d7f257306e2d8 (diff) |
TOMOYO: Protect find_task_by_vpid() with RCU.
Holding tasklist_lock is no longer sufficient for find_task_by_vpid().
Explicit rcu_read_lock() is required.
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
--
security/tomoyo/common.c | 4 ++++
1 file changed, 4 insertions(+)
Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r-- | security/tomoyo/common.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index 30dd1c68a647..ff51f1026b57 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c | |||
@@ -1232,11 +1232,13 @@ static bool tomoyo_is_select_one(struct tomoyo_io_buffer *head, | |||
1232 | 1232 | ||
1233 | if (sscanf(data, "pid=%u", &pid) == 1) { | 1233 | if (sscanf(data, "pid=%u", &pid) == 1) { |
1234 | struct task_struct *p; | 1234 | struct task_struct *p; |
1235 | rcu_read_lock(); | ||
1235 | read_lock(&tasklist_lock); | 1236 | read_lock(&tasklist_lock); |
1236 | p = find_task_by_vpid(pid); | 1237 | p = find_task_by_vpid(pid); |
1237 | if (p) | 1238 | if (p) |
1238 | domain = tomoyo_real_domain(p); | 1239 | domain = tomoyo_real_domain(p); |
1239 | read_unlock(&tasklist_lock); | 1240 | read_unlock(&tasklist_lock); |
1241 | rcu_read_unlock(); | ||
1240 | } else if (!strncmp(data, "domain=", 7)) { | 1242 | } else if (!strncmp(data, "domain=", 7)) { |
1241 | if (tomoyo_is_domain_def(data + 7)) | 1243 | if (tomoyo_is_domain_def(data + 7)) |
1242 | domain = tomoyo_find_domain(data + 7); | 1244 | domain = tomoyo_find_domain(data + 7); |
@@ -1635,11 +1637,13 @@ static int tomoyo_read_pid(struct tomoyo_io_buffer *head) | |||
1635 | const int pid = head->read_step; | 1637 | const int pid = head->read_step; |
1636 | struct task_struct *p; | 1638 | struct task_struct *p; |
1637 | struct tomoyo_domain_info *domain = NULL; | 1639 | struct tomoyo_domain_info *domain = NULL; |
1640 | rcu_read_lock(); | ||
1638 | read_lock(&tasklist_lock); | 1641 | read_lock(&tasklist_lock); |
1639 | p = find_task_by_vpid(pid); | 1642 | p = find_task_by_vpid(pid); |
1640 | if (p) | 1643 | if (p) |
1641 | domain = tomoyo_real_domain(p); | 1644 | domain = tomoyo_real_domain(p); |
1642 | read_unlock(&tasklist_lock); | 1645 | read_unlock(&tasklist_lock); |
1646 | rcu_read_unlock(); | ||
1643 | if (domain) | 1647 | if (domain) |
1644 | tomoyo_io_printf(head, "%d %u %s", pid, domain->profile, | 1648 | tomoyo_io_printf(head, "%d %u %s", pid, domain->profile, |
1645 | domain->domainname->name); | 1649 | domain->domainname->name); |