Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6:
  deal with races in /proc/*/{syscall,stack,personality}
  proc: enable writing to /proc/pid/mem
  proc: make check_mem_permission() return an mm_struct on success
  proc: hold cred_guard_mutex in check_mem_permission()
  proc: disable mem_write after exec
  mm: implement access_remote_vm
  mm: factor out main logic of access_process_vm
  mm: use mm_struct to resolve gate vma's in __get_user_pages
  mm: arch: rename in_gate_area_no_task to in_gate_area_no_mm
  mm: arch: make in_gate_area take an mm_struct instead of a task_struct
  mm: arch: make get_gate_vma take an mm_struct instead of a task_struct
  x86: mark associated mm when running a task in 32 bit compatibility mode
  x86: add context tag to mark mm when running a task in 32-bit compatibility mode
  auxv: require the target to be tracable (or yourself)
  close race in /proc/*/environ
  report errors in /proc/*/*map* sanely
  pagemap: close races with suid execve
  make sessionid permissions in /proc/*/task/* match those in /proc/*
  fix leaks in path_lookupat()

Fix up trivial conflicts in fs/proc/base.c

5 files changed, 31 insertions, 15 deletions

diff --git a/arch/x86/ia32/ia32_aout.c b/arch/x86/ia32/ia32_aout.c
index 2d93bdbc9ac0..fd843877e841 100644
--- a/arch/x86/ia32/ia32_aout.c
+++ b/arch/x86/ia32/ia32_aout.c
@@ -298,6 +298,7 @@ static int load_aout_binary(struct linux_binprm *bprm, struct pt_regs *regs)
         /* OK, This is the point of no return */
         set_personality(PER_LINUX);
         set_thread_flag(TIF_IA32);
+        current->mm->context.ia32_compat = 1;
 
         setup_new_exec(bprm);
 
diff --git a/arch/x86/include/asm/mmu.h b/arch/x86/include/asm/mmu.h
index 80a1dee5bea5..aeff3e89b222 100644
--- a/arch/x86/include/asm/mmu.h
+++ b/arch/x86/include/asm/mmu.h
@@ -13,6 +13,12 @@ typedef struct {
         int size;
         struct mutex lock;
         void *vdso;
+
+#ifdef CONFIG_X86_64
+        /* True if mm supports a task running in 32 bit compatibility mode. */
+        unsigned short ia32_compat;
+#endif
+
 } mm_context_t;
 
 #ifdef CONFIG_SMP
diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c
index bd387e8f73b4..6c9dd922ac0d 100644
--- a/arch/x86/kernel/process_64.c
+++ b/arch/x86/kernel/process_64.c
@@ -501,6 +501,10 @@ void set_personality_64bit(void)
         /* Make sure to be in 64bit mode */
         clear_thread_flag(TIF_IA32);
 
+        /* Ensure the corresponding mm is not marked. */
+        if (current->mm)
+                current->mm->context.ia32_compat = 0;
+
         /* TBD: overwrites user setup. Should have two bits.
            But 64bit processes have always behaved this way,
            so it's not too bad. The main problem is just that
@@ -516,6 +520,10 @@ void set_personality_ia32(void)
         set_thread_flag(TIF_IA32);
         current->personality |= force_personality32;
 
+        /* Mark the associated mm as containing 32-bit tasks. */
+        if (current->mm)
+                current->mm->context.ia32_compat = 1;
+
         /* Prepare the first "return" to user space */
         current_thread_info()->status |= TS_COMPAT;
 }
diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c
index 2362b646178e..794233587287 100644
--- a/arch/x86/mm/init_64.c
+++ b/arch/x86/mm/init_64.c
@@ -862,18 +862,18 @@ static struct vm_area_struct gate_vma = {
         .vm_flags       = VM_READ | VM_EXEC
 };
 
-struct vm_area_struct *get_gate_vma(struct task_struct *tsk)
+struct vm_area_struct *get_gate_vma(struct mm_struct *mm)
 {
 #ifdef CONFIG_IA32_EMULATION
-        if (test_tsk_thread_flag(tsk, TIF_IA32))
+        if (!mm || mm->context.ia32_compat)
                 return NULL;
 #endif
         return &gate_vma;
 }
 
-int in_gate_area(struct task_struct *task, unsigned long addr)
+int in_gate_area(struct mm_struct *mm, unsigned long addr)
 {
-        struct vm_area_struct *vma = get_gate_vma(task);
+        struct vm_area_struct *vma = get_gate_vma(mm);
 
         if (!vma)
                 return 0;
@@ -882,11 +882,11 @@ int in_gate_area(struct task_struct *task, unsigned long addr)
 }
 
 /*
- * Use this when you have no reliable task/vma, typically from interrupt
- * context. It is less reliable than using the task's vma and may give
- * false positives:
+ * Use this when you have no reliable mm, typically from interrupt
+ * context. It is less reliable than using a task's mm and may give
+ * false positives.
  */
-int in_gate_area_no_task(unsigned long addr)
+int in_gate_area_no_mm(unsigned long addr)
 {
         return (addr >= VSYSCALL_START) && (addr < VSYSCALL_END);
 }
diff --git a/arch/x86/vdso/vdso32-setup.c b/arch/x86/vdso/vdso32-setup.c
index 36df991985b2..468d591dde31 100644
--- a/arch/x86/vdso/vdso32-setup.c
+++ b/arch/x86/vdso/vdso32-setup.c
@@ -417,24 +417,25 @@ const char *arch_vma_name(struct vm_area_struct *vma)
         return NULL;
 }
 
-struct vm_area_struct *get_gate_vma(struct task_struct *tsk)
+struct vm_area_struct *get_gate_vma(struct mm_struct *mm)
 {
-        struct mm_struct *mm = tsk->mm;
-
-        /* Check to see if this task was created in compat vdso mode */
+        /*
+         * Check to see if the corresponding task was created in compat vdso
+         * mode.
+         */
         if (mm && mm->context.vdso == (void *)VDSO_HIGH_BASE)
                 return &gate_vma;
         return NULL;
 }
 
-int in_gate_area(struct task_struct *task, unsigned long addr)
+int in_gate_area(struct mm_struct *mm, unsigned long addr)
 {
-        const struct vm_area_struct *vma = get_gate_vma(task);
+        const struct vm_area_struct *vma = get_gate_vma(mm);
 
         return vma && addr >= vma->vm_start && addr < vma->vm_end;
 }
 
-int in_gate_area_no_task(unsigned long addr)
+int in_gate_area_no_mm(unsigned long addr)
 {
         return 0;
 }