CRED: Use RCU to access another task's creds and to release a task's own creds

Use RCU to access another task's creds and to release a task's own creds.
This means that it will be possible for the credentials of a task to be
replaced without another task (a) requiring a full lock to read them, and (b)
seeing deallocated memory.

Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>

1 files changed, 6 insertions, 2 deletions

diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
index 0e6655613169..9142ff5dc8e6 100644
--- a/fs/binfmt_elf.c
+++ b/fs/binfmt_elf.c
@@ -1361,6 +1361,7 @@ static void fill_prstatus(struct elf_prstatus *prstatus,
 static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p,
                        struct mm_struct *mm)
 {
+        const struct cred *cred;
         unsigned int i, len;
         
         /* first copy the parameters from user space */
@@ -1388,8 +1389,11 @@ static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p,
         psinfo->pr_zomb = psinfo->pr_sname == 'Z';
         psinfo->pr_nice = task_nice(p);
         psinfo->pr_flag = p->flags;
-        SET_UID(psinfo->pr_uid, p->cred->uid);
-        SET_GID(psinfo->pr_gid, p->cred->gid);
+        rcu_read_lock();
+        cred = __task_cred(p);
+        SET_UID(psinfo->pr_uid, cred->uid);
+        SET_GID(psinfo->pr_gid, cred->gid);
+        rcu_read_unlock();
         strncpy(psinfo->pr_fname, p->comm, sizeof(psinfo->pr_fname));
         
         return 0;