diff options
author | Stephen Wilson <wilsons@start.ca> | 2011-03-13 15:49:22 -0400 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2011-03-23 16:36:58 -0400 |
commit | 18f661bcf898742212182d75f22f05b048cc04bb (patch) | |
tree | 3a0a6edc6e4240bda06fe52d565fe4b1cb4d8b84 /fs/proc | |
parent | 26947f8c8f9598209001cdcd31bb2162a2e54691 (diff) |
proc: hold cred_guard_mutex in check_mem_permission()
Avoid a potential race when task exec's and we get a new ->mm but check against
the old credentials in ptrace_may_access().
Holding of the mutex is implemented by factoring out the body of the code into a
helper function __check_mem_permission(). Performing this factorization now
simplifies upcoming changes and minimizes churn in the diff's.
Signed-off-by: Stephen Wilson <wilsons@start.ca>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'fs/proc')
-rw-r--r-- | fs/proc/base.c | 26 |
1 files changed, 22 insertions, 4 deletions
diff --git a/fs/proc/base.c b/fs/proc/base.c index 9af49a3984f1..013f116b3223 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c | |||
@@ -191,10 +191,7 @@ static int proc_root_link(struct inode *inode, struct path *path) | |||
191 | return result; | 191 | return result; |
192 | } | 192 | } |
193 | 193 | ||
194 | /* | 194 | static int __check_mem_permission(struct task_struct *task) |
195 | * Return zero if current may access user memory in @task, -error if not. | ||
196 | */ | ||
197 | static int check_mem_permission(struct task_struct *task) | ||
198 | { | 195 | { |
199 | /* | 196 | /* |
200 | * A task can always look at itself, in case it chooses | 197 | * A task can always look at itself, in case it chooses |
@@ -222,6 +219,27 @@ static int check_mem_permission(struct task_struct *task) | |||
222 | return -EPERM; | 219 | return -EPERM; |
223 | } | 220 | } |
224 | 221 | ||
222 | /* | ||
223 | * Return zero if current may access user memory in @task, -error if not. | ||
224 | */ | ||
225 | static int check_mem_permission(struct task_struct *task) | ||
226 | { | ||
227 | int err; | ||
228 | |||
229 | /* | ||
230 | * Avoid racing if task exec's as we might get a new mm but validate | ||
231 | * against old credentials. | ||
232 | */ | ||
233 | err = mutex_lock_killable(&task->signal->cred_guard_mutex); | ||
234 | if (err) | ||
235 | return err; | ||
236 | |||
237 | err = __check_mem_permission(task); | ||
238 | mutex_unlock(&task->signal->cred_guard_mutex); | ||
239 | |||
240 | return err; | ||
241 | } | ||
242 | |||
225 | struct mm_struct *mm_for_maps(struct task_struct *task) | 243 | struct mm_struct *mm_for_maps(struct task_struct *task) |
226 | { | 244 | { |
227 | struct mm_struct *mm; | 245 | struct mm_struct *mm; |