CRED: Use RCU to access another task's creds and to release a task's own creds

Use RCU to access another task's creds and to release a task's own creds. This means that it will be possible for the credentials of a task to be replaced without another task (a) requiring a full lock to read them, and (b) seeing deallocated memory. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: James Morris <jmorris@namei.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
author: David Howells <dhowells@redhat.com> 2008-11-13 18:39:19 -0500
committer: James Morris <jmorris@namei.org> 2008-11-13 18:39:19 -0500
commit: c69e8d9c01db2adc503464993c358901c9af9de4 (patch)
tree: bed94aaa9aeb7a7834d1c880f72b62a11a752c78 /kernel/sched.c
parent: 86a264abe542cfececb4df129bc45a0338d8cdb9 (diff)
1 files changed, 21 insertions, 10 deletions
diff --git a/kernel/sched.c b/kernel/sched.c
index 733c59e645aa..92992e287b10 100644
--- a/kernel/sched.c
+++ b/kernel/sched.c
@@ -345,7 +345,9 @@ static inline struct task_group *task_group(struct task_struct *p)
        struct task_group *tg;
 #ifdef CONFIG_USER_SCHED
-        tg = p->cred->user->tg;
+        rcu_read_lock();
+        tg = __task_cred(p)->user->tg;
+        rcu_read_unlock();
 #elif defined(CONFIG_CGROUP_SCHED)
        tg = container_of(task_subsys_state(p, cpu_cgroup_subsys_id),
                                struct task_group, css);
@@ -5121,6 +5123,22 @@ __setscheduler(struct rq *rq, struct task_struct *p, int policy, int prio)
        set_load_weight(p);
 }
+/*
+ * check the target process has a UID that matches the current process's
+ */
+static bool check_same_owner(struct task_struct *p)
+{
+        const struct cred *cred = current_cred(), *pcred;
+        bool match;
+        rcu_read_lock();
+        pcred = __task_cred(p);
+        match = (cred->euid == pcred->euid ||
+                 cred->euid == pcred->uid);
+        rcu_read_unlock();
+        return match;
+}
 static int __sched_setscheduler(struct task_struct *p, int policy,
                                struct sched_param *param, bool user)
 {
@@ -5128,7 +5146,6 @@ static int __sched_setscheduler(struct task_struct *p, int policy,
        unsigned long flags;
        const struct sched_class *prev_class = p->sched_class;
        struct rq *rq;
-        uid_t euid;
        /* may grab non-irq protected spin_locks */
        BUG_ON(in_interrupt());
@@ -5181,9 +5198,7 @@ recheck:
                        return -EPERM;
                /* can't change other user's priorities */
-                euid = current_euid();
+                if (!check_same_owner(p))
-                if (euid != p->cred->euid &&
-                    euid != p->cred->uid)
                        return -EPERM;
        }
@@ -5394,7 +5409,6 @@ long sched_setaffinity(pid_t pid, const cpumask_t *in_mask)
        cpumask_t cpus_allowed;
        cpumask_t new_mask = *in_mask;
        struct task_struct *p;
-        uid_t euid;
        int retval;
        get_online_cpus();
@@ -5415,11 +5429,8 @@ long sched_setaffinity(pid_t pid, const cpumask_t *in_mask)
        get_task_struct(p);
        read_unlock(&tasklist_lock);
-        euid = current_euid();
        retval = -EPERM;
-        if (euid != p->cred->euid &&
+        if (!check_same_owner(p) && !capable(CAP_SYS_NICE))
-            euid != p->cred->uid &&
-            !capable(CAP_SYS_NICE))
                goto out_unlock;
        retval = security_task_setscheduler(p, 0, NULL);
author	David Howells <dhowells@redhat.com>	2008-11-13 18:39:19 -0500
committer	James Morris <jmorris@namei.org>	2008-11-13 18:39:19 -0500
commit	c69e8d9c01db2adc503464993c358901c9af9de4 (patch)
tree	bed94aaa9aeb7a7834d1c880f72b62a11a752c78 /kernel/sched.c
parent	86a264abe542cfececb4df129bc45a0338d8cdb9 (diff)