prctl: PR_SET_MM -- factor out mmap_sem when updating mm::exe_file

Instead of taking mm->mmap_sem inside prctl_set_mm_exe_file() move it out
and rename the helper to prctl_set_mm_exe_file_locked().  This will allow
to reuse this function in a next patch.

Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: Tejun Heo <tj@kernel.org>
Cc: Andrew Vagin <avagin@openvz.org>
Cc: Eric W. Biederman <ebiederm@xmission.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Cc: Pavel Emelyanov <xemul@parallels.com>
Cc: Vasiliy Kulikov <segoon@openwall.com>
Cc: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: Michael Kerrisk <mtk.manpages@gmail.com>
Cc: Julien Tinnes <jln@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

1 files changed, 11 insertions, 10 deletions

diff --git a/kernel/sys.c b/kernel/sys.c
index 7879729bd3bd..14222a1699c0 100644
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -1628,12 +1628,14 @@ SYSCALL_DEFINE1(umask, int, mask)
         return mask;
 }
 
-static int prctl_set_mm_exe_file(struct mm_struct *mm, unsigned int fd)
+static int prctl_set_mm_exe_file_locked(struct mm_struct *mm, unsigned int fd)
 {
         struct fd exe;
         struct inode *inode;
         int err;
 
+        VM_BUG_ON(!rwsem_is_locked(&mm->mmap_sem));
+
         exe = fdget(fd);
         if (!exe.file)
                 return -EBADF;
@@ -1654,8 +1656,6 @@ static int prctl_set_mm_exe_file(struct mm_struct *mm, unsigned int fd)
         if (err)
                 goto exit;
 
-        down_write(&mm->mmap_sem);
-
         /*
          * Forbid mm->exe_file change if old file still mapped.
          */
@@ -1667,7 +1667,7 @@ static int prctl_set_mm_exe_file(struct mm_struct *mm, unsigned int fd)
                         if (vma->vm_file &&
                             path_equal(&vma->vm_file->f_path,
                                        &mm->exe_file->f_path))
-                                goto exit_unlock;
+                                goto exit;
         }
 
         /*
@@ -1678,13 +1678,10 @@ static int prctl_set_mm_exe_file(struct mm_struct *mm, unsigned int fd)
          */
         err = -EPERM;
         if (test_and_set_bit(MMF_EXE_FILE_CHANGED, &mm->flags))
-                goto exit_unlock;
+                goto exit;
 
         err = 0;
         set_mm_exe_file(mm, exe.file);  /* this grabs a reference to exe.file */
-exit_unlock:
-        up_write(&mm->mmap_sem);
-
 exit:
         fdput(exe);
         return err;
@@ -1703,8 +1700,12 @@ static int prctl_set_mm(int opt, unsigned long addr,
         if (!capable(CAP_SYS_RESOURCE))
                 return -EPERM;
 
-        if (opt == PR_SET_MM_EXE_FILE)
-                return prctl_set_mm_exe_file(mm, (unsigned int)addr);
+        if (opt == PR_SET_MM_EXE_FILE) {
+                down_write(&mm->mmap_sem);
+                error = prctl_set_mm_exe_file_locked(mm, (unsigned int)addr);
+                up_write(&mm->mmap_sem);
+                return error;
+        }
 
         if (addr >= TASK_SIZE || addr < mmap_min_addr)
                 return -EINVAL;