diff options
author | David Howells <dhowells@redhat.com> | 2009-04-29 08:45:05 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-04-29 19:07:13 -0400 |
commit | 3bcac0263f0b45e67a64034ebcb69eb9abb742f4 (patch) | |
tree | 33f4db08edaa12e1c20df348e2fa28c7c2198ebe /kernel | |
parent | 88c48db9788862d0290831d081bc3c64e13b592f (diff) |
SELinux: Don't flush inherited SIGKILL during execve()
Don't flush inherited SIGKILL during execve() in SELinux's post cred commit
hook. This isn't really a security problem: if the SIGKILL came before the
credentials were changed, then we were right to receive it at the time, and
should honour it; if it came after the creds were changed, then we definitely
should honour it; and in any case, all that will happen is that the process
will be scrapped before it ever returns to userspace.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'kernel')
-rw-r--r-- | kernel/signal.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/kernel/signal.c b/kernel/signal.c index 1c8814481a11..f93efec14ff5 100644 --- a/kernel/signal.c +++ b/kernel/signal.c | |||
@@ -238,14 +238,19 @@ void flush_sigqueue(struct sigpending *queue) | |||
238 | /* | 238 | /* |
239 | * Flush all pending signals for a task. | 239 | * Flush all pending signals for a task. |
240 | */ | 240 | */ |
241 | void __flush_signals(struct task_struct *t) | ||
242 | { | ||
243 | clear_tsk_thread_flag(t, TIF_SIGPENDING); | ||
244 | flush_sigqueue(&t->pending); | ||
245 | flush_sigqueue(&t->signal->shared_pending); | ||
246 | } | ||
247 | |||
241 | void flush_signals(struct task_struct *t) | 248 | void flush_signals(struct task_struct *t) |
242 | { | 249 | { |
243 | unsigned long flags; | 250 | unsigned long flags; |
244 | 251 | ||
245 | spin_lock_irqsave(&t->sighand->siglock, flags); | 252 | spin_lock_irqsave(&t->sighand->siglock, flags); |
246 | clear_tsk_thread_flag(t, TIF_SIGPENDING); | 253 | __flush_signals(t); |
247 | flush_sigqueue(&t->pending); | ||
248 | flush_sigqueue(&t->signal->shared_pending); | ||
249 | spin_unlock_irqrestore(&t->sighand->siglock, flags); | 254 | spin_unlock_irqrestore(&t->sighand->siglock, flags); |
250 | } | 255 | } |
251 | 256 | ||