diff options
| author | David Howells <dhowells@redhat.com> | 2008-11-13 18:39:19 -0500 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2008-11-13 18:39:19 -0500 |
| commit | c69e8d9c01db2adc503464993c358901c9af9de4 (patch) | |
| tree | bed94aaa9aeb7a7834d1c880f72b62a11a752c78 /mm | |
| parent | 86a264abe542cfececb4df129bc45a0338d8cdb9 (diff) | |
CRED: Use RCU to access another task's creds and to release a task's own creds
Use RCU to access another task's creds and to release a task's own creds.
This means that it will be possible for the credentials of a task to be
replaced without another task (a) requiring a full lock to read them, and (b)
seeing deallocated memory.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'mm')
| -rw-r--r-- | mm/mempolicy.c | 8 | ||||
| -rw-r--r-- | mm/migrate.c | 8 | ||||
| -rw-r--r-- | mm/oom_kill.c | 6 |
3 files changed, 13 insertions, 9 deletions
diff --git a/mm/mempolicy.c b/mm/mempolicy.c index b23492ee3e50..7555219c535b 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c | |||
| @@ -1110,7 +1110,7 @@ asmlinkage long sys_migrate_pages(pid_t pid, unsigned long maxnode, | |||
| 1110 | const unsigned long __user *old_nodes, | 1110 | const unsigned long __user *old_nodes, |
| 1111 | const unsigned long __user *new_nodes) | 1111 | const unsigned long __user *new_nodes) |
| 1112 | { | 1112 | { |
| 1113 | struct cred *cred, *tcred; | 1113 | const struct cred *cred = current_cred(), *tcred; |
| 1114 | struct mm_struct *mm; | 1114 | struct mm_struct *mm; |
| 1115 | struct task_struct *task; | 1115 | struct task_struct *task; |
| 1116 | nodemask_t old; | 1116 | nodemask_t old; |
| @@ -1145,14 +1145,16 @@ asmlinkage long sys_migrate_pages(pid_t pid, unsigned long maxnode, | |||
| 1145 | * capabilities, superuser privileges or the same | 1145 | * capabilities, superuser privileges or the same |
| 1146 | * userid as the target process. | 1146 | * userid as the target process. |
| 1147 | */ | 1147 | */ |
| 1148 | cred = current->cred; | 1148 | rcu_read_lock(); |
| 1149 | tcred = task->cred; | 1149 | tcred = __task_cred(task); |
| 1150 | if (cred->euid != tcred->suid && cred->euid != tcred->uid && | 1150 | if (cred->euid != tcred->suid && cred->euid != tcred->uid && |
| 1151 | cred->uid != tcred->suid && cred->uid != tcred->uid && | 1151 | cred->uid != tcred->suid && cred->uid != tcred->uid && |
| 1152 | !capable(CAP_SYS_NICE)) { | 1152 | !capable(CAP_SYS_NICE)) { |
| 1153 | rcu_read_unlock(); | ||
| 1153 | err = -EPERM; | 1154 | err = -EPERM; |
| 1154 | goto out; | 1155 | goto out; |
| 1155 | } | 1156 | } |
| 1157 | rcu_read_unlock(); | ||
| 1156 | 1158 | ||
| 1157 | task_nodes = cpuset_mems_allowed(task); | 1159 | task_nodes = cpuset_mems_allowed(task); |
| 1158 | /* Is the user allowed to access the target nodes? */ | 1160 | /* Is the user allowed to access the target nodes? */ |
diff --git a/mm/migrate.c b/mm/migrate.c index 794443da1b4f..142284229ce2 100644 --- a/mm/migrate.c +++ b/mm/migrate.c | |||
| @@ -1045,7 +1045,7 @@ asmlinkage long sys_move_pages(pid_t pid, unsigned long nr_pages, | |||
| 1045 | const int __user *nodes, | 1045 | const int __user *nodes, |
| 1046 | int __user *status, int flags) | 1046 | int __user *status, int flags) |
| 1047 | { | 1047 | { |
| 1048 | struct cred *cred, *tcred; | 1048 | const struct cred *cred = current_cred(), *tcred; |
| 1049 | struct task_struct *task; | 1049 | struct task_struct *task; |
| 1050 | struct mm_struct *mm; | 1050 | struct mm_struct *mm; |
| 1051 | int err; | 1051 | int err; |
| @@ -1076,14 +1076,16 @@ asmlinkage long sys_move_pages(pid_t pid, unsigned long nr_pages, | |||
| 1076 | * capabilities, superuser privileges or the same | 1076 | * capabilities, superuser privileges or the same |
| 1077 | * userid as the target process. | 1077 | * userid as the target process. |
| 1078 | */ | 1078 | */ |
| 1079 | cred = current->cred; | 1079 | rcu_read_lock(); |
| 1080 | tcred = task->cred; | 1080 | tcred = __task_cred(task); |
| 1081 | if (cred->euid != tcred->suid && cred->euid != tcred->uid && | 1081 | if (cred->euid != tcred->suid && cred->euid != tcred->uid && |
| 1082 | cred->uid != tcred->suid && cred->uid != tcred->uid && | 1082 | cred->uid != tcred->suid && cred->uid != tcred->uid && |
| 1083 | !capable(CAP_SYS_NICE)) { | 1083 | !capable(CAP_SYS_NICE)) { |
| 1084 | rcu_read_unlock(); | ||
| 1084 | err = -EPERM; | 1085 | err = -EPERM; |
| 1085 | goto out; | 1086 | goto out; |
| 1086 | } | 1087 | } |
| 1088 | rcu_read_unlock(); | ||
| 1087 | 1089 | ||
| 1088 | err = security_task_movememory(task); | 1090 | err = security_task_movememory(task); |
| 1089 | if (err) | 1091 | if (err) |
diff --git a/mm/oom_kill.c b/mm/oom_kill.c index 3af787ba2077..0e0b282a2073 100644 --- a/mm/oom_kill.c +++ b/mm/oom_kill.c | |||
| @@ -298,9 +298,9 @@ static void dump_tasks(const struct mem_cgroup *mem) | |||
| 298 | 298 | ||
| 299 | task_lock(p); | 299 | task_lock(p); |
| 300 | printk(KERN_INFO "[%5d] %5d %5d %8lu %8lu %3d %3d %s\n", | 300 | printk(KERN_INFO "[%5d] %5d %5d %8lu %8lu %3d %3d %s\n", |
| 301 | p->pid, p->cred->uid, p->tgid, p->mm->total_vm, | 301 | p->pid, __task_cred(p)->uid, p->tgid, |
| 302 | get_mm_rss(p->mm), (int)task_cpu(p), p->oomkilladj, | 302 | p->mm->total_vm, get_mm_rss(p->mm), (int)task_cpu(p), |
| 303 | p->comm); | 303 | p->oomkilladj, p->comm); |
| 304 | task_unlock(p); | 304 | task_unlock(p); |
| 305 | } while_each_thread(g, p); | 305 | } while_each_thread(g, p); |
| 306 | } | 306 | } |