1 files changed, 30 insertions, 37 deletions
diff --git a/kernel/audit.c b/kernel/audit.c
index d96045789b54..77770a034d59 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -467,23 +467,16 @@ static int audit_prepare_user_tty(pid_t pid, uid_t loginuid, u32 sessionid)
        struct task_struct *tsk;
        int err;
-        read_lock(&tasklist_lock);
+        rcu_read_lock();
        tsk = find_task_by_vpid(pid);
-        err = -ESRCH;
+        if (!tsk) {
-        if (!tsk)
+                rcu_read_unlock();
-                goto out;
+                return -ESRCH;
-        err = 0;
+        }
+        get_task_struct(tsk);
-        spin_lock_irq(&tsk->sighand->siglock);
+        rcu_read_unlock();
-        if (!tsk->signal->audit_tty)
+        err = tty_audit_push_task(tsk, loginuid, sessionid);
-                err = -EPERM;
+        put_task_struct(tsk);
-        spin_unlock_irq(&tsk->sighand->siglock);
-        if (err)
-                goto out;
-        tty_audit_push_task(tsk, loginuid, sessionid);
-out:
-        read_unlock(&tasklist_lock);
        return err;
 }
@@ -506,7 +499,7 @@ int audit_send_list(void *_dest)
 }
 struct sk_buff *audit_make_reply(int pid, int seq, int type, int done,
-                                 int multi, void *payload, int size)
+                                 int multi, const void *payload, int size)
 {
        struct sk_buff  *skb;
        struct nlmsghdr *nlh;
@@ -555,8 +548,8 @@ static int audit_send_reply_thread(void *arg)
 * Allocates an skb, builds the netlink message, and sends it to the pid.
 * No failure notifications.
 */
-void audit_send_reply(int pid, int seq, int type, int done, int multi,
+static void audit_send_reply(int pid, int seq, int type, int done, int multi,
-                      void *payload, int size)
+                             const void *payload, int size)
 {
        struct sk_buff *skb;
        struct task_struct *tsk;
@@ -880,40 +873,40 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
        case AUDIT_TTY_GET: {
                struct audit_tty_status s;
                struct task_struct *tsk;
+                unsigned long flags;
-                read_lock(&tasklist_lock);
+                rcu_read_lock();
                tsk = find_task_by_vpid(pid);
-                if (!tsk)
+                if (tsk && lock_task_sighand(tsk, &flags)) {
-                        err = -ESRCH;
-                else {
-                        spin_lock_irq(&tsk->sighand->siglock);
                        s.enabled = tsk->signal->audit_tty != 0;
-                        spin_unlock_irq(&tsk->sighand->siglock);
+                        unlock_task_sighand(tsk, &flags);
-                }
+                } else
-                read_unlock(&tasklist_lock);
+                        err = -ESRCH;
-                audit_send_reply(NETLINK_CB(skb).pid, seq, AUDIT_TTY_GET, 0, 0,
+                rcu_read_unlock();
-                                 &s, sizeof(s));
+                if (!err)
+                        audit_send_reply(NETLINK_CB(skb).pid, seq,
+                                         AUDIT_TTY_GET, 0, 0, &s, sizeof(s));
                break;
        }
        case AUDIT_TTY_SET: {
                struct audit_tty_status *s;
                struct task_struct *tsk;
+                unsigned long flags;
                if (nlh->nlmsg_len < sizeof(struct audit_tty_status))
                        return -EINVAL;
                s = data;
                if (s->enabled != 0 && s->enabled != 1)
                        return -EINVAL;
-                read_lock(&tasklist_lock);
+                rcu_read_lock();
                tsk = find_task_by_vpid(pid);
-                if (!tsk)
+                if (tsk && lock_task_sighand(tsk, &flags)) {
-                        err = -ESRCH;
-                else {
-                        spin_lock_irq(&tsk->sighand->siglock);
                        tsk->signal->audit_tty = s->enabled != 0;
-                        spin_unlock_irq(&tsk->sighand->siglock);
+                        unlock_task_sighand(tsk, &flags);
-                }
+                } else
-                read_unlock(&tasklist_lock);
+                        err = -ESRCH;
+                rcu_read_unlock();
                break;
        }
        default:

diff --git a/kernel/audit.c b/kernel/audit.c index d96045789b54..77770a034d59 100644 --- a/kernel/audit.c +++ b/kernel/audit.c
@@ -467,23 +467,16 @@ static int audit_prepare_user_tty(pid_t pid, uid_t loginuid, u32 sessionid)
467	struct task_struct *tsk;	467	struct task_struct *tsk;
468	int err;	468	int err;
469		469
470	read_lock(&tasklist_lock);	470	rcu_read_lock();
471	tsk = find_task_by_vpid(pid);	471	tsk = find_task_by_vpid(pid);
472	err = -ESRCH;	472	if (!tsk) {
473	if (!tsk)	473	rcu_read_unlock();
474	goto out;	474	return -ESRCH;
475	err = 0;	475	}
476		476	get_task_struct(tsk);
477	spin_lock_irq(&tsk->sighand->siglock);	477	rcu_read_unlock();
478	if (!tsk->signal->audit_tty)	478	err = tty_audit_push_task(tsk, loginuid, sessionid);
479	err = -EPERM;	479	put_task_struct(tsk);
480	spin_unlock_irq(&tsk->sighand->siglock);
481	if (err)
482	goto out;
483
484	tty_audit_push_task(tsk, loginuid, sessionid);
485	out:
486	read_unlock(&tasklist_lock);
487	return err;	480	return err;
488	}	481	}
489		482
@@ -506,7 +499,7 @@ int audit_send_list(void *_dest)
506	}	499	}
507		500
508	struct sk_buff *audit_make_reply(int pid, int seq, int type, int done,	501	struct sk_buff *audit_make_reply(int pid, int seq, int type, int done,
509	int multi, void *payload, int size)	502	int multi, const void *payload, int size)
510	{	503	{
511	struct sk_buff *skb;	504	struct sk_buff *skb;
512	struct nlmsghdr *nlh;	505	struct nlmsghdr *nlh;
@@ -555,8 +548,8 @@ static int audit_send_reply_thread(void *arg)
555	* Allocates an skb, builds the netlink message, and sends it to the pid.	548	* Allocates an skb, builds the netlink message, and sends it to the pid.
556	* No failure notifications.	549	* No failure notifications.
557	*/	550	*/
558	void audit_send_reply(int pid, int seq, int type, int done, int multi,	551	static void audit_send_reply(int pid, int seq, int type, int done, int multi,
559	void *payload, int size)	552	const void *payload, int size)
560	{	553	{
561	struct sk_buff *skb;	554	struct sk_buff *skb;
562	struct task_struct *tsk;	555	struct task_struct *tsk;
@@ -880,40 +873,40 @@ static int audit_receive_msg(struct sk_buff skb, struct nlmsghdr nlh)
880	case AUDIT_TTY_GET: {	873	case AUDIT_TTY_GET: {
881	struct audit_tty_status s;	874	struct audit_tty_status s;
882	struct task_struct *tsk;	875	struct task_struct *tsk;
		876	unsigned long flags;
883		877
884	read_lock(&tasklist_lock);	878	rcu_read_lock();
885	tsk = find_task_by_vpid(pid);	879	tsk = find_task_by_vpid(pid);
886	if (!tsk)	880	if (tsk && lock_task_sighand(tsk, &flags)) {
887	err = -ESRCH;
888	else {
889	spin_lock_irq(&tsk->sighand->siglock);
890	s.enabled = tsk->signal->audit_tty != 0;	881	s.enabled = tsk->signal->audit_tty != 0;
891	spin_unlock_irq(&tsk->sighand->siglock);	882	unlock_task_sighand(tsk, &flags);
892	}	883	} else
893	read_unlock(&tasklist_lock);	884	err = -ESRCH;
894	audit_send_reply(NETLINK_CB(skb).pid, seq, AUDIT_TTY_GET, 0, 0,	885	rcu_read_unlock();
895	&s, sizeof(s));	886
		887	if (!err)
		888	audit_send_reply(NETLINK_CB(skb).pid, seq,
		889	AUDIT_TTY_GET, 0, 0, &s, sizeof(s));
896	break;	890	break;
897	}	891	}
898	case AUDIT_TTY_SET: {	892	case AUDIT_TTY_SET: {
899	struct audit_tty_status *s;	893	struct audit_tty_status *s;
900	struct task_struct *tsk;	894	struct task_struct *tsk;
		895	unsigned long flags;
901		896
902	if (nlh->nlmsg_len < sizeof(struct audit_tty_status))	897	if (nlh->nlmsg_len < sizeof(struct audit_tty_status))
903	return -EINVAL;	898	return -EINVAL;
904	s = data;	899	s = data;
905	if (s->enabled != 0 && s->enabled != 1)	900	if (s->enabled != 0 && s->enabled != 1)
906	return -EINVAL;	901	return -EINVAL;
907	read_lock(&tasklist_lock);	902	rcu_read_lock();
908	tsk = find_task_by_vpid(pid);	903	tsk = find_task_by_vpid(pid);
909	if (!tsk)	904	if (tsk && lock_task_sighand(tsk, &flags)) {
910	err = -ESRCH;
911	else {
912	spin_lock_irq(&tsk->sighand->siglock);
913	tsk->signal->audit_tty = s->enabled != 0;	905	tsk->signal->audit_tty = s->enabled != 0;
914	spin_unlock_irq(&tsk->sighand->siglock);	906	unlock_task_sighand(tsk, &flags);
915	}	907	} else
916	read_unlock(&tasklist_lock);	908	err = -ESRCH;
		909	rcu_read_unlock();
917	break;	910	break;
918	}	911	}
919	default:	912	default: