1 files changed, 14 insertions, 9 deletions
diff --git a/kernel/exit.c b/kernel/exit.c
index e5ae36ebe8af..c7422ca92038 100644
--- a/kernel/exit.c
+++ b/kernel/exit.c
@@ -46,12 +46,14 @@
 #include <linux/blkdev.h>
 #include <linux/task_io_accounting_ops.h>
 #include <linux/tracehook.h>
+#include <linux/init_task.h>
 #include <trace/sched.h>
 #include <asm/uaccess.h>
 #include <asm/unistd.h>
 #include <asm/pgtable.h>
 #include <asm/mmu_context.h>
+#include "cred-internals.h"
 DEFINE_TRACE(sched_process_free);
 DEFINE_TRACE(sched_process_exit);
@@ -168,7 +170,10 @@ void release_task(struct task_struct * p)
        int zap_leader;
 repeat:
        tracehook_prepare_release_task(p);
-        atomic_dec(&p->user->processes);
+        /* don't need to get the RCU readlock here - the process is dead and
+         * can't be modifying its own credentials */
+        atomic_dec(&__task_cred(p)->user->processes);
        proc_flush_task(p);
        write_lock_irq(&tasklist_lock);
        tracehook_finish_release_task(p);
@@ -343,12 +348,12 @@ static void reparent_to_kthreadd(void)
        /* cpus_allowed? */
        /* rt_priority? */
        /* signals? */
-        security_task_reparent_to_init(current);
        memcpy(current->signal->rlim, init_task.signal->rlim,
               sizeof(current->signal->rlim));
-        atomic_inc(&(INIT_USER->__count));
+        atomic_inc(&init_cred.usage);
+        commit_creds(&init_cred);
        write_unlock_irq(&tasklist_lock);
-        switch_uid(INIT_USER);
 }
 void __set_special_pids(struct pid *pid)
@@ -1082,7 +1087,6 @@ NORET_TYPE void do_exit(long code)
        check_stack_usage();
        exit_thread();
        cgroup_exit(tsk, 1);
-        exit_keys(tsk);
        if (group_dead && tsk->signal->leader)
                disassociate_ctty(1);
@@ -1266,12 +1270,12 @@ static int wait_task_zombie(struct task_struct *p, int options,
        unsigned long state;
        int retval, status, traced;
        pid_t pid = task_pid_vnr(p);
+        uid_t uid = __task_cred(p)->uid;
        if (!likely(options & WEXITED))
                return 0;
        if (unlikely(options & WNOWAIT)) {
-                uid_t uid = p->uid;
                int exit_code = p->exit_code;
                int why, status;
@@ -1392,7 +1396,7 @@ static int wait_task_zombie(struct task_struct *p, int options,
        if (!retval && infop)
                retval = put_user(pid, &infop->si_pid);
        if (!retval && infop)
-                retval = put_user(p->uid, &infop->si_uid);
+                retval = put_user(uid, &infop->si_uid);
        if (!retval)
                retval = pid;
@@ -1457,7 +1461,8 @@ static int wait_task_stopped(int ptrace, struct task_struct *p,
        if (!unlikely(options & WNOWAIT))
                p->exit_code = 0;
-        uid = p->uid;
+        /* don't need the RCU readlock here as we're holding a spinlock */
+        uid = __task_cred(p)->uid;
 unlock_sig:
        spin_unlock_irq(&p->sighand->siglock);
        if (!exit_code)
@@ -1531,10 +1536,10 @@ static int wait_task_continued(struct task_struct *p, int options,
        }
        if (!unlikely(options & WNOWAIT))
                p->signal->flags &= ~SIGNAL_STOP_CONTINUED;
+        uid = __task_cred(p)->uid;
        spin_unlock_irq(&p->sighand->siglock);
        pid = task_pid_vnr(p);
-        uid = p->uid;
        get_task_struct(p);
        read_unlock(&tasklist_lock);

diff --git a/kernel/exit.c b/kernel/exit.c index e5ae36ebe8af..c7422ca92038 100644 --- a/kernel/exit.c +++ b/kernel/exit.c
@@ -46,12 +46,14 @@
46	#include <linux/blkdev.h>	46	#include <linux/blkdev.h>
47	#include <linux/task_io_accounting_ops.h>	47	#include <linux/task_io_accounting_ops.h>
48	#include <linux/tracehook.h>	48	#include <linux/tracehook.h>
		49	#include <linux/init_task.h>
49	#include <trace/sched.h>	50	#include <trace/sched.h>
50		51
51	#include <asm/uaccess.h>	52	#include <asm/uaccess.h>
52	#include <asm/unistd.h>	53	#include <asm/unistd.h>
53	#include <asm/pgtable.h>	54	#include <asm/pgtable.h>
54	#include <asm/mmu_context.h>	55	#include <asm/mmu_context.h>
		56	#include "cred-internals.h"
55		57
56	DEFINE_TRACE(sched_process_free);	58	DEFINE_TRACE(sched_process_free);
57	DEFINE_TRACE(sched_process_exit);	59	DEFINE_TRACE(sched_process_exit);
@@ -168,7 +170,10 @@ void release_task(struct task_struct * p)
168	int zap_leader;	170	int zap_leader;
169	repeat:	171	repeat:
170	tracehook_prepare_release_task(p);	172	tracehook_prepare_release_task(p);
171	atomic_dec(&p->user->processes);	173	/* don't need to get the RCU readlock here - the process is dead and
		174	* can't be modifying its own credentials */
		175	atomic_dec(&__task_cred(p)->user->processes);
		176
172	proc_flush_task(p);	177	proc_flush_task(p);
173	write_lock_irq(&tasklist_lock);	178	write_lock_irq(&tasklist_lock);
174	tracehook_finish_release_task(p);	179	tracehook_finish_release_task(p);
@@ -343,12 +348,12 @@ static void reparent_to_kthreadd(void)
343	/* cpus_allowed? */	348	/* cpus_allowed? */
344	/* rt_priority? */	349	/* rt_priority? */
345	/* signals? */	350	/* signals? */
346	security_task_reparent_to_init(current);
347	memcpy(current->signal->rlim, init_task.signal->rlim,	351	memcpy(current->signal->rlim, init_task.signal->rlim,
348	sizeof(current->signal->rlim));	352	sizeof(current->signal->rlim));
349	atomic_inc(&(INIT_USER->__count));	353
		354	atomic_inc(&init_cred.usage);
		355	commit_creds(&init_cred);
350	write_unlock_irq(&tasklist_lock);	356	write_unlock_irq(&tasklist_lock);
351	switch_uid(INIT_USER);
352	}	357	}
353		358
354	void __set_special_pids(struct pid *pid)	359	void __set_special_pids(struct pid *pid)
@@ -1082,7 +1087,6 @@ NORET_TYPE void do_exit(long code)
1082	check_stack_usage();	1087	check_stack_usage();
1083	exit_thread();	1088	exit_thread();
1084	cgroup_exit(tsk, 1);	1089	cgroup_exit(tsk, 1);
1085	exit_keys(tsk);
1086		1090
1087	if (group_dead && tsk->signal->leader)	1091	if (group_dead && tsk->signal->leader)
1088	disassociate_ctty(1);	1092	disassociate_ctty(1);
@@ -1266,12 +1270,12 @@ static int wait_task_zombie(struct task_struct *p, int options,
1266	unsigned long state;	1270	unsigned long state;
1267	int retval, status, traced;	1271	int retval, status, traced;
1268	pid_t pid = task_pid_vnr(p);	1272	pid_t pid = task_pid_vnr(p);
		1273	uid_t uid = __task_cred(p)->uid;
1269		1274
1270	if (!likely(options & WEXITED))	1275	if (!likely(options & WEXITED))
1271	return 0;	1276	return 0;
1272		1277
1273	if (unlikely(options & WNOWAIT)) {	1278	if (unlikely(options & WNOWAIT)) {
1274	uid_t uid = p->uid;
1275	int exit_code = p->exit_code;	1279	int exit_code = p->exit_code;
1276	int why, status;	1280	int why, status;
1277		1281
@@ -1392,7 +1396,7 @@ static int wait_task_zombie(struct task_struct *p, int options,
1392	if (!retval && infop)	1396	if (!retval && infop)
1393	retval = put_user(pid, &infop->si_pid);	1397	retval = put_user(pid, &infop->si_pid);
1394	if (!retval && infop)	1398	if (!retval && infop)
1395	retval = put_user(p->uid, &infop->si_uid);	1399	retval = put_user(uid, &infop->si_uid);
1396	if (!retval)	1400	if (!retval)
1397	retval = pid;	1401	retval = pid;
1398		1402
@@ -1457,7 +1461,8 @@ static int wait_task_stopped(int ptrace, struct task_struct *p,
1457	if (!unlikely(options & WNOWAIT))	1461	if (!unlikely(options & WNOWAIT))
1458	p->exit_code = 0;	1462	p->exit_code = 0;
1459		1463
1460	uid = p->uid;	1464	/* don't need the RCU readlock here as we're holding a spinlock */
		1465	uid = __task_cred(p)->uid;
1461	unlock_sig:	1466	unlock_sig:
1462	spin_unlock_irq(&p->sighand->siglock);	1467	spin_unlock_irq(&p->sighand->siglock);
1463	if (!exit_code)	1468	if (!exit_code)
@@ -1531,10 +1536,10 @@ static int wait_task_continued(struct task_struct *p, int options,
1531	}	1536	}
1532	if (!unlikely(options & WNOWAIT))	1537	if (!unlikely(options & WNOWAIT))
1533	p->signal->flags &= ~SIGNAL_STOP_CONTINUED;	1538	p->signal->flags &= ~SIGNAL_STOP_CONTINUED;
		1539	uid = __task_cred(p)->uid;
1534	spin_unlock_irq(&p->sighand->siglock);	1540	spin_unlock_irq(&p->sighand->siglock);
1535		1541
1536	pid = task_pid_vnr(p);	1542	pid = task_pid_vnr(p);
1537	uid = p->uid;
1538	get_task_struct(p);	1543	get_task_struct(p);
1539	read_unlock(&tasklist_lock);	1544	read_unlock(&tasklist_lock);
1540		1545