diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/keys/keyctl.c | 6 | ||||
| -rw-r--r-- | security/tomoyo/common.c | 6 | ||||
| -rw-r--r-- | security/tomoyo/common.h | 3 |
3 files changed, 10 insertions, 5 deletions
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c index b2b0998d6abd..60924f6a52db 100644 --- a/security/keys/keyctl.c +++ b/security/keys/keyctl.c | |||
| @@ -1272,6 +1272,7 @@ long keyctl_session_to_parent(void) | |||
| 1272 | keyring_r = NULL; | 1272 | keyring_r = NULL; |
| 1273 | 1273 | ||
| 1274 | me = current; | 1274 | me = current; |
| 1275 | rcu_read_lock(); | ||
| 1275 | write_lock_irq(&tasklist_lock); | 1276 | write_lock_irq(&tasklist_lock); |
| 1276 | 1277 | ||
| 1277 | parent = me->real_parent; | 1278 | parent = me->real_parent; |
| @@ -1304,7 +1305,8 @@ long keyctl_session_to_parent(void) | |||
| 1304 | goto not_permitted; | 1305 | goto not_permitted; |
| 1305 | 1306 | ||
| 1306 | /* the keyrings must have the same UID */ | 1307 | /* the keyrings must have the same UID */ |
| 1307 | if (pcred->tgcred->session_keyring->uid != mycred->euid || | 1308 | if ((pcred->tgcred->session_keyring && |
| 1309 | pcred->tgcred->session_keyring->uid != mycred->euid) || | ||
| 1308 | mycred->tgcred->session_keyring->uid != mycred->euid) | 1310 | mycred->tgcred->session_keyring->uid != mycred->euid) |
| 1309 | goto not_permitted; | 1311 | goto not_permitted; |
| 1310 | 1312 | ||
| @@ -1319,6 +1321,7 @@ long keyctl_session_to_parent(void) | |||
| 1319 | set_ti_thread_flag(task_thread_info(parent), TIF_NOTIFY_RESUME); | 1321 | set_ti_thread_flag(task_thread_info(parent), TIF_NOTIFY_RESUME); |
| 1320 | 1322 | ||
| 1321 | write_unlock_irq(&tasklist_lock); | 1323 | write_unlock_irq(&tasklist_lock); |
| 1324 | rcu_read_unlock(); | ||
| 1322 | if (oldcred) | 1325 | if (oldcred) |
| 1323 | put_cred(oldcred); | 1326 | put_cred(oldcred); |
| 1324 | return 0; | 1327 | return 0; |
| @@ -1327,6 +1330,7 @@ already_same: | |||
| 1327 | ret = 0; | 1330 | ret = 0; |
| 1328 | not_permitted: | 1331 | not_permitted: |
| 1329 | write_unlock_irq(&tasklist_lock); | 1332 | write_unlock_irq(&tasklist_lock); |
| 1333 | rcu_read_unlock(); | ||
| 1330 | put_cred(cred); | 1334 | put_cred(cred); |
| 1331 | return ret; | 1335 | return ret; |
| 1332 | 1336 | ||
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index ef43995119a4..c668b447c725 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c | |||
| @@ -1416,15 +1416,19 @@ static char *tomoyo_print_header(struct tomoyo_request_info *r) | |||
| 1416 | const pid_t gpid = task_pid_nr(current); | 1416 | const pid_t gpid = task_pid_nr(current); |
| 1417 | static const int tomoyo_buffer_len = 4096; | 1417 | static const int tomoyo_buffer_len = 4096; |
| 1418 | char *buffer = kmalloc(tomoyo_buffer_len, GFP_NOFS); | 1418 | char *buffer = kmalloc(tomoyo_buffer_len, GFP_NOFS); |
| 1419 | pid_t ppid; | ||
| 1419 | if (!buffer) | 1420 | if (!buffer) |
| 1420 | return NULL; | 1421 | return NULL; |
| 1421 | do_gettimeofday(&tv); | 1422 | do_gettimeofday(&tv); |
| 1423 | rcu_read_lock(); | ||
| 1424 | ppid = task_tgid_vnr(current->real_parent); | ||
| 1425 | rcu_read_unlock(); | ||
| 1422 | snprintf(buffer, tomoyo_buffer_len - 1, | 1426 | snprintf(buffer, tomoyo_buffer_len - 1, |
| 1423 | "#timestamp=%lu profile=%u mode=%s (global-pid=%u)" | 1427 | "#timestamp=%lu profile=%u mode=%s (global-pid=%u)" |
| 1424 | " task={ pid=%u ppid=%u uid=%u gid=%u euid=%u" | 1428 | " task={ pid=%u ppid=%u uid=%u gid=%u euid=%u" |
| 1425 | " egid=%u suid=%u sgid=%u fsuid=%u fsgid=%u }", | 1429 | " egid=%u suid=%u sgid=%u fsuid=%u fsgid=%u }", |
| 1426 | tv.tv_sec, r->profile, tomoyo_mode[r->mode], gpid, | 1430 | tv.tv_sec, r->profile, tomoyo_mode[r->mode], gpid, |
| 1427 | (pid_t) sys_getpid(), (pid_t) sys_getppid(), | 1431 | task_tgid_vnr(current), ppid, |
| 1428 | current_uid(), current_gid(), current_euid(), | 1432 | current_uid(), current_gid(), current_euid(), |
| 1429 | current_egid(), current_suid(), current_sgid(), | 1433 | current_egid(), current_suid(), current_sgid(), |
| 1430 | current_fsuid(), current_fsgid()); | 1434 | current_fsuid(), current_fsgid()); |
diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h index 04454cb7b24a..7c66bd898782 100644 --- a/security/tomoyo/common.h +++ b/security/tomoyo/common.h | |||
| @@ -689,9 +689,6 @@ struct tomoyo_profile { | |||
| 689 | 689 | ||
| 690 | /********** Function prototypes. **********/ | 690 | /********** Function prototypes. **********/ |
| 691 | 691 | ||
| 692 | extern asmlinkage long sys_getpid(void); | ||
| 693 | extern asmlinkage long sys_getppid(void); | ||
| 694 | |||
| 695 | /* Check whether the given string starts with the given keyword. */ | 692 | /* Check whether the given string starts with the given keyword. */ |
| 696 | bool tomoyo_str_starts(char **src, const char *find); | 693 | bool tomoyo_str_starts(char **src, const char *find); |
| 697 | /* Get tomoyo_realpath() of current process. */ | 694 | /* Get tomoyo_realpath() of current process. */ |