Eric Lee / smarc-fsl-linux-kernel

Download as
Browse Code ยป

Commit ab263f47c9781a644de8b28013434b645082922e

Authored by Thomas Gleixner
Committed by Al Viro
1 parent 207032051a
Exists in master and in 39 other branches 8mp-imx_5.4.70_2.3.0, 8qm-imx_5.4.70_2.3.0, emb_imx_lf-5.15.y, emb_lf-6.1.y, imx_3.0.35_4.1.0, imx_3.10.17_1.0.1_ga, imx_3.10.53_1.1.0_ga, imx_3.14.28_1.0.0_ga, imx_4.1.15_1.0.0_ga, pitx_8mp_lf-5.10.y, rt-smarc-imx_4.1.15_1.0.0_ga, rt_linux_5.15.71, smarc-8m-android-11.0.0_2.0.0, smarc-imx6_4.14.98_2.0.0_ga, smarc-imx6_4.9.88_2.0.0_ga, smarc-imx7_4.14.98_2.0.0_ga, smarc-imx7_4.9.11_1.0.0_ga, smarc-imx7_4.9.88_2.0.0_ga, smarc-imx_3.10.53_1.1.0_ga, smarc-imx_3.14.28_1.0.0_ga, smarc-imx_4.1.15_1.0.0_ga, smarc-imx_4.9.11_1.0.0_ga, smarc-imx_4.9.51_imx8m_ga, smarc-imx_4.9.88_2.0.0_ga, smarc-m6.0.1_2.1.0-ga, smarc-n7.1.2_2.0.0-ga, smarc-rel_imx_4.1.15_1.2.0_ga, smarc_8m_00d0_imx_4.14.98_2.0.0_ga, smarc_8m_imx_4.14.78_1.0.0_ga, smarc_8m_imx_4.14.98_2.0.0_ga, smarc_8m_imx_4.19.35_1.1.0, smarc_8mm_imx_4.14.78_1.0.0_ga, smarc_8mm_imx_4.14.98_2.0.0_ga, smarc_8mm_imx_4.19.35_1.1.0, smarc_8mm_imx_5.4.24_2.1.0, smarc_8mp_lf-5.10.y, smarc_8mq_imx_5.4.24_2.1.0, smarc_8mq_lf-5.10.y, smarc_imx_lf-5.15.y

audit: Use rcu for task lookup protection 

Protect the task lookups in audit_receive_msg() with rcu_read_lock()
instead of tasklist_lock and use lock/unlock_sighand to protect
against the exit race.

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Eric Paris <eparis@redhat.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

Showing 1 changed file with 14 additions and 16 deletions Side-by-side Diff

... ... @@ -873,17 +873,16 @@
873 873 case AUDIT_TTY_GET: {
874 874 struct audit_tty_status s;
875 875 struct task_struct *tsk;
  876 + unsigned long flags;
876 877  
877   - read_lock(&tasklist_lock);
  878 + rcu_read_lock();
878 879 tsk = find_task_by_vpid(pid);
879   - if (!tsk)
880   - err = -ESRCH;
881   - else {
882   - spin_lock_irq(&tsk->sighand->siglock);
  880 + if (tsk && lock_task_sighand(tsk, &flags)) {
883 881 s.enabled = tsk->signal->audit_tty != 0;
884   - spin_unlock_irq(&tsk->sighand->siglock);
885   - }
886   - read_unlock(&tasklist_lock);
  882 + unlock_task_sighand(tsk, &flags);
  883 + } else
  884 + err = -ESRCH;
  885 + rcu_read_unlock();
887 886  
888 887 if (!err)
889 888 audit_send_reply(NETLINK_CB(skb).pid, seq,
890 889  
891 890  
892 891  
... ... @@ -893,22 +892,21 @@
893 892 case AUDIT_TTY_SET: {
894 893 struct audit_tty_status *s;
895 894 struct task_struct *tsk;
  895 + unsigned long flags;
896 896  
897 897 if (nlh->nlmsg_len < sizeof(struct audit_tty_status))
898 898 return -EINVAL;
899 899 s = data;
900 900 if (s->enabled != 0 && s->enabled != 1)
901 901 return -EINVAL;
902   - read_lock(&tasklist_lock);
  902 + rcu_read_lock();
903 903 tsk = find_task_by_vpid(pid);
904   - if (!tsk)
905   - err = -ESRCH;
906   - else {
907   - spin_lock_irq(&tsk->sighand->siglock);
  904 + if (tsk && lock_task_sighand(tsk, &flags)) {
908 905 tsk->signal->audit_tty = s->enabled != 0;
909   - spin_unlock_irq(&tsk->sighand->siglock);
910   - }
911   - read_unlock(&tasklist_lock);
  906 + unlock_task_sighand(tsk, &flags);
  907 + } else
  908 + err = -ESRCH;
  909 + rcu_read_unlock();
912 910 break;
913 911 }
914 912 default: