Commit 7612bfeecc197bbb6629842b5c6ff1967f0a9b70
Committed by
James Morris
James Morris
1 parent
d9875690d9
Exists in
master
and in
20 other branches
Yama: access task_struct->comm directly
The core ptrace access checking routine holds a task lock, and when reporting a failure, Yama takes a separate task lock. To avoid a potential deadlock with two ptracers taking the opposite locks, do not use get_task_comm() and just use ->comm directly since accuracy is not important for the report. Reported-by: Fengguang Wu <fengguang.wu@intel.com> Suggested-by: Oleg Nesterov <oleg@redhat.com> CC: stable@vger.kernel.org Signed-off-by: Kees Cook <keescook@chromium.org> Acked-by: John Johansen <john.johansen@canonical.com> Signed-off-by: James Morris <james.l.morris@oracle.com>
Showing 1 changed file with 2 additions and 8 deletions Side-by-side Diff
security/yama/yama_lsm.c
| ... | ... | @@ -279,12 +279,9 @@ |
| 279 | 279 | } |
| 280 | 280 | |
| 281 | 281 | if (rc) { |
| 282 | - char name[sizeof(current->comm)]; | |
| 283 | 282 | printk_ratelimited(KERN_NOTICE |
| 284 | 283 | "ptrace of pid %d was attempted by: %s (pid %d)\n", |
| 285 | - child->pid, | |
| 286 | - get_task_comm(name, current), | |
| 287 | - current->pid); | |
| 284 | + child->pid, current->comm, current->pid); | |
| 288 | 285 | } |
| 289 | 286 | |
| 290 | 287 | return rc; |
| 291 | 288 | |
| ... | ... | @@ -319,12 +316,9 @@ |
| 319 | 316 | } |
| 320 | 317 | |
| 321 | 318 | if (rc) { |
| 322 | - char name[sizeof(current->comm)]; | |
| 323 | 319 | printk_ratelimited(KERN_NOTICE |
| 324 | 320 | "ptraceme of pid %d was attempted by: %s (pid %d)\n", |
| 325 | - current->pid, | |
| 326 | - get_task_comm(name, parent), | |
| 327 | - parent->pid); | |
| 321 | + current->pid, parent->comm, parent->pid); | |
| 328 | 322 | } |
| 329 | 323 | |
| 330 | 324 | return rc; |