Commit 13f0feaf authored by Oleg Nesterov's avatar Oleg Nesterov Committed by James Morris

mm_for_maps: simplify, use ptrace_may_access()

It would be nice to kill __ptrace_may_access(). It requires task_lock(),
but this lock is only needed to read mm->flags in the middle.

Convert mm_for_maps() to use ptrace_may_access(), this also simplifies
the code a little bit.

Also, we do not need to take ->mmap_sem in advance. In fact I think
mm_for_maps() should not play with ->mmap_sem at all, the caller should
take this lock.

With or without this patch, without ->cred_guard_mutex held we can race
with exec() and get the new ->mm but check old creds.
Signed-off-by: default avatarOleg Nesterov <oleg@redhat.com>
Reviewed-by: default avatarSerge Hallyn <serue@us.ibm.com>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent f4b9a988
...@@ -237,20 +237,19 @@ struct mm_struct *mm_for_maps(struct task_struct *task) ...@@ -237,20 +237,19 @@ struct mm_struct *mm_for_maps(struct task_struct *task)
struct mm_struct *mm = get_task_mm(task); struct mm_struct *mm = get_task_mm(task);
if (!mm) if (!mm)
return NULL; return NULL;
down_read(&mm->mmap_sem); if (mm != current->mm) {
task_lock(task); /*
if (task->mm != mm) * task->mm can be changed before security check,
goto out; * in that case we must notice the change after.
if (task->mm != current->mm && */
__ptrace_may_access(task, PTRACE_MODE_READ) < 0) if (!ptrace_may_access(task, PTRACE_MODE_READ) ||
goto out; mm != task->mm) {
task_unlock(task);
return mm;
out:
task_unlock(task);
up_read(&mm->mmap_sem);
mmput(mm); mmput(mm);
return NULL; return NULL;
}
}
down_read(&mm->mmap_sem);
return mm;
} }
static int proc_pid_cmdline(struct task_struct *task, char * buffer) static int proc_pid_cmdline(struct task_struct *task, char * buffer)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment