| From 8f4200b312eb06ab405d2c6d0075ce4bebf738dd Mon Sep 17 00:00:00 2001 |
| From: Thomas Gleixner <tglx@linutronix.de> |
| Date: Wed, 9 Dec 2009 22:08:35 +0100 |
| Subject: [PATCH] fs: Add missing rcu protection for __task_cred() in sys_ioprio_get |
| |
| commit 8f4200b312eb06ab405d2c6d0075ce4bebf738dd in tip. |
| |
| sys_ioprio_get() accesses __task_cred() without being in a RCU read |
| side critical section. tasklist_lock is not protecting that when |
| CONFIG_TREE_PREEMPT_RCU=y. |
| |
| Add a rcu_read_lock/unlock() section around the code which accesses |
| __task_cred(). |
| |
| Signed-off-by: Thomas Gleixner <tglx@linutronix.de> |
| Cc: David Howells <dhowells@redhat.com> |
| Cc: James Morris <jmorris@namei.org> |
| Cc: linux-security-module@vger.kernel.org |
| Cc: linux-fsdevel@vger.kernel.org |
| Cc: Al Viro <viro@zeniv.linux.org.uk> |
| |
| diff --git a/fs/ioprio.c b/fs/ioprio.c |
| index c7c0b28..82c40a2 100644 |
| --- a/fs/ioprio.c |
| +++ b/fs/ioprio.c |
| @@ -230,6 +230,7 @@ SYSCALL_DEFINE2(ioprio_get, int, which, int, who) |
| if (!user) |
| break; |
| |
| + rcu_read_lock(); |
| do_each_thread(g, p) { |
| if (__task_cred(p)->uid != user->uid) |
| continue; |
| @@ -241,6 +242,7 @@ SYSCALL_DEFINE2(ioprio_get, int, which, int, who) |
| else |
| ret = ioprio_best(ret, tmpio); |
| } while_each_thread(g, p); |
| + rcu_read_unlock(); |
| |
| if (who) |
| free_uid(user); |
| -- |
| 1.7.1.1 |
| |