aboutsummaryrefslogtreecommitdiffstats
path: root/kernel/cgroup.c
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2008-11-14 10:39:19 +1100
committerJames Morris <jmorris@namei.org>2008-11-14 10:39:19 +1100
commitc69e8d9c01db2adc503464993c358901c9af9de4 (patch)
treebed94aaa9aeb7a7834d1c880f72b62a11a752c78 /kernel/cgroup.c
parent86a264abe542cfececb4df129bc45a0338d8cdb9 (diff)
downloadkernel_goldelico_gta04-c69e8d9c01db2adc503464993c358901c9af9de4.zip
kernel_goldelico_gta04-c69e8d9c01db2adc503464993c358901c9af9de4.tar.gz
kernel_goldelico_gta04-c69e8d9c01db2adc503464993c358901c9af9de4.tar.bz2
CRED: Use RCU to access another task's creds and to release a task's own creds
Use RCU to access another task's creds and to release a task's own creds. This means that it will be possible for the credentials of a task to be replaced without another task (a) requiring a full lock to read them, and (b) seeing deallocated memory. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: James Morris <jmorris@namei.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'kernel/cgroup.c')
-rw-r--r--kernel/cgroup.c16
1 files changed, 8 insertions, 8 deletions
diff --git a/kernel/cgroup.c b/kernel/cgroup.c
index e210526..a512a75 100644
--- a/kernel/cgroup.c
+++ b/kernel/cgroup.c
@@ -1279,7 +1279,7 @@ int cgroup_attach_task(struct cgroup *cgrp, struct task_struct *tsk)
static int attach_task_by_pid(struct cgroup *cgrp, u64 pid)
{
struct task_struct *tsk;
- uid_t euid;
+ const struct cred *cred = current_cred(), *tcred;
int ret;
if (pid) {
@@ -1289,16 +1289,16 @@ static int attach_task_by_pid(struct cgroup *cgrp, u64 pid)
rcu_read_unlock();
return -ESRCH;
}
- get_task_struct(tsk);
- rcu_read_unlock();
- euid = current_euid();
- if (euid &&
- euid != tsk->cred->uid &&
- euid != tsk->cred->suid) {
- put_task_struct(tsk);
+ tcred = __task_cred(tsk);
+ if (cred->euid &&
+ cred->euid != tcred->uid &&
+ cred->euid != tcred->suid) {
+ rcu_read_unlock();
return -EACCES;
}
+ get_task_struct(tsk);
+ rcu_read_unlock();
} else {
tsk = current;
get_task_struct(tsk);