forge/linux-pinenote
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

CRED: Use RCU to access another task's creds and to release a task's own creds

Browse source 
Use RCU to access another task's creds and to release a task's own creds.
This means that it will be possible for the credentials of a task to be
replaced without another task (a) requiring a full lock to read them, and (b)
seeing deallocated memory.

Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
David Howells 2008-11-14 10:39:19 +11:00 committed by James Morris
parent 86a264abe5
commit c69e8d9c01
28 changed files with 353 additions and 202 deletions
Download patch file Download diff file Expand all files Collapse all files

11
security/selinux/selinuxfs.c
View file

@ -95,13 +95,18 @@ extern void selnl_notify_setenforce(int val);
static int task_has_security(struct task_struct *tsk,
u32 perms)
{
struct task_security_struct *tsec;
const struct task_security_struct *tsec;
u32 sid = 0;
tsec = tsk->cred->security;
rcu_read_lock();
tsec = __task_cred(tsk)->security;
if (tsec)
sid = tsec->sid;
rcu_read_unlock();
if (!tsec)
return -EACCES;
return avc_has_perm(tsec->sid, SECINITSID_SECURITY,
return avc_has_perm(sid, SECINITSID_SECURITY,
SECCLASS_SECURITY, perms, NULL);
}