Commit 86fc80f1 authored by Thomas Gleixner's avatar Thomas Gleixner Committed by James Morris

capabilities: Use RCU to protect task lookup in sys_capget

cap_get_target_pid() protects the task lookup with tasklist_lock.
security_capget() is called under tasklist_lock as well but
tasklist_lock does not protect anything there. The capabilities are
protected by RCU already.

So tasklist_lock only protects the lookup and prevents the task going
away, which can be done with rcu_read_lock() as well.
Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent 67fa4880
...@@ -135,7 +135,7 @@ static inline int cap_get_target_pid(pid_t pid, kernel_cap_t *pEp, ...@@ -135,7 +135,7 @@ static inline int cap_get_target_pid(pid_t pid, kernel_cap_t *pEp,
if (pid && (pid != task_pid_vnr(current))) { if (pid && (pid != task_pid_vnr(current))) {
struct task_struct *target; struct task_struct *target;
read_lock(&tasklist_lock); rcu_read_lock();
target = find_task_by_vpid(pid); target = find_task_by_vpid(pid);
if (!target) if (!target)
...@@ -143,7 +143,7 @@ static inline int cap_get_target_pid(pid_t pid, kernel_cap_t *pEp, ...@@ -143,7 +143,7 @@ static inline int cap_get_target_pid(pid_t pid, kernel_cap_t *pEp,
else else
ret = security_capget(target, pEp, pIp, pPp); ret = security_capget(target, pEp, pIp, pPp);
read_unlock(&tasklist_lock); rcu_read_unlock();
} else } else
ret = security_capget(current, pEp, pIp, pPp); ret = security_capget(current, pEp, pIp, pPp);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment