diff options
| author | Thomas Gleixner <tglx@linutronix.de> | 2009-12-09 16:48:13 +0100 |
|---|---|---|
| committer | Thomas Gleixner <tglx@linutronix.de> | 2010-02-21 20:20:08 +0100 |
| commit | 59b446882dbd906785be95cfcc8d8caef1dba08c (patch) | |
| tree | 2733bdc552b65e69748c08b4111d184af2a360d7 | |
| parent | 378cc63c24b6c9b9269c05475fbefeb8335790b3 (diff) | |
| download | lwn-59b446882dbd906785be95cfcc8d8caef1dba08c.tar.gz lwn-59b446882dbd906785be95cfcc8d8caef1dba08c.zip | |
capabilities: Use rcu to protect task lookup in sys_capget
cap_get_target_pid() protects the task lookup with tasklist_lock.
security_capget() is called under tasklist_lock as well but
tasklist_lock does not protect anything there. The capabilities are
protected by RCU already.
So tasklist_lock only protects the lookup and prevents the task going
away, which can be done with rcu_read_lock() as well.
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: James Morris <jmorris@namei.org>
Cc: linux-security-module@vger.kernel.org
| -rw-r--r-- | kernel/capability.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/kernel/capability.c b/kernel/capability.c index 7f876e60521f..9e4697e9b276 100644 --- a/kernel/capability.c +++ b/kernel/capability.c @@ -135,7 +135,7 @@ static inline int cap_get_target_pid(pid_t pid, kernel_cap_t *pEp, if (pid && (pid != task_pid_vnr(current))) { struct task_struct *target; - read_lock(&tasklist_lock); + rcu_read_lock(); target = find_task_by_vpid(pid); if (!target) @@ -143,7 +143,7 @@ static inline int cap_get_target_pid(pid_t pid, kernel_cap_t *pEp, else ret = security_capget(target, pEp, pIp, pPp); - read_unlock(&tasklist_lock); + rcu_read_unlock(); } else ret = security_capget(current, pEp, pIp, pPp); |