diff options
author | Jens Axboe <axboe@kernel.dk> | 2020-10-15 13:46:44 -0600 |
---|---|---|
committer | Jens Axboe <axboe@kernel.dk> | 2020-10-17 09:25:47 -0600 |
commit | 4ea33a976bfe79293965d0815e1914e4b6e58967 (patch) | |
tree | e041b64e9f8841fdbaf28120171f32c64f42247b /fs/io-wq.c | |
parent | d8a6df10aac9f2e4d5f30aff3129d552d2984ce7 (diff) | |
download | lwn-4ea33a976bfe79293965d0815e1914e4b6e58967.tar.gz lwn-4ea33a976bfe79293965d0815e1914e4b6e58967.zip |
io-wq: inherit audit loginuid and sessionid
Make sure the async io-wq workers inherit the loginuid and sessionid from
the original task, and restore them to unset once we're done with the
async work item.
While at it, disable the ability for kernel threads to write to their own
loginuid.
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Diffstat (limited to 'fs/io-wq.c')
-rw-r--r-- | fs/io-wq.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/fs/io-wq.c b/fs/io-wq.c index 0c852b75384d..7cb3b4cb9b11 100644 --- a/fs/io-wq.c +++ b/fs/io-wq.c @@ -18,6 +18,7 @@ #include <linux/fs_struct.h> #include <linux/task_work.h> #include <linux/blk-cgroup.h> +#include <linux/audit.h> #include "io-wq.h" @@ -484,6 +485,10 @@ static void io_impersonate_work(struct io_worker *worker, io_wq_switch_creds(worker, work); current->signal->rlim[RLIMIT_FSIZE].rlim_cur = work->identity->fsize; io_wq_switch_blkcg(worker, work); +#ifdef CONFIG_AUDIT + current->loginuid = work->identity->loginuid; + current->sessionid = work->identity->sessionid; +#endif } static void io_assign_current_work(struct io_worker *worker, @@ -496,6 +501,11 @@ static void io_assign_current_work(struct io_worker *worker, cond_resched(); } +#ifdef CONFIG_AUDIT + current->loginuid = KUIDT_INIT(AUDIT_UID_UNSET); + current->sessionid = AUDIT_SID_UNSET; +#endif + spin_lock_irq(&worker->lock); worker->cur_work = work; spin_unlock_irq(&worker->lock); |