From 0fe4f5edc70f432565bfbc4bb10b1d7b2222fd48 Mon Sep 17 00:00:00 2001 From: Thomas Gleixner Date: Thu, 10 Dec 2009 00:14:13 +0100 Subject: security: Fix invalid rcu assumptions in comments 1) held spinlocks are not equivalent to rcu_read_lock 2) access to current_cred() is safe as only current can modify its own credentials. Signed-off-by: Thomas Gleixner Cc: James Morris Cc: linux-security-module@vger.kernel.org --- security/keys/permission.c | 3 +-- security/keys/proc.c | 2 -- 2 files changed, 1 insertion(+), 4 deletions(-) (limited to 'security') diff --git a/security/keys/permission.c b/security/keys/permission.c index 0ed802c9e698..5d16a1891031 100644 --- a/security/keys/permission.c +++ b/security/keys/permission.c @@ -23,8 +23,7 @@ * Check to see whether permission is granted to use a key in the desired way, * but permit the security modules to override. * - * The caller must hold either a ref on cred or must hold the RCU readlock or a - * spinlock. + * The caller must hold either a ref on cred or must hold the RCU readlock. */ int key_task_permission(const key_ref_t key_ref, const struct cred *cred, key_perm_t perm) diff --git a/security/keys/proc.c b/security/keys/proc.c index 9d01021ca0c8..55eeba418dca 100644 --- a/security/keys/proc.c +++ b/security/keys/proc.c @@ -194,8 +194,6 @@ static int proc_keys_show(struct seq_file *m, void *v) /* check whether the current task is allowed to view the key (assuming * non-possession) - * - the caller holds a spinlock, and thus the RCU read lock, making our - * access to __current_cred() safe */ rc = key_task_permission(make_key_ref(key, 0), current_cred(), KEY_VIEW); -- cgit v1.2.3