From: Mateusz Guzik <mguzik@redhat.com>
To: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>,
Richard Guy Briggs <rgb@redhat.com>
Cc: ebiederm@xmission.com, oleg@redhat.com, sgrubb@redhat.com,
pmoore@redhat.com, eparis@redhat.com, luto@amacapital.net,
linux-audit@redhat.com, linux-kernel@vger.kernel.org,
Al Viro <viro@zeniv.linux.org.uk>
Subject: [PATCHv2 2/2] audit: fix exe_file access in audit_exe_compare
Date: Tue, 23 Aug 2016 16:20:39 +0200 [thread overview]
Message-ID: <1471962039-14940-3-git-send-email-mguzik@redhat.com> (raw)
In-Reply-To: <1471962039-14940-1-git-send-email-mguzik@redhat.com>
Prior to the change the function would blindly deference mm, exe_file
and exe_file->f_inode, each of which could have been NULL or freed.
Use get_task_exe_file to safely obtain stable exe_file.
Signed-off-by: Mateusz Guzik <mguzik@redhat.com>
Acked-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
---
kernel/audit_watch.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/kernel/audit_watch.c b/kernel/audit_watch.c
index d6709eb..0d302a8 100644
--- a/kernel/audit_watch.c
+++ b/kernel/audit_watch.c
@@ -19,6 +19,7 @@
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
+#include <linux/file.h>
#include <linux/kernel.h>
#include <linux/audit.h>
#include <linux/kthread.h>
@@ -544,10 +545,11 @@ int audit_exe_compare(struct task_struct *tsk, struct audit_fsnotify_mark *mark)
unsigned long ino;
dev_t dev;
- rcu_read_lock();
- exe_file = rcu_dereference(tsk->mm->exe_file);
+ exe_file = get_task_exe_file(tsk);
+ if (!exe_file)
+ return 0;
ino = exe_file->f_inode->i_ino;
dev = exe_file->f_inode->i_sb->s_dev;
- rcu_read_unlock();
+ fput(exe_file);
return audit_mark_compare(mark, ino, dev);
}
--
1.8.3.1
next prev parent reply other threads:[~2016-08-23 14:20 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-23 14:20 [PATCHv2 0/2] introduce get_task_exe_file and use it to fix audit_exe_compare Mateusz Guzik
2016-08-23 14:20 ` [PATCHv2 1/2] mm: introduce get_task_exe_file Mateusz Guzik
2016-08-23 14:48 ` Oleg Nesterov
2016-08-23 14:52 ` Mateusz Guzik
2016-08-23 14:52 ` Mateusz Guzik
2016-08-23 14:20 ` Mateusz Guzik [this message]
2016-08-29 22:50 ` [PATCHv2 0/2] introduce get_task_exe_file and use it to fix audit_exe_compare Paul Moore
2016-08-31 20:22 ` Paul Moore
2016-08-30 18:50 ` Richard Guy Briggs
2016-08-30 20:13 ` Mateusz Guzik
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1471962039-14940-3-git-send-email-mguzik@redhat.com \
--to=mguzik@redhat.com \
--cc=ebiederm@xmission.com \
--cc=eparis@redhat.com \
--cc=khlebnikov@yandex-team.ru \
--cc=linux-audit@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=oleg@redhat.com \
--cc=pmoore@redhat.com \
--cc=rgb@redhat.com \
--cc=sgrubb@redhat.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.