From: Andy Lutomirski <luto@myrealbox.com>
To: Olaf Dietsche <olaf+list.linux-kernel@olafdietsche.de>
Cc: Andrew Morton <akpm@osdl.org>,
Andy Lutomirski <luto@myrealbox.com>,
linux-kernel@vger.kernel.org
Subject: Re: fix must_not_trace_exec() test
Date: Mon, 12 Apr 2004 07:18:07 -0700 [thread overview]
Message-ID: <407AA51F.5020205@myrealbox.com> (raw)
In-Reply-To: <878yh1y1gs.fsf@goat.bogus.local>
Olaf Dietsche wrote:
> Andrew Morton <akpm@osdl.org> writes:
>
>
> Although, I'd rather not lump together unrelated tests without
> renaming must_not_trace_exec(). Btw, can someone enlighten me what
> this atomic_read() test is all about.
Oops... your fix is obviously correct.
I assumed that the test was to check if the caller is a thread, but that sounds
odd -- wouldn't it stop being a thread after the exec anyway? Maybe that part
happens after compute_creds, so this prevents a race? Although I don't see how
it could be triggered if the thread never entered usermode before getting a new
fs/files/sighand.
Anyone?
>
> Regards, Olaf.
>
> diff -urN a/security/commoncap.c b/security/commoncap.c
> --- a/security/commoncap.c Mon Apr 12 10:38:17 2004
> +++ b/security/commoncap.c Mon Apr 12 11:10:38 2004
> @@ -118,9 +118,9 @@
> static inline int must_not_trace_exec (struct task_struct *p)
> {
> return ((p->ptrace & PT_PTRACED) && !(p->ptrace & PT_PTRACE_CAP))
> - || atomic_read(¤t->fs->count) > 1
> - || atomic_read(¤t->files->count) > 1
> - || atomic_read(¤t->sighand->count) > 1;
> + || atomic_read(&p->fs->count) > 1
> + || atomic_read(&p->files->count) > 1
> + || atomic_read(&p->sighand->count) > 1;
> }
> [...]
--Andy
next prev parent reply other threads:[~2004-04-12 14:18 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-04-11 3:05 2.6.5-mm4 Andrew Morton
2004-04-12 6:46 ` 2.6.5-mm4 Paul P Komkoff Jr
2004-04-12 7:42 ` 2.6.5-mm4 Andrew Morton
2004-04-12 8:22 ` 2.6.5-mm4 Paul P Komkoff Jr
2004-04-12 8:28 ` 2.6.5-mm4 Andrew Morton
2004-04-12 9:10 ` 2.6.5-mm4 Paul P Komkoff Jr
2004-04-12 9:44 ` fix must_not_trace_exec() test (was: 2.6.5-mm4) Olaf Dietsche
2004-04-12 14:18 ` Andy Lutomirski [this message]
2004-04-12 22:02 ` fix must_not_trace_exec() test Chris Wright
2004-04-12 10:19 ` 2.6.5-mm4 (hci_usb module unloading oops) Martin Hermanowski
2004-04-12 22:03 ` Greg KH
2004-04-12 22:36 ` Marcel Holtmann
2004-04-12 22:42 ` Greg KH
2004-04-12 22:57 ` Marcel Holtmann
2004-04-19 20:29 ` Martin Hermanowski
2004-04-12 12:24 ` [PATCH] change audit_log_format() -> printk() (was: 2.6.5-mm4) Olaf Dietsche
2004-04-12 17:06 ` 2.6.5-mm4 (compile stats) John Cherry
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=407AA51F.5020205@myrealbox.com \
--to=luto@myrealbox.com \
--cc=akpm@osdl.org \
--cc=linux-kernel@vger.kernel.org \
--cc=olaf+list.linux-kernel@olafdietsche.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox