[patch 5/9] security: Use get_task_cred() inkeyctl_session_to_parent()

From: Thomas Gleixner
Date: Wed Dec 09 2009 - 19:55:25 EST


Strictly this is not necessary today, but according to Paul McKenney
it's not guaranteed that irq disabled regions will prevent RCU
progress. That's a property of the current implementation. In
preempt-rt this assumption is not true anymore.

Use get_task_cred() to make this future proof.

Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
Cc: James Morris <jmorris@xxxxxxxxx>
Cc: linux-security-module@xxxxxxxxxxxxxxx
---
security/keys/keyctl.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)

Index: linux-2.6-tip/security/keys/keyctl.c
===================================================================
--- linux-2.6-tip.orig/security/keys/keyctl.c
+++ linux-2.6-tip/security/keys/keyctl.c
@@ -1237,7 +1237,7 @@ long keyctl_get_security(key_serial_t ke
long keyctl_session_to_parent(void)
{
struct task_struct *me, *parent;
- const struct cred *mycred, *pcred;
+ const struct cred *mycred, *pcred = NULL;
struct cred *cred, *oldcred;
key_ref_t keyring_r;
int ret;
@@ -1274,7 +1274,7 @@ long keyctl_session_to_parent(void)
/* the parent and the child must have different session keyrings or
* there's no point */
mycred = current_cred();
- pcred = __task_cred(parent);
+ pcred = get_task_cred(parent);
if (mycred == pcred ||
mycred->tgcred->session_keyring == pcred->tgcred->session_keyring)
goto already_same;
@@ -1312,6 +1312,7 @@ long keyctl_session_to_parent(void)
set_ti_thread_flag(task_thread_info(parent), TIF_NOTIFY_RESUME);

write_unlock_irq(&tasklist_lock);
+ put_cred(pcred);
if (oldcred)
put_cred(oldcred);
return 0;
@@ -1321,6 +1322,8 @@ already_same:
not_permitted:
write_unlock_irq(&tasklist_lock);
put_cred(cred);
+ if (pcred)
+ put_cred(pcred);
return ret;

error_keyring:


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/