public-mirrors/linux
1
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-08-05 16:54:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

pidfd: Use new infrastructure to fix deadlocks in execve

Browse source 
This changes __pidfd_fget to use the new exec_update_mutex
instead of cred_guard_mutex.

This should be safe, as the credentials do not change
before exec_update_mutex is locked.  Therefore whatever
file access is possible with holding the cred_guard_mutex
here is also possbile with the exec_update_mutex.

Signed-off-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
This commit is contained in:
Bernd Edlinger 2020-03-21 02:46:16 +00:00 committed by Eric W. Biederman
parent 6914303824
commit 501f9328bf
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
kernel/pid.c
View file

@ -577,7 +577,7 @@ static struct file *__pidfd_fget(struct task_struct *task, int fd)
struct file *file; struct file *file;
int ret; int ret;
ret = mutex_lock_killable(&task->signal->cred_guard_mutex); ret = mutex_lock_killable(&task->signal->exec_update_mutex);
if (ret) if (ret)
return ERR_PTR(ret); return ERR_PTR(ret);
@ -586,7 +586,7 @@ static struct file *__pidfd_fget(struct task_struct *task, int fd)
else else
file = ERR_PTR(-EPERM); file = ERR_PTR(-EPERM);
mutex_unlock(&task->signal->cred_guard_mutex); mutex_unlock(&task->signal->exec_update_mutex);
return file ?: ERR_PTR(-EBADF); return file ?: ERR_PTR(-EBADF);
} }