pids: improve get_task_pid() to fix the unsafe sys_wait4()->task_pgrp()
sys_wait4() does get_pid(task_pgrp(current)), this is not safe. We can add rcu lock/unlock around, but we already have get_task_pid() which can be improved to handle the special pids in more reliable manner. Signed-off-by: Oleg Nesterov <oleg@redhat.com> Cc: Louis Rilling <Louis.Rilling@kerlabs.com> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: Pavel Emelyanov <xemul@openvz.org> Cc: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com> Cc: Roland McGrath <roland@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
parent
6dda81f438
commit
2ae448efc8
|
@ -1737,7 +1737,7 @@ SYSCALL_DEFINE4(wait4, pid_t, upid, int __user *, stat_addr,
|
||||||
pid = find_get_pid(-upid);
|
pid = find_get_pid(-upid);
|
||||||
} else if (upid == 0) {
|
} else if (upid == 0) {
|
||||||
type = PIDTYPE_PGID;
|
type = PIDTYPE_PGID;
|
||||||
pid = get_pid(task_pgrp(current));
|
pid = get_task_pid(current, PIDTYPE_PGID);
|
||||||
} else /* upid > 0 */ {
|
} else /* upid > 0 */ {
|
||||||
type = PIDTYPE_PID;
|
type = PIDTYPE_PID;
|
||||||
pid = find_get_pid(upid);
|
pid = find_get_pid(upid);
|
||||||
|
|
|
@ -403,6 +403,8 @@ struct pid *get_task_pid(struct task_struct *task, enum pid_type type)
|
||||||
{
|
{
|
||||||
struct pid *pid;
|
struct pid *pid;
|
||||||
rcu_read_lock();
|
rcu_read_lock();
|
||||||
|
if (type != PIDTYPE_PID)
|
||||||
|
task = task->group_leader;
|
||||||
pid = get_pid(task->pids[type].pid);
|
pid = get_pid(task->pids[type].pid);
|
||||||
rcu_read_unlock();
|
rcu_read_unlock();
|
||||||
return pid;
|
return pid;
|
||||||
|
|
Loading…
Reference in New Issue