[PATCH] proc: optimize proc_check_dentry_visible

The code doesn't need to sleep to when making this check so I can just do the
comparison and not worry about the reference counts.

TODO: While looking at this I realized that my original cleanup did not push
the permission check far enough down into the stack.  The call of
proc_check_dentry_visible needs to move out of the generic proc
readlink/follow link code and into the individual get_link instances.
Otherwise the shared resources checks are not quite correct (shared
files_struct does not require a shared fs_struct), and there are races with
unshare.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This commit is contained in:
Eric W. Biederman 2006-06-26 00:25:57 -07:00 committed by Linus Torvalds
parent 13b41b0949
commit 5b0c1dd38b
1 changed files with 16 additions and 13 deletions

View File

@ -1074,24 +1074,27 @@ static int proc_check_dentry_visible(struct inode *inode,
* namespace, or are simply process local (like pipes).
*/
struct task_struct *task;
struct files_struct *task_files, *files;
int error = -EACCES;
/* See if the the two tasks share a commone set of
* file descriptors. If so everything is visible.
*/
task = get_proc_task(inode);
if (!task)
goto out;
files = get_files_struct(current);
task_files = get_files_struct(task);
if (files && task_files && (files == task_files))
error = 0;
if (task_files)
put_files_struct(task_files);
if (files)
put_files_struct(files);
put_task_struct(task);
rcu_read_lock();
task = tref_task(proc_tref(inode));
if (task) {
struct files_struct *task_files, *files;
/* This test answeres the question:
* Is there a point in time since we looked up the
* file descriptor where the two tasks share the
* same files struct?
*/
rmb();
files = current->files;
task_files = task->files;
if (files && (files == task_files))
error = 0;
}
rcu_read_unlock();
if (!error)
goto out;