Yama: access task_struct->comm directly
The core ptrace access checking routine holds a task lock, and when reporting a failure, Yama takes a separate task lock. To avoid a potential deadlock with two ptracers taking the opposite locks, do not use get_task_comm() and just use ->comm directly since accuracy is not important for the report. Reported-by: Fengguang Wu <fengguang.wu@intel.com> Suggested-by: Oleg Nesterov <oleg@redhat.com> CC: stable@vger.kernel.org Signed-off-by: Kees Cook <keescook@chromium.org> Acked-by: John Johansen <john.johansen@canonical.com> Signed-off-by: James Morris <james.l.morris@oracle.com>
This commit is contained in:
parent
d9875690d9
commit
7612bfeecc
|
@ -279,12 +279,9 @@ static int yama_ptrace_access_check(struct task_struct *child,
|
|||
}
|
||||
|
||||
if (rc) {
|
||||
char name[sizeof(current->comm)];
|
||||
printk_ratelimited(KERN_NOTICE
|
||||
"ptrace of pid %d was attempted by: %s (pid %d)\n",
|
||||
child->pid,
|
||||
get_task_comm(name, current),
|
||||
current->pid);
|
||||
child->pid, current->comm, current->pid);
|
||||
}
|
||||
|
||||
return rc;
|
||||
|
@ -319,12 +316,9 @@ static int yama_ptrace_traceme(struct task_struct *parent)
|
|||
}
|
||||
|
||||
if (rc) {
|
||||
char name[sizeof(current->comm)];
|
||||
printk_ratelimited(KERN_NOTICE
|
||||
"ptraceme of pid %d was attempted by: %s (pid %d)\n",
|
||||
current->pid,
|
||||
get_task_comm(name, parent),
|
||||
parent->pid);
|
||||
current->pid, parent->comm, parent->pid);
|
||||
}
|
||||
|
||||
return rc;
|
||||
|
|
Loading…
Reference in New Issue