kernel/kcmp.c: Use new infrastructure to fix deadlocks in execve

This changes kcmp_epoll_target to use the new exec_update_mutex instead of cred_guard_mutex. This should be safe, as the credentials are only used for reading, and furthermore ->mm and ->sighand are updated on execve, but only under the new exec_update_mutex. Signed-off-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>

kernel/kcmp.c: Use new infrastructure to fix deadlocks in execve
This changes kcmp_epoll_target to use the new exec_update_mutex instead of cred_guard_mutex. This should be safe, as the credentials are only used for reading, and furthermore ->mm and ->sighand are updated on execve, but only under the new exec_update_mutex. Signed-off-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
454e3126 · Bernd Edlinger · Eric W. Biederman · aa884c11 · 454e3126
Commit 454e3126 authored Mar 20, 2020 by Bernd Edlinger Committed by Eric W. Biederman Mar 25, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 4 deletions

kernel/kcmp.c kernel/kcmp.c +4 -4

No files found.
--- a/kernel/kcmp.c
+++ b/kernel/kcmp.c
@@ -173,8 +173,8 @@ SYSCALL_DEFINE5(kcmp, pid_t, pid1, pid_t, pid2, int, type,
 	/*
 	 * One should have enough rights to inspect task details.
 	 */
-	ret = kcmp_lock(&task1->signal->cred_guard_mutex,
+	ret = kcmp_lock(&task1->signal->exec_update_mutex,
-			&task2->signal->cred_guard_mutex);
+			&task2->signal->exec_update_mutex);
 	if (ret)
 		goto err;
 	if (!ptrace_may_access(task1, PTRACE_MODE_READ_REALCREDS) ||
@@ -229,8 +229,8 @@ SYSCALL_DEFINE5(kcmp, pid_t, pid1, pid_t, pid2, int, type,
 	}
 err_unlock:
-	kcmp_unlock(&task1->signal->cred_guard_mutex,
+	kcmp_unlock(&task1->signal->exec_update_mutex,
-		    &task2->signal->cred_guard_mutex);
+		    &task2->signal->exec_update_mutex);
 err:
 	put_task_struct(task1);
 	put_task_struct(task2);