Patch "Yama: access task_struct->comm directly" has been added to the 3.5-stable tree

Fri, 17 Aug 2012 10:38:30 -0700 

This is a note to let you know that I've just added the patch titled

    Yama: access task_struct->comm directly

to the 3.5-stable tree which can be found at:
    
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     yama-access-task_struct-comm-directly.patch
and it can be found in the queue-3.5 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <[email protected]> know about it.


>From 7612bfeecc197bbb6629842b5c6ff1967f0a9b70 Mon Sep 17 00:00:00 2001
From: Kees Cook <[email protected]>
Date: Wed, 15 Aug 2012 11:41:55 -0700
Subject: Yama: access task_struct->comm directly

From: Kees Cook <[email protected]>

commit 7612bfeecc197bbb6629842b5c6ff1967f0a9b70 upstream.

The core ptrace access checking routine holds a task lock, and when
reporting a failure, Yama takes a separate task lock. To avoid a
potential deadlock with two ptracers taking the opposite locks, do not
use get_task_comm() and just use ->comm directly since accuracy is not
important for the report.

Reported-by: Fengguang Wu <[email protected]>
Suggested-by: Oleg Nesterov <[email protected]>
Signed-off-by: Kees Cook <[email protected]>
Acked-by: John Johansen <[email protected]>
Signed-off-by: James Morris <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>

---
 security/yama/yama_lsm.c |   10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

--- a/security/yama/yama_lsm.c
+++ b/security/yama/yama_lsm.c
@@ -279,12 +279,9 @@ static int yama_ptrace_access_check(stru
        }
 
        if (rc) {
-               char name[sizeof(current->comm)];
                printk_ratelimited(KERN_NOTICE
                        "ptrace of pid %d was attempted by: %s (pid %d)\n",
-                       child->pid,
-                       get_task_comm(name, current),
-                       current->pid);
+                       child->pid, current->comm, current->pid);
        }
 
        return rc;
@@ -319,12 +316,9 @@ static int yama_ptrace_traceme(struct ta
        }
 
        if (rc) {
-               char name[sizeof(current->comm)];
                printk_ratelimited(KERN_NOTICE
                        "ptraceme of pid %d was attempted by: %s (pid %d)\n",
-                       current->pid,
-                       get_task_comm(name, parent),
-                       parent->pid);
+                       current->pid, parent->comm, parent->pid);
        }
 
        return rc;


Patches currently in stable-queue which might be from [email protected] are

queue-3.5/yama-access-task_struct-comm-directly.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to