提交 5b0c1dd3 编写于 作者: E Eric W. Biederman 提交者: Linus Torvalds

[PATCH] proc: optimize proc_check_dentry_visible

The code doesn't need to sleep to when making this check so I can just do the
comparison and not worry about the reference counts.

TODO: While looking at this I realized that my original cleanup did not push
the permission check far enough down into the stack.  The call of
proc_check_dentry_visible needs to move out of the generic proc
readlink/follow link code and into the individual get_link instances.
Otherwise the shared resources checks are not quite correct (shared
files_struct does not require a shared fs_struct), and there are races with
unshare.
Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
上级 13b41b09
......@@ -1074,24 +1074,27 @@ static int proc_check_dentry_visible(struct inode *inode,
* namespace, or are simply process local (like pipes).
*/
struct task_struct *task;
struct files_struct *task_files, *files;
int error = -EACCES;
/* See if the the two tasks share a commone set of
* file descriptors. If so everything is visible.
*/
task = get_proc_task(inode);
if (!task)
goto out;
files = get_files_struct(current);
task_files = get_files_struct(task);
if (files && task_files && (files == task_files))
error = 0;
if (task_files)
put_files_struct(task_files);
if (files)
put_files_struct(files);
put_task_struct(task);
rcu_read_lock();
task = tref_task(proc_tref(inode));
if (task) {
struct files_struct *task_files, *files;
/* This test answeres the question:
* Is there a point in time since we looked up the
* file descriptor where the two tasks share the
* same files struct?
*/
rmb();
files = current->files;
task_files = task->files;
if (files && (files == task_files))
error = 0;
}
rcu_read_unlock();
if (!error)
goto out;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册