Commit 501f9328 authored by Bernd Edlinger's avatar Bernd Edlinger Committed by Eric W. Biederman
Browse files

pidfd: Use new infrastructure to fix deadlocks in execve 



This changes __pidfd_fget to use the new exec_update_mutex
instead of cred_guard_mutex.

This should be safe, as the credentials do not change
before exec_update_mutex is locked.  Therefore whatever
file access is possible with holding the cred_guard_mutex
here is also possbile with the exec_update_mutex.

Signed-off-by: default avatarBernd Edlinger <bernd.edlinger@hotmail.de>
Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
parent 69143038

kernel/pid.c

+2 −2
Original line number Diff line number Diff line
@@ -577,7 +577,7 @@ static struct file *__pidfd_fget(struct task_struct *task, int fd) 
	struct file *file;

	int ret;



	ret = mutex_lock_killable(&task->signal->cred_guard_mutex);

	ret = mutex_lock_killable(&task->signal->exec_update_mutex);

	if (ret)

		return ERR_PTR(ret);
@@ -586,7 +586,7 @@ static struct file *__pidfd_fget(struct task_struct *task, int fd) 
	else

		file = ERR_PTR(-EPERM);



	mutex_unlock(&task->signal->cred_guard_mutex);

	mutex_unlock(&task->signal->exec_update_mutex);



	return file ?: ERR_PTR(-EBADF);

}

CRA Git | Maintained and supported by SUSTech CRA and CCSE