Commit 8f92054e authored by David Howells's avatar David Howells Committed by Linus Torvalds
Browse files

CRED: Fix __task_cred()'s lockdep check and banner comment 



Fix __task_cred()'s lockdep check by removing the following validation
condition:

	lockdep_tasklist_lock_is_held()

as commit_creds() does not take the tasklist_lock, and nor do most of the
functions that call it, so this check is pointless and it can prevent
detection of the RCU lock not being held if the tasklist_lock is held.

Instead, add the following validation condition:

	task->exit_state >= 0

to permit the access if the target task is dead and therefore unable to change
its own credentials.

Fix __task_cred()'s comment to:

 (1) discard the bit that says that the caller must prevent the target task
     from being deleted.  That shouldn't need saying.

 (2) Add a comment indicating the result of __task_cred() should not be passed
     directly to get_cred(), but rather than get_task_cred() should be used
     instead.

Also put a note into the documentation to enforce this point there too.

Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
Acked-by: default avatarJiri Olsa <jolsa@redhat.com>
Cc: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent de09a977

Documentation/credentials.txt

+3 −0
Original line number Diff line number Diff line
@@ -417,6 +417,9 @@ reference on them using: 
This does all the RCU magic inside of it.  The caller must call put_cred() on

the credentials so obtained when they're finished with.



 [*] Note: The result of __task_cred() should not be passed directly to

     get_cred() as this may race with commit_cred().



There are a couple of convenience functions to access bits of another task's

credentials, hiding the RCU magic from the caller:

include/linux/cred.h

+10 −5
Original line number Diff line number Diff line
@@ -274,13 +274,18 @@ static inline void put_cred(const struct cred *_cred) 
 * @task: The task to query

 *

 * Access the objective credentials of a task.  The caller must hold the RCU

 * readlock.

 * readlock or the task must be dead and unable to change its own credentials.

 *

 * The caller must make sure task doesn't go away, either by holding a ref on

 * task or by holding tasklist_lock to prevent it from being unlinked.

 * The result of this function should not be passed directly to get_cred();

 * rather get_task_cred() should be used instead.

 */

#define __task_cred(task)						\

	((const struct cred *)(rcu_dereference_check((task)->real_cred, rcu_read_lock_held() || lockdep_tasklist_lock_is_held())))

	({								\

		const struct task_struct *__t = (task);			\

		rcu_dereference_check(__t->real_cred,			\

				      rcu_read_lock_held() ||		\

				      task_is_dead(__t));		\

	})



/**

 * get_current_cred - Get the current task's subjective credentials

include/linux/sched.h

+1 −0
Original line number Diff line number Diff line
@@ -214,6 +214,7 @@ extern char ___assert_task_state[1 - 2*!!( 


#define task_is_traced(task)	((task->state & __TASK_TRACED) != 0)

#define task_is_stopped(task)	((task->state & __TASK_STOPPED) != 0)

#define task_is_dead(task)	((task)->exit_state != 0)

#define task_is_stopped_or_traced(task)	\

			((task->state & (__TASK_STOPPED | __TASK_TRACED)) != 0)

#define task_contributes_to_load(task)	\

CRA Git | Maintained and supported by SUSTech CRA and CCSE