Commit 511a8cdb authored by Linus Torvalds's avatar Linus Torvalds

Merge branch 'stable-4.8' of git://git.infradead.org/users/pcmoore/audit

Pull audit fixes from Paul Moore:
 "Two small patches to fix some bugs with the audit-by-executable
  functionality we introduced back in v4.3 (both patches are marked
  for the stable folks)"

* 'stable-4.8' of git://git.infradead.org/users/pcmoore/audit:
  audit: fix exe_file access in audit_exe_compare
  mm: introduce get_task_exe_file
parents 7d1ce606 5efc2443
...@@ -1556,18 +1556,13 @@ static const struct file_operations proc_pid_set_comm_operations = { ...@@ -1556,18 +1556,13 @@ static const struct file_operations proc_pid_set_comm_operations = {
static int proc_exe_link(struct dentry *dentry, struct path *exe_path) static int proc_exe_link(struct dentry *dentry, struct path *exe_path)
{ {
struct task_struct *task; struct task_struct *task;
struct mm_struct *mm;
struct file *exe_file; struct file *exe_file;
task = get_proc_task(d_inode(dentry)); task = get_proc_task(d_inode(dentry));
if (!task) if (!task)
return -ENOENT; return -ENOENT;
mm = get_task_mm(task); exe_file = get_task_exe_file(task);
put_task_struct(task); put_task_struct(task);
if (!mm)
return -ENOENT;
exe_file = get_mm_exe_file(mm);
mmput(mm);
if (exe_file) { if (exe_file) {
*exe_path = exe_file->f_path; *exe_path = exe_file->f_path;
path_get(&exe_file->f_path); path_get(&exe_file->f_path);
......
...@@ -2014,6 +2014,7 @@ extern void mm_drop_all_locks(struct mm_struct *mm); ...@@ -2014,6 +2014,7 @@ extern void mm_drop_all_locks(struct mm_struct *mm);
extern void set_mm_exe_file(struct mm_struct *mm, struct file *new_exe_file); extern void set_mm_exe_file(struct mm_struct *mm, struct file *new_exe_file);
extern struct file *get_mm_exe_file(struct mm_struct *mm); extern struct file *get_mm_exe_file(struct mm_struct *mm);
extern struct file *get_task_exe_file(struct task_struct *task);
extern bool may_expand_vm(struct mm_struct *, vm_flags_t, unsigned long npages); extern bool may_expand_vm(struct mm_struct *, vm_flags_t, unsigned long npages);
extern void vm_stat_account(struct mm_struct *, vm_flags_t, long npages); extern void vm_stat_account(struct mm_struct *, vm_flags_t, long npages);
......
...@@ -19,6 +19,7 @@ ...@@ -19,6 +19,7 @@
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/ */
#include <linux/file.h>
#include <linux/kernel.h> #include <linux/kernel.h>
#include <linux/audit.h> #include <linux/audit.h>
#include <linux/kthread.h> #include <linux/kthread.h>
...@@ -544,10 +545,11 @@ int audit_exe_compare(struct task_struct *tsk, struct audit_fsnotify_mark *mark) ...@@ -544,10 +545,11 @@ int audit_exe_compare(struct task_struct *tsk, struct audit_fsnotify_mark *mark)
unsigned long ino; unsigned long ino;
dev_t dev; dev_t dev;
rcu_read_lock(); exe_file = get_task_exe_file(tsk);
exe_file = rcu_dereference(tsk->mm->exe_file); if (!exe_file)
return 0;
ino = exe_file->f_inode->i_ino; ino = exe_file->f_inode->i_ino;
dev = exe_file->f_inode->i_sb->s_dev; dev = exe_file->f_inode->i_sb->s_dev;
rcu_read_unlock(); fput(exe_file);
return audit_mark_compare(mark, ino, dev); return audit_mark_compare(mark, ino, dev);
} }
...@@ -798,6 +798,29 @@ struct file *get_mm_exe_file(struct mm_struct *mm) ...@@ -798,6 +798,29 @@ struct file *get_mm_exe_file(struct mm_struct *mm)
} }
EXPORT_SYMBOL(get_mm_exe_file); EXPORT_SYMBOL(get_mm_exe_file);
/**
* get_task_exe_file - acquire a reference to the task's executable file
*
* Returns %NULL if task's mm (if any) has no associated executable file or
* this is a kernel thread with borrowed mm (see the comment above get_task_mm).
* User must release file via fput().
*/
struct file *get_task_exe_file(struct task_struct *task)
{
struct file *exe_file = NULL;
struct mm_struct *mm;
task_lock(task);
mm = task->mm;
if (mm) {
if (!(task->flags & PF_KTHREAD))
exe_file = get_mm_exe_file(mm);
}
task_unlock(task);
return exe_file;
}
EXPORT_SYMBOL(get_task_exe_file);
/** /**
* get_task_mm - acquire a reference to the task's mm * get_task_mm - acquire a reference to the task's mm
* *
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment