Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752906AbbBSAKx (ORCPT ); Wed, 18 Feb 2015 19:10:53 -0500 Received: from smtp2.provo.novell.com ([137.65.250.81]:56919 "EHLO smtp2.provo.novell.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752724AbbBSAKv (ORCPT ); Wed, 18 Feb 2015 19:10:51 -0500 From: Davidlohr Bueso To: akpm@linux-foundation.org Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, dave@stgolabs.net, paul@paul-moore.com, eparis@redhat.com, linux-audit@redhat.com, Davidlohr Bueso Subject: [PATCH 2/3] kernel/audit: robustify handling of mm->exe_file Date: Wed, 18 Feb 2015 16:10:40 -0800 Message-Id: <1424304641-28965-3-git-send-email-dbueso@suse.de> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1424304641-28965-1-git-send-email-dbueso@suse.de> References: <1424304641-28965-1-git-send-email-dbueso@suse.de> Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2128 Lines: 76 From: Davidlohr Bueso The mm->exe_file is currently serialized with mmap_sem (shared) in order to both safely (1) read the file and (2) audit it via audit_log_d_path(). Good users will, on the other hand, make use of the more standard get_mm_exe_file(), requiring only holding the mmap_sem to read the value, and relying on reference counting to make sure that the exe file won't dissapear underneath us. This is safe as audit_log_d_path() does not need the mmap_sem -- ...and if it did we seriously need to fix that. Additionally, upon NULL return of get_mm_exe_file, we also call audit_log_format(ab, " exe=(null)"). Cc: Paul Moore Cc: Eric Paris Cc: linux-audit@redhat.com Signed-off-by: Davidlohr Bueso --- Compiled tested only. kernel/audit.h | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/kernel/audit.h b/kernel/audit.h index 510901f..17020f0 100644 --- a/kernel/audit.h +++ b/kernel/audit.h @@ -20,6 +20,7 @@ */ #include +#include #include #include #include @@ -260,15 +261,20 @@ extern struct audit_entry *audit_dupe_rule(struct audit_krule *old); static inline void audit_log_d_path_exe(struct audit_buffer *ab, struct mm_struct *mm) { - if (!mm) { - audit_log_format(ab, " exe=(null)"); - return; - } - - down_read(&mm->mmap_sem); - if (mm->exe_file) - audit_log_d_path(ab, " exe=", &mm->exe_file->f_path); - up_read(&mm->mmap_sem); + struct file *exe_file; + + if (!mm) + goto out_null; + + exe_file = get_mm_exe_file(mm); + if (!exe_file) + goto out_null; + + audit_log_d_path(ab, " exe=", &exe_file->f_path); + fput(exe_file); + return; +out_null: + audit_log_format(ab, " exe=(null)"); } /* audit watch functions */ -- 2.1.4 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/