Date: Mon, 21 Jun 2010 18:14:52 -0700
From: Kees Cook <kees.cook@canonical.com>
To: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
Cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org,
       linux-fsdevel@vger.kernel.org
Subject: Re: [PATCH] security: Yama LSM
Message-ID: <20100622011452.GN24749@outflux.net>
References: <20100621213424.GG24749@outflux.net>
 <201006220028.o5M0Sbx7062650@www262.sakura.ne.jp>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <201006220028.o5M0Sbx7062650@www262.sakura.ne.jp>
Organization: Canonical
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1188
Lines: 38

Hi Tetsuo,

On Tue, Jun 22, 2010 at 09:28:37AM +0900, Tetsuo Handa wrote:
> Kees Cook wrote:
> > +       /* require ptrace target be a child of ptracer on attach */
> > +       if (mode == PTRACE_MODE_ATTACH && ptrace_scope &&
> > +           !capable(CAP_SYS_PTRACE)) {
> > +               struct task_struct *walker = child;
> > +
> > +               read_lock(&tasklist_lock);
> 
> Holding tasklist_lock does not imply rcu protection.
> Don't you need rcu_read_lock() like setpriority() and getppid()?

You're totally right, thanks for the catch!  Looks like setpriority() does
a similar kind of thing, so I've wrapped the whole thing in rcu_ now:

...
+               rcu_read_lock();
                read_lock(&tasklist_lock);
                while (walker->pid > 0) {
...
                        rc = -EPERM;
                read_unlock(&tasklist_lock);
+               rcu_read_unlock();
...


-Kees

-- 
Kees Cook
Ubuntu Security Team
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/