On Thu, Jul 26, 2012 at 8:41 AM, Oleg Nesterov <o...@redhat.com> wrote:
> On 07/26, Fengguang Wu wrote:
>>
>> Here is a recursive lock possibility:
>>
>> ptrace_may_access()
>> => task_lock(task);
>> yama_ptrace_access_check()
>> get_task_comm()
>> => task_lock(task);
>
> I think yama_ptrace_access_check() can simply use ->comm
>
> Oleg.
>
> --- x/security/yama/yama_lsm.c
> +++ x/security/yama/yama_lsm.c
> @@ -279,12 +279,9 @@ static int yama_ptrace_access_check(stru
> }
>
> if (rc) {
> - char name[sizeof(current->comm)];
> printk_ratelimited(KERN_NOTICE
> "ptrace of pid %d was attempted by: %s (pid %d)\n",
> - child->pid,
> - get_task_comm(name, current),
> - current->pid);
> + child->pid, current->comm, current->pid);
> }
>
> return rc;
>
Great catch, thanks! I've sent Oleg's suggestion (with an added
comment) separately.
-Kees
--
Kees Cook
Chrome OS Security
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
