Bernd Edlinger <bernd.edlinger@xxxxxxxxxx> writes: > This changes kcmp_epoll_target to use the new exec_update_mutex > instead of cred_guard_mutex. > > This should be safe, as the credentials are only used for reading, > and furthermore ->mm and ->sighand are updated on execve, > but only under the new exec_update_mutex. > Can you add a comment that the exec_update_mutex is not needed for KCMP_FILE? As both sets of credentials during exec are valid for accessing the files so exec_update_mutex does not matter. I don't think exec_update_mutex is needed for KCMP_SYSVSEM or KCMP_EPOLL_TFD either. As I don't think exec changes either one of those. Eric > Signed-off-by: Bernd Edlinger <bernd.edlinger@xxxxxxxxxx> > --- > kernel/kcmp.c | 8 ++++---- > 1 file changed, 4 insertions(+), 4 deletions(-) > > diff --git a/kernel/kcmp.c b/kernel/kcmp.c > index a0e3d7a..b3ff928 100644 > --- a/kernel/kcmp.c > +++ b/kernel/kcmp.c > @@ -173,8 +173,8 @@ static int kcmp_epoll_target(struct task_struct *task1, > /* > * One should have enough rights to inspect task details. > */ > - ret = kcmp_lock(&task1->signal->cred_guard_mutex, > - &task2->signal->cred_guard_mutex); > + ret = kcmp_lock(&task1->signal->exec_update_mutex, > + &task2->signal->exec_update_mutex); > if (ret) > goto err; > if (!ptrace_may_access(task1, PTRACE_MODE_READ_REALCREDS) || > @@ -229,8 +229,8 @@ static int kcmp_epoll_target(struct task_struct *task1, > } > > err_unlock: > - kcmp_unlock(&task1->signal->cred_guard_mutex, > - &task2->signal->cred_guard_mutex); > + kcmp_unlock(&task1->signal->exec_update_mutex, > + &task2->signal->exec_update_mutex); > err: > put_task_struct(task1); > put_task_struct(task2);