Davidlohr Bueso wrote:
> The mm->exe_file is currently serialized with mmap_sem (shared) in order
> to both safely (1) read the file and (2) compute the realpath by calling
> tomoyo_realpath_from_path, making it an absolute overkill. Good users will,
> on the other hand, make use of the more standard get_mm_exe_file(), requiring
> only holding the mmap_sem to read the value, and relying on reference
>
> Signed-off-by: Davidlohr Bueso <dbueso@xxxxxxx>
Acked-by: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
James, will you apply to linux-security.git#next ?
I'm not using publicly accessible git tree for sending pull requests.
> ---
>
> Changes from v2: remove cleanups and cp initialization.
>
> security/tomoyo/util.c | 21 ++++++++++++---------
> 1 file changed, 12 insertions(+), 9 deletions(-)
>
> diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c
> index 2952ba5..29f3b65 100644
> --- a/security/tomoyo/util.c
> +++ b/security/tomoyo/util.c
> @@ -948,16 +948,19 @@ bool tomoyo_path_matches_pattern(const struct tomoyo_path_info *filename,
> */
> const char *tomoyo_get_exe(void)
> {
> - struct mm_struct *mm = current->mm;
> - const char *cp = NULL;
> + struct file *exe_file;
> + const char *cp;
> + struct mm_struct *mm = current->mm;
>
> - if (!mm)
> - return NULL;
> - down_read(&mm->mmap_sem);
> - if (mm->exe_file)
> - cp = tomoyo_realpath_from_path(&mm->exe_file->f_path);
> - up_read(&mm->mmap_sem);
> - return cp;
> + if (!mm)
> + return NULL;
> + exe_file = get_mm_exe_file(mm);
> + if (!exe_file)
> + return NULL;
> +
> + cp = tomoyo_realpath_from_path(&exe_file->f_path);
> + fput(exe_file);
> + return cp;
> }
>
> /**
> --
> 2.1.4
>
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>