The patch titled
proc: optimize proc_check_dentry_visible
has been removed from the -mm tree. Its filename is
proc-optimize-proc_check_dentry_visible.patch
This patch was dropped because it was merged into mainline or a subsystem tree
------------------------------------------------------
Subject: proc: optimize proc_check_dentry_visible
From: Eric W. Biederman <ebiederm@xxxxxxxxxxxx>
The code doesn't need to sleep to when making this check so I can just do the
comparison and not worry about the reference counts.
TODO: While looking at this I realized that my original cleanup did not push
the permission check far enough down into the stack. The call of
proc_check_dentry_visible needs to move out of the generic proc
readlink/follow link code and into the individual get_link instances.
Otherwise the shared resources checks are not quite correct (shared
files_struct does not require a shared fs_struct), and there are races with
unshare.
Signed-off-by: Eric W. Biederman <ebiederm@xxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxx>
---
fs/proc/base.c | 29 ++++++++++++++++-------------
1 file changed, 16 insertions(+), 13 deletions(-)
diff -puN fs/proc/base.c~proc-optimize-proc_check_dentry_visible fs/proc/base.c
--- a/fs/proc/base.c~proc-optimize-proc_check_dentry_visible
+++ a/fs/proc/base.c
@@ -1074,24 +1074,27 @@ static int proc_check_dentry_visible(str
* namespace, or are simply process local (like pipes).
*/
struct task_struct *task;
- struct files_struct *task_files, *files;
int error = -EACCES;
/* See if the the two tasks share a commone set of
* file descriptors. If so everything is visible.
*/
- task = get_proc_task(inode);
- if (!task)
- goto out;
- files = get_files_struct(current);
- task_files = get_files_struct(task);
- if (files && task_files && (files == task_files))
- error = 0;
- if (task_files)
- put_files_struct(task_files);
- if (files)
- put_files_struct(files);
- put_task_struct(task);
+ rcu_read_lock();
+ task = tref_task(proc_tref(inode));
+ if (task) {
+ struct files_struct *task_files, *files;
+ /* This test answeres the question:
+ * Is there a point in time since we looked up the
+ * file descriptor where the two tasks share the
+ * same files struct?
+ */
+ rmb();
+ files = current->files;
+ task_files = task->files;
+ if (files && (files == task_files))
+ error = 0;
+ }
+ rcu_read_unlock();
if (!error)
goto out;
_
Patches currently in -mm which might be from ebiederm@xxxxxxxxxxxx are
origin.patch
powerpc-adding-the-use-of-the-firmware-soft-reset-nmi-to-kdump.patch
proc-sysctl-add-_proc_do_string-helper.patch
namespaces-add-nsproxy.patch
namespaces-add-nsproxy-dont-include-compileh.patch
namespaces-incorporate-fs-namespace-into-nsproxy.patch
namespaces-utsname-introduce-temporary-helpers.patch
namespaces-utsname-switch-to-using-uts-namespaces.patch
namespaces-utsname-switch-to-using-uts-namespaces-alpha-fix.patch
namespaces-utsname-switch-to-using-uts-namespaces-cleanup.patch
namespaces-utsname-use-init_utsname-when-appropriate.patch
namespaces-utsname-use-init_utsname-when-appropriate-cifs-update.patch
namespaces-utsname-implement-utsname-namespaces.patch
namespaces-utsname-implement-utsname-namespaces-export.patch
namespaces-utsname-implement-utsname-namespaces-dont-include-compileh.patch
namespaces-utsname-sysctl-hack.patch
namespaces-utsname-sysctl-hack-cleanup.patch
namespaces-utsname-sysctl-hack-cleanup-2.patch
namespaces-utsname-sysctl-hack-cleanup-2-fix.patch
namespaces-utsname-remove-system_utsname.patch
namespaces-utsname-implement-clone_newuts-flag.patch
uts-copy-nsproxy-only-when-needed.patch
ipc-namespace-core-fix.patch
ipc-namespace-core-unshare-fix.patch
ipc-namespace-utils-compilation-fix.patch
genirq-irq-document-what-an-irq-is.patch
-
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
