The patch titled audit: use rcu for task lookup protection has been added to the -mm tree. Its filename is audit-use-rcu-for-task-lookup-protection.patch Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/SubmitChecklist when testing your code *** See http://userweb.kernel.org/~akpm/stuff/added-to-mm.txt to find out what to do about this The current -mm tree may be found at http://userweb.kernel.org/~akpm/mmotm/ ------------------------------------------------------ Subject: audit: use rcu for task lookup protection From: Thomas Gleixner <tglx@xxxxxxxxxxxxx> Protect the task lookups in audit_receive_msg() with rcu_read_lock() instead of tasklist_lock and use lock/unlock_sighand to protect against the exit race. Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx> Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Cc: Eric Paris <eparis@xxxxxxxxxx> Cc: Peter Zijlstra <peterz@xxxxxxxxxxxxx> Cc: Oleg Nesterov <oleg@xxxxxxxxxx> Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> --- kernel/audit.c | 30 ++++++++++++++---------------- 1 file changed, 14 insertions(+), 16 deletions(-) diff -puN kernel/audit.c~audit-use-rcu-for-task-lookup-protection kernel/audit.c --- a/kernel/audit.c~audit-use-rcu-for-task-lookup-protection +++ a/kernel/audit.c @@ -873,17 +873,16 @@ static int audit_receive_msg(struct sk_b case AUDIT_TTY_GET: { struct audit_tty_status s; struct task_struct *tsk; + unsigned long flags; - read_lock(&tasklist_lock); + rcu_read_lock(); tsk = find_task_by_vpid(pid); - if (!tsk) - err = -ESRCH; - else { - spin_lock_irq(&tsk->sighand->siglock); + if (tsk && lock_task_sighand(tsk, &flags)) { s.enabled = tsk->signal->audit_tty != 0; - spin_unlock_irq(&tsk->sighand->siglock); - } - read_unlock(&tasklist_lock); + unlock_task_sighand(tsk, &flags); + } else + err = -ESRCH; + rcu_read_unlock(); if (!err) audit_send_reply(NETLINK_CB(skb).pid, seq, @@ -893,22 +892,21 @@ static int audit_receive_msg(struct sk_b case AUDIT_TTY_SET: { struct audit_tty_status *s; struct task_struct *tsk; + unsigned long flags; if (nlh->nlmsg_len < sizeof(struct audit_tty_status)) return -EINVAL; s = data; if (s->enabled != 0 && s->enabled != 1) return -EINVAL; - read_lock(&tasklist_lock); + rcu_read_lock(); tsk = find_task_by_vpid(pid); - if (!tsk) - err = -ESRCH; - else { - spin_lock_irq(&tsk->sighand->siglock); + if (tsk && lock_task_sighand(tsk, &flags)) { tsk->signal->audit_tty = s->enabled != 0; - spin_unlock_irq(&tsk->sighand->siglock); - } - read_unlock(&tasklist_lock); + unlock_task_sighand(tsk, &flags); + } else + err = -ESRCH; + rcu_read_unlock(); break; } default: _ Patches currently in -mm which might be from tglx@xxxxxxxxxxxxx are linux-next.patch audit-call-tty_audit_push_task-outside-preempt-disabled.patch audit-do-not-send-uninitialized-data-for-audit_tty_get.patch audit-use-rcu-for-task-lookup-protection.patch time-compensate-for-rounding-on-odd-frequency-clocksources.patch x86-enable-arch_dma_addr_t_64bit-with-x86_64-highmem64g.patch hpet-fix-unwanted-interrupt-due-to-stale-irq-status-bit.patch hpet-factor-timer-allocate-from-open.patch timer_list-remove-alignment-padding-on-64-bit-when-config_timer_stats.patch timer-initialize-the-field-slack-of-timer_list.patch kernel-time-use-array_size-macro-in-timecomparec.patch sched-make-sched_param-argument-static-variables-in-some-sched_setscheduler-caller.patch kernelh-add-minmax3-macros.patch kernelh-add-minmax3-macros-fix.patch replace-nested-max-min-macros-with-maxmin3-macro.patch add-the-common-dma_addr_t-typedef-to-include-linux-typesh.patch select-rename-estimate_accuracy-to-select_estimate_accuracy.patch epoll-make-epoll_wait-use-the-hrtimer-range-feature.patch -- To unsubscribe from this list: send the line "unsubscribe mm-commits" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html