diff options
author | Eric W. Biederman <ebiederm@xmission.com> | 2006-06-26 00:25:57 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-06-26 09:58:26 -0700 |
commit | 5b0c1dd38b66e2dd0cf655aa845e341b50b93ddd (patch) | |
tree | e8d3341591958d9c3e11400a2f16287a6dd00c46 | |
parent | 13b41b09491e5d75e8027dca1ee78f5e073bc4c0 (diff) | |
download | op-kernel-dev-5b0c1dd38b66e2dd0cf655aa845e341b50b93ddd.zip op-kernel-dev-5b0c1dd38b66e2dd0cf655aa845e341b50b93ddd.tar.gz |
[PATCH] proc: optimize proc_check_dentry_visible
The code doesn't need to sleep to when making this check so I can just do the
comparison and not worry about the reference counts.
TODO: While looking at this I realized that my original cleanup did not push
the permission check far enough down into the stack. The call of
proc_check_dentry_visible needs to move out of the generic proc
readlink/follow link code and into the individual get_link instances.
Otherwise the shared resources checks are not quite correct (shared
files_struct does not require a shared fs_struct), and there are races with
unshare.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-rw-r--r-- | fs/proc/base.c | 29 |
1 files changed, 16 insertions, 13 deletions
diff --git a/fs/proc/base.c b/fs/proc/base.c index c7f8554..f0db7f6 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -1074,24 +1074,27 @@ static int proc_check_dentry_visible(struct inode *inode, * namespace, or are simply process local (like pipes). */ struct task_struct *task; - struct files_struct *task_files, *files; int error = -EACCES; /* See if the the two tasks share a commone set of * file descriptors. If so everything is visible. */ - task = get_proc_task(inode); - if (!task) - goto out; - files = get_files_struct(current); - task_files = get_files_struct(task); - if (files && task_files && (files == task_files)) - error = 0; - if (task_files) - put_files_struct(task_files); - if (files) - put_files_struct(files); - put_task_struct(task); + rcu_read_lock(); + task = tref_task(proc_tref(inode)); + if (task) { + struct files_struct *task_files, *files; + /* This test answeres the question: + * Is there a point in time since we looked up the + * file descriptor where the two tasks share the + * same files struct? + */ + rmb(); + files = current->files; + task_files = task->files; + if (files && (files == task_files)) + error = 0; + } + rcu_read_unlock(); if (!error) goto out; |