首頁 探索 說明
註冊 登入
phyus
/
linux-vybrid_public
8
0
複刻 0
檔案 問題管理 0 合併請求 0 Wiki
瀏覽代碼

rlimits: selinux, do rlimits changes under task_lock

When doing an exec, selinux updates rlimits in its code of current
process depending on current max. Make sure max or cur doesn't change
in the meantime by grabbing task_lock which do_prlimit needs for
changing limits too.

While at it, use rlimit helper for accessing CPU rlimit a line below.
To have a volatile access too.

Signed-off-by: Jiri Slaby <jslaby@suse.cz>
Cc: Oleg Nesterov <oleg@redhat.com>
Oleg Nesterov 15 年之前
父節點
2fb9d2689a
當前提交
eb2d55a32b
共有 1 個文件被更改,包括 4 次插入2 次删除
分割檢視 顯示文件統計
  1. 4 2
      security/selinux/hooks.c

+ 4 - 2
security/selinux/hooks.c
查看文件 

@@ -2333,13 +2333,15 @@ static void selinux_bprm_committing_creds(struct linux_binprm *bprm)
 
 	rc = avc_has_perm(new_tsec->osid, new_tsec->sid, SECCLASS_PROCESS,
 
 			  PROCESS__RLIMITINH, NULL);
 
 	if (rc) {
 
+		/* protect against do_prlimit() */
 
+		task_lock(current);
 
 		for (i = 0; i < RLIM_NLIMITS; i++) {
 
 			rlim = current->signal->rlim + i;
 
 			initrlim = init_task.signal->rlim + i;
 
 			rlim->rlim_cur = min(rlim->rlim_max, initrlim->rlim_cur);
 
 		}
 
-		update_rlimit_cpu(current,
 
-				current->signal->rlim[RLIMIT_CPU].rlim_cur);
 
+		task_unlock(current);
 
+		update_rlimit_cpu(current, rlimit(RLIMIT_CPU));
 
 	}
 
 }