git://ftp.safe.ca
/
safe
/
jmp
/
linux-2.6
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
[CVE-2009-0029] System call wrappers part 28
[safe/jmp/linux-2.6]
/
fs
/
ioprio.c
diff --git
a/fs/ioprio.c
b/fs/ioprio.c
index
bb5210a
..
c7c0b28
100644
(file)
--- a/
fs/ioprio.c
+++ b/
fs/ioprio.c
@@
-27,14
+27,20
@@
#include <linux/security.h>
#include <linux/pid_namespace.h>
#include <linux/security.h>
#include <linux/pid_namespace.h>
-
static
int set_task_ioprio(struct task_struct *task, int ioprio)
+int set_task_ioprio(struct task_struct *task, int ioprio)
{
int err;
struct io_context *ioc;
{
int err;
struct io_context *ioc;
+ const struct cred *cred = current_cred(), *tcred;
- if (task->cred->uid != current_euid() &&
- task->cred->uid != current_uid() && !capable(CAP_SYS_NICE))
+ rcu_read_lock();
+ tcred = __task_cred(task);
+ if (tcred->uid != cred->euid &&
+ tcred->uid != cred->uid && !capable(CAP_SYS_NICE)) {
+ rcu_read_unlock();
return -EPERM;
return -EPERM;
+ }
+ rcu_read_unlock();
err = security_task_setioprio(task, ioprio);
if (err)
err = security_task_setioprio(task, ioprio);
if (err)
@@
-64,8
+70,9
@@
static int set_task_ioprio(struct task_struct *task, int ioprio)
task_unlock(task);
return err;
}
task_unlock(task);
return err;
}
+EXPORT_SYMBOL_GPL(set_task_ioprio);
-
asmlinkage long sys_ioprio_set(int which, int who, int
ioprio)
+
SYSCALL_DEFINE3(ioprio_set, int, which, int, who, int,
ioprio)
{
int class = IOPRIO_PRIO_CLASS(ioprio);
int data = IOPRIO_PRIO_DATA(ioprio);
{
int class = IOPRIO_PRIO_CLASS(ioprio);
int data = IOPRIO_PRIO_DATA(ioprio);
@@
-123,7
+130,7
@@
asmlinkage long sys_ioprio_set(int which, int who, int ioprio)
break;
case IOPRIO_WHO_USER:
if (!who)
break;
case IOPRIO_WHO_USER:
if (!who)
- user = current
->cred->user
;
+ user = current
_user()
;
else
user = find_user(who);
else
user = find_user(who);
@@
-131,7
+138,7
@@
asmlinkage long sys_ioprio_set(int which, int who, int ioprio)
break;
do_each_thread(g, p) {
break;
do_each_thread(g, p) {
- if (
p->cred
->uid != who)
+ if (
__task_cred(p)
->uid != who)
continue;
ret = set_task_ioprio(p, ioprio);
if (ret)
continue;
ret = set_task_ioprio(p, ioprio);
if (ret)
@@
-181,7
+188,7
@@
int ioprio_best(unsigned short aprio, unsigned short bprio)
return aprio;
}
return aprio;
}
-
asmlinkage long sys_ioprio_get(int which, int
who)
+
SYSCALL_DEFINE2(ioprio_get, int, which, int,
who)
{
struct task_struct *g, *p;
struct user_struct *user;
{
struct task_struct *g, *p;
struct user_struct *user;
@@
-216,7
+223,7
@@
asmlinkage long sys_ioprio_get(int which, int who)
break;
case IOPRIO_WHO_USER:
if (!who)
break;
case IOPRIO_WHO_USER:
if (!who)
- user = current
->cred->user
;
+ user = current
_user()
;
else
user = find_user(who);
else
user = find_user(who);
@@
-224,7
+231,7
@@
asmlinkage long sys_ioprio_get(int which, int who)
break;
do_each_thread(g, p) {
break;
do_each_thread(g, p) {
- if (
p->cred
->uid != user->uid)
+ if (
__task_cred(p)
->uid != user->uid)
continue;
tmpio = get_task_ioprio(p);
if (tmpio < 0)
continue;
tmpio = get_task_ioprio(p);
if (tmpio < 0)
@@
-245,4
+252,3
@@
asmlinkage long sys_ioprio_get(int which, int who)
read_unlock(&tasklist_lock);
return ret;
}
read_unlock(&tasklist_lock);
return ret;
}
-