diff options
| author | Oleg Nesterov <[email protected]> | 2014-01-23 15:55:31 -0800 |
|---|---|---|
| committer | Linus Torvalds <[email protected]> | 2014-01-23 16:37:01 -0800 |
| commit | abacd2fe3ca10b3ade57f3634053241a660002c2 (patch) | |
| tree | e3d8d77e9b12d2e57a90a026a225313ccca9ddb1 /tools/perf/scripts/python/net_dropmonitor.py | |
| parent | f3c73a99a1fac2db992b6879b8a78a3ae2fcc06e (diff) | |
coredump: set_dumpable: fix the theoretical race with itself
set_dumpable() updates MMF_DUMPABLE_MASK in a non-trivial way to ensure
that get_dumpable() can't observe the intermediate state, but this all
can't help if multiple threads call set_dumpable() at the same time.
And in theory commit_creds()->set_dumpable(SUID_DUMP_ROOT) racing with
sys_prctl()->set_dumpable(SUID_DUMP_DISABLE) can result in SUID_DUMP_USER.
Change this code to update both bits atomically via cmpxchg().
Note: this assumes that it is safe to mix bitops and cmpxchg. IOW, if,
say, an architecture implements cmpxchg() using the locking (like
arch/parisc/lib/bitops.c does), then it should use the same locks for
set_bit/etc.
Signed-off-by: Oleg Nesterov <[email protected]>
Acked-by: Kees Cook <[email protected]>
Cc: Alex Kelly <[email protected]>
Cc: "Eric W. Biederman" <[email protected]>
Cc: Josh Triplett <[email protected]>
Cc: Petr Matousek <[email protected]>
Cc: Vasily Kulikov <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
Diffstat (limited to 'tools/perf/scripts/python/net_dropmonitor.py')
0 files changed, 0 insertions, 0 deletions