CRED: Use RCU to access another task's creds and to release a task's own creds

[net-next-2.6.git] / fs / proc / array.c

diff --git a/fs/proc/array.c b/fs/proc/array.c
index 62fe9b2009b60efa8b030c5cec70a477458fcca9..7e4877d9dcb58b71720cb6cd79a690b3149d44bb 100644 (file)
--- a/fs/proc/array.c
+++ b/fs/proc/array.c
@@ -159,6 +159,7 @@ static inline void task_state(struct seq_file *m, struct pid_namespace *ns,
        struct group_info *group_info;
        int g;
        struct fdtable *fdt = NULL;
+       const struct cred *cred;
        pid_t ppid, tpid;
 
        rcu_read_lock();
@@ -170,6 +171,7 @@ static inline void task_state(struct seq_file *m, struct pid_namespace *ns,
                if (tracer)
                        tpid = task_pid_nr_ns(tracer, ns);
        }
+       cred = get_cred((struct cred *) __task_cred(p));
        seq_printf(m,
                "State:\t%s\n"
                "Tgid:\t%d\n"
@@ -182,8 +184,8 @@ static inline void task_state(struct seq_file *m, struct pid_namespace *ns,
                task_tgid_nr_ns(p, ns),
                pid_nr_ns(pid, ns),
                ppid, tpid,
-               p->cred->uid, p->cred->euid, p->cred->suid, p->cred->fsuid,
-               p->cred->gid, p->cred->egid, p->cred->sgid, p->cred->fsgid);
+               cred->uid, cred->euid, cred->suid, cred->fsuid,
+               cred->gid, cred->egid, cred->sgid, cred->fsgid);
 
        task_lock(p);
        if (p->files)
@@ -194,13 +196,12 @@ static inline void task_state(struct seq_file *m, struct pid_namespace *ns,
                fdt ? fdt->max_fds : 0);
        rcu_read_unlock();
 
-       group_info = p->cred->group_info;
-       get_group_info(group_info);
+       group_info = cred->group_info;
        task_unlock(p);
 
        for (g = 0; g < min(group_info->ngroups, NGROUPS_SMALL); g++)
                seq_printf(m, "%d ", GROUP_AT(group_info, g));
-       put_group_info(group_info);
+       put_cred(cred);
 
        seq_printf(m, "\n");
 }
@@ -262,7 +263,7 @@ static inline void task_sig(struct seq_file *m, struct task_struct *p)
                blocked = p->blocked;
                collect_sigign_sigcatch(p, &ignored, &caught);
                num_threads = atomic_read(&p->signal->count);
-               qsize = atomic_read(&p->cred->user->sigpending);
+               qsize = atomic_read(&__task_cred(p)->user->sigpending);
                qlim = p->signal->rlim[RLIMIT_SIGPENDING].rlim_cur;
                unlock_task_sighand(p, &flags);
        }
@@ -293,12 +294,21 @@ static void render_cap_t(struct seq_file *m, const char *header,
 
 static inline void task_cap(struct seq_file *m, struct task_struct *p)
 {
-       struct cred *cred = p->cred;
+       const struct cred *cred;
+       kernel_cap_t cap_inheritable, cap_permitted, cap_effective, cap_bset;
 
-       render_cap_t(m, "CapInh:\t", &cred->cap_inheritable);
-       render_cap_t(m, "CapPrm:\t", &cred->cap_permitted);
-       render_cap_t(m, "CapEff:\t", &cred->cap_effective);
-       render_cap_t(m, "CapBnd:\t", &cred->cap_bset);
+       rcu_read_lock();
+       cred = __task_cred(p);
+       cap_inheritable = cred->cap_inheritable;
+       cap_permitted   = cred->cap_permitted;
+       cap_effective   = cred->cap_effective;
+       cap_bset        = cred->cap_bset;
+       rcu_read_unlock();
+
+       render_cap_t(m, "CapInh:\t", &cap_inheritable);
+       render_cap_t(m, "CapPrm:\t", &cap_permitted);
+       render_cap_t(m, "CapEff:\t", &cap_effective);
+       render_cap_t(m, "CapBnd:\t", &cap_bset);
 }
 
 static inline void task_context_switch_counts(struct seq_file *m,