Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull seccomp fix from James Morris. BUG(!spin_is_locked()) really doesn't work very well in UP configurations without any actual spinlock state. Which is very much why we have that "assert_spin_lock()" function for this. * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: seccomp: Replace BUG(!spin_is_locked()) with assert_spin_lock
This commit is contained in:
commit
311bf6d1cb
@ -1105,7 +1105,7 @@ static void copy_seccomp(struct task_struct *p)
|
||||
* needed because this new task is not yet running and cannot
|
||||
* be racing exec.
|
||||
*/
|
||||
BUG_ON(!spin_is_locked(¤t->sighand->siglock));
|
||||
assert_spin_locked(¤t->sighand->siglock);
|
||||
|
||||
/* Ref-count the new filter user, and assign it. */
|
||||
get_seccomp_filter(current);
|
||||
|
@ -203,7 +203,7 @@ static u32 seccomp_run_filters(int syscall)
|
||||
|
||||
static inline bool seccomp_may_assign_mode(unsigned long seccomp_mode)
|
||||
{
|
||||
BUG_ON(!spin_is_locked(¤t->sighand->siglock));
|
||||
assert_spin_locked(¤t->sighand->siglock);
|
||||
|
||||
if (current->seccomp.mode && current->seccomp.mode != seccomp_mode)
|
||||
return false;
|
||||
@ -214,7 +214,7 @@ static inline bool seccomp_may_assign_mode(unsigned long seccomp_mode)
|
||||
static inline void seccomp_assign_mode(struct task_struct *task,
|
||||
unsigned long seccomp_mode)
|
||||
{
|
||||
BUG_ON(!spin_is_locked(&task->sighand->siglock));
|
||||
assert_spin_locked(&task->sighand->siglock);
|
||||
|
||||
task->seccomp.mode = seccomp_mode;
|
||||
/*
|
||||
@ -253,7 +253,7 @@ static inline pid_t seccomp_can_sync_threads(void)
|
||||
struct task_struct *thread, *caller;
|
||||
|
||||
BUG_ON(!mutex_is_locked(¤t->signal->cred_guard_mutex));
|
||||
BUG_ON(!spin_is_locked(¤t->sighand->siglock));
|
||||
assert_spin_locked(¤t->sighand->siglock);
|
||||
|
||||
/* Validate all threads being eligible for synchronization. */
|
||||
caller = current;
|
||||
@ -294,7 +294,7 @@ static inline void seccomp_sync_threads(void)
|
||||
struct task_struct *thread, *caller;
|
||||
|
||||
BUG_ON(!mutex_is_locked(¤t->signal->cred_guard_mutex));
|
||||
BUG_ON(!spin_is_locked(¤t->sighand->siglock));
|
||||
assert_spin_locked(¤t->sighand->siglock);
|
||||
|
||||
/* Synchronize all threads. */
|
||||
caller = current;
|
||||
@ -464,7 +464,7 @@ static long seccomp_attach_filter(unsigned int flags,
|
||||
unsigned long total_insns;
|
||||
struct seccomp_filter *walker;
|
||||
|
||||
BUG_ON(!spin_is_locked(¤t->sighand->siglock));
|
||||
assert_spin_locked(¤t->sighand->siglock);
|
||||
|
||||
/* Validate resulting filter length. */
|
||||
total_insns = filter->prog->len;
|
||||
|
Loading…
Reference in New Issue
Block a user