Re: [PATCH 2.6.9] fork: move security_task_alloc() after p->parent initialization

From: Greg KH (greg@private)
Date: Tue Nov 23 2004 - 07:29:36 PST


On Tue, Nov 23, 2004 at 03:38:51PM +0100, Guillaume Thouvenin wrote:
> If we register a LSM hook and if we use the parameter passed to
> security_task_alloc(struct task_struct *p), the value of p->parent is
> wrong. This patch move the call to security_task_alloc() after the
> initialization of the field p->parent. 

No, that's way too late for this hook.

> --- kernel/fork.c.orig	2004-10-19 08:41:53.000000000 +0200
> +++ kernel/fork.c	2004-11-23 15:29:25.799903744 +0100
> @@ -1006,8 +1006,6 @@ static task_t *copy_process(unsigned lon
>   	}
>  #endif
>  
> -	if ((retval = security_task_alloc(p)))
> -		goto bad_fork_cleanup_policy;
>  	if ((retval = audit_alloc(p)))
>  		goto bad_fork_cleanup_security;
>  	/* copy all the process information */
> @@ -1092,6 +1090,9 @@ static task_t *copy_process(unsigned lon
>  		p->real_parent = current;
>  	p->parent = p->real_parent;
>  
> +	if ((retval = security_task_alloc(p)))
> +		goto bad_fork_cleanup_policy;
> +

And the error path is wrong :)

thanks,

greg k-h



This archive was generated by hypermail 2.1.3 : Tue Nov 23 2004 - 07:31:13 PST