yama: don't abuse rcu_read_lock/get_task_struct in yama_task_prctl()

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

current->group_leader is stable, no need to take rcu_read_lock() and do
get/put_task_struct().

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Link: https://lore.kernel.org/r/20250219161417.GA20851@redhat.com
Signed-off-by: Kees Cook <kees@kernel.org>

authored by

Oleg Nesterov and committed by

Kees Cook 1 year ago 71c76923 a3aac126

+2 -7

1 changed file

expand all

security

yama

yama_lsm.c

+2 -7

security/yama/yama_lsm.c

··· 222 222 unsigned long arg4, unsigned long arg5) 223 223 { 224 224 int rc = -ENOSYS; 225 - struct task_struct *myself = current; 225 + struct task_struct *myself; 226 226 227 227 switch (option) { 228 228 case PR_SET_PTRACER: ··· 232 232 * leader checking is handled later when walking the ancestry 233 233 * at the time of PTRACE_ATTACH check. 234 234 */ 235 - rcu_read_lock(); 236 - if (!thread_group_leader(myself)) 237 - myself = rcu_dereference(myself->group_leader); 238 - get_task_struct(myself); 239 - rcu_read_unlock(); 235 + myself = current->group_leader; 240 236 241 237 if (arg2 == 0) { 242 238 yama_ptracer_del(NULL, myself); ··· 251 255 } 252 256 } 253 257 254 - put_task_struct(myself); 255 258 break; 256 259 } 257 260