task_struct::cred is only used task-synchronously and does not require any RCU locks, hence, rcu_dereference_check is not required to read from it.
Suggested-by: Jann Horn <[email protected]> Co-developed-by: Joel Fernandes (Google) <[email protected]> Signed-off-by: Joel Fernandes (Google) <[email protected]> Signed-off-by: Amol Grover <[email protected]> --- kernel/auditsc.c | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 4effe01ebbe2..d3510513cdd1 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -430,24 +430,19 @@ static int audit_field_compare(struct task_struct *tsk, /* Determine if any context name data matches a rule's watch data */ /* Compare a task_struct with an audit_rule. Return 1 on match, 0 * otherwise. - * - * If task_creation is true, this is an explicit indication that we are - * filtering a task rule at task creation time. This and tsk == current are - * the only situations where tsk->cred may be accessed without an rcu read lock. */ static int audit_filter_rules(struct task_struct *tsk, struct audit_krule *rule, struct audit_context *ctx, struct audit_names *name, - enum audit_state *state, - bool task_creation) + enum audit_state *state) { const struct cred *cred; int i, need_sid = 1; u32 sid; unsigned int sessionid; - cred = rcu_dereference_check(tsk->cred, tsk == current || task_creation); + cred = tsk->cred; for (i = 0; i < rule->field_count; i++) { struct audit_field *f = &rule->fields[i]; @@ -745,7 +740,7 @@ static enum audit_state audit_filter_task(struct task_struct *tsk, char **key) rcu_read_lock(); list_for_each_entry_rcu(e, &audit_filter_list[AUDIT_FILTER_TASK], list) { if (audit_filter_rules(tsk, &e->rule, NULL, NULL, - &state, true)) { + &state)) { if (state == AUDIT_RECORD_CONTEXT) *key = kstrdup(e->rule.filterkey, GFP_ATOMIC); rcu_read_unlock(); @@ -791,7 +786,7 @@ static enum audit_state audit_filter_syscall(struct task_struct *tsk, list_for_each_entry_rcu(e, list, list) { if (audit_in_mask(&e->rule, ctx->major) && audit_filter_rules(tsk, &e->rule, ctx, NULL, - &state, false)) { + &state)) { rcu_read_unlock(); ctx->current_state = state; return state; @@ -815,7 +810,7 @@ static int audit_filter_inode_name(struct task_struct *tsk, list_for_each_entry_rcu(e, list, list) { if (audit_in_mask(&e->rule, ctx->major) && - audit_filter_rules(tsk, &e->rule, ctx, n, &state, false)) { + audit_filter_rules(tsk, &e->rule, ctx, n, &state)) { ctx->current_state = state; return 1; } -- 2.24.1 -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
