From: Olaf Dietsche <olaf+list.linux-kernel@olafdietsche.de>

Andrew Morton <akpm@osdl.org> writes:

> ftp://ftp.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.5/2.6.5-mm4/
>
> +compute-creds-race-fix.patch
> +compute-creds-race-fix-fix.patch
>
>  Fix possible race in permission calculation across exec()

this is a small fix for the modified must_not_trace_exec() test.  I have
tested neither the compute-creds-race-fix nor my patch.  It is on top of
2.6.5 + compute-creds-race-fix.patch + compute-creds-race-fix-fix.patch.

Although, I'd rather not lump together unrelated tests without renaming
must_not_trace_exec().  Btw, can someone enlighten me what this
atomic_read() test is all about.


---

 25-akpm/security/commoncap.c |    6 +++---
 25-akpm/security/dummy.c     |    6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff -puN security/commoncap.c~compute-creds-race-fix-fix-fix security/commoncap.c
--- 25/security/commoncap.c~compute-creds-race-fix-fix-fix	2004-04-12 02:52:50.298670872 -0700
+++ 25-akpm/security/commoncap.c	2004-04-12 02:52:50.305669808 -0700
@@ -118,9 +118,9 @@ int cap_bprm_set_security (struct linux_
 static inline int must_not_trace_exec (struct task_struct *p)
 {
 	return ((p->ptrace & PT_PTRACED) && !(p->ptrace & PT_PTRACE_CAP))
-		|| atomic_read(&current->fs->count) > 1
-		|| atomic_read(&current->files->count) > 1
-		|| atomic_read(&current->sighand->count) > 1;
+		|| atomic_read(&p->fs->count) > 1
+		|| atomic_read(&p->files->count) > 1
+		|| atomic_read(&p->sighand->count) > 1;
 }
 
 void cap_bprm_apply_creds (struct linux_binprm *bprm)
diff -puN security/dummy.c~compute-creds-race-fix-fix-fix security/dummy.c
--- 25/security/dummy.c~compute-creds-race-fix-fix-fix	2004-04-12 02:52:50.300670568 -0700
+++ 25-akpm/security/dummy.c	2004-04-12 02:52:50.306669656 -0700
@@ -174,9 +174,9 @@ static void dummy_bprm_free_security (st
 static inline int must_not_trace_exec (struct task_struct *p)
 {
 	return ((p->ptrace & PT_PTRACED) && !(p->ptrace & PT_PTRACE_CAP))
-		|| atomic_read(&current->fs->count) > 1
-		|| atomic_read(&current->files->count) > 1
-		|| atomic_read(&current->sighand->count) > 1;
+		|| atomic_read(&p->fs->count) > 1
+		|| atomic_read(&p->files->count) > 1
+		|| atomic_read(&p->sighand->count) > 1;
 }
 
 static void dummy_bprm_apply_creds (struct linux_binprm *bprm)

_