linux/security
John Johansen 1780f2d383 AppArmor: Fix sleep in invalid context from task_setrlimit
Affected kernels 2.6.36 - 3.0

AppArmor may do a GFP_KERNEL memory allocation with task_lock(tsk->group_leader);
held when called from security_task_setrlimit.  This will only occur when the
task's current policy has been replaced, and the task's creds have not been
updated before entering the LSM security_task_setrlimit() hook.

BUG: sleeping function called from invalid context at mm/slub.c:847
 in_atomic(): 1, irqs_disabled(): 0, pid: 1583, name: cupsd
 2 locks held by cupsd/1583:
  #0:  (tasklist_lock){.+.+.+}, at: [<ffffffff8104dafa>] do_prlimit+0x61/0x189
  #1:  (&(&p->alloc_lock)->rlock){+.+.+.}, at: [<ffffffff8104db2d>]
do_prlimit+0x94/0x189
 Pid: 1583, comm: cupsd Not tainted 3.0.0-rc2-git1 #7
 Call Trace:
  [<ffffffff8102ebf2>] __might_sleep+0x10d/0x112
  [<ffffffff810e6f46>] slab_pre_alloc_hook.isra.49+0x2d/0x33
  [<ffffffff810e7bc4>] kmem_cache_alloc+0x22/0x132
  [<ffffffff8105b6e6>] prepare_creds+0x35/0xe4
  [<ffffffff811c0675>] aa_replace_current_profile+0x35/0xb2
  [<ffffffff811c4d2d>] aa_current_profile+0x45/0x4c
  [<ffffffff811c4d4d>] apparmor_task_setrlimit+0x19/0x3a
  [<ffffffff811beaa5>] security_task_setrlimit+0x11/0x13
  [<ffffffff8104db6b>] do_prlimit+0xd2/0x189
  [<ffffffff8104dea9>] sys_setrlimit+0x3b/0x48
  [<ffffffff814062bb>] system_call_fastpath+0x16/0x1b

Signed-off-by: John Johansen <john.johansen@canonical.com>
Reported-by: Miles Lane <miles.lane@gmail.com>
Cc: stable@kernel.org
Signed-off-by: James Morris <jmorris@namei.org>
2011-06-09 11:46:53 +10:00
..
apparmor AppArmor: Fix sleep in invalid context from task_setrlimit 2011-06-09 11:46:53 +10:00
integrity/ima
keys Merge branch 'docs-move' of git://git.kernel.org/pub/scm/linux/kernel/git/rdunlap/linux-docs 2011-05-27 10:25:02 -07:00
selinux selinux: simplify and clean up inode_has_perm() 2011-06-08 15:11:56 -07:00
smack Merge branch 'master' of git://git.infradead.org/users/eparis/selinux into for-linus 2011-05-24 23:20:19 +10:00
tomoyo TOMOYO: Fix wrong domainname validation. 2011-05-12 11:07:21 +10:00
capability.c SECURITY: Move exec_permission RCU checks into security modules 2011-04-25 10:20:32 -04:00
commoncap.c capabilities: do not special case exec of init 2011-04-04 10:31:06 +10:00
device_cgroup.c cgroups: add per-thread subsystem callbacks 2011-05-26 17:12:34 -07:00
inode.c
Kconfig
lsm_audit.c LSM: separate LSM_AUDIT_DATA_DENTRY from LSM_AUDIT_DATA_PATH 2011-04-25 18:14:07 -04:00
Makefile
min_addr.c
security.c SECURITY: Move exec_permission RCU checks into security modules 2011-04-25 10:20:32 -04:00