commoncap: don't alloc the credential unless needed in cap_task_prctl - linux-dev - Linux kernel development work

diff options

author	Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>	2014-07-22 21:20:01 +0900
committer	James Morris <james.l.morris@oracle.com>	2014-07-24 21:12:30 +1000
commit	6d6f3328422a3bc56b0d8dd026a5de845d2abfa7 (patch)
tree	51c24037355a91d098568a88f7dd9715dee8008c /crypto/asymmetric_keys/x509_public_key.c
parent	Merge tag 'seccomp-3.17' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux into next (diff)
download	linux-dev-6d6f3328422a3bc56b0d8dd026a5de845d2abfa7.tar.xz linux-dev-6d6f3328422a3bc56b0d8dd026a5de845d2abfa7.zip

commoncap: don't alloc the credential unless needed in cap_task_prctl

In function cap_task_prctl(), we would allocate a credential unconditionally and then check if we support the requested function. If not we would release this credential with abort_creds() by using RCU method. But on some archs such as powerpc, the sys_prctl is heavily used to get/set the floating point exception mode. So the unnecessary allocating/releasing of credential not only introduce runtime overhead but also do cause OOM due to the RCU implementation. This patch removes abort_creds() from cap_task_prctl() by calling prepare_creds() only when we need to modify it. Reported-by: Kevin Hao <haokexin@gmail.com> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Reviewed-by: Paul Moore <paul@paul-moore.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: James Morris <james.l.morris@oracle.com>

Diffstat (limited to 'crypto/asymmetric_keys/x509_public_key.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: