Merge remote-tracking branch 'selinux/next'

author: Stephen Rothwell <sfr@canb.auug.org.au> 2017-02-09 13:31:04 +1100
committer: Stephen Rothwell <sfr@canb.auug.org.au> 2017-02-09 13:31:06 +1100
commit: 51c202457997b7d81d4a013740043aea942d6702 (patch)
tree: 1a2e6a246475b2fdc118a3a547fd33c9417a789a /fs
parent: 8db9f0e1c4029debb2742c36f075e34f98b1aaa6 (diff)
parent: 1ea0ce40690dff38935538e8dab7b12683ded0d3 (diff)
1 files changed, 9 insertions, 4 deletions
diff --git a/fs/proc/base.c b/fs/proc/base.c
index 87c9a9aacda3..c147f10fcaa5 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -2488,6 +2488,12 @@ static ssize_t proc_pid_attr_write(struct file * file, const char __user * buf,
 	length = -ESRCH;
 	if (!task)
 		goto out_no_task;
+
+	/* A task may only write its own attributes. */
+	length = -EACCES;
+	if (current != task)
+		goto out;
+
 	if (count > PAGE_SIZE)
 		count = PAGE_SIZE;
 
@@ -2503,14 +2509,13 @@ static ssize_t proc_pid_attr_write(struct file * file, const char __user * buf,
 	}
 
 	/* Guard against adverse ptrace interaction */
-	length = mutex_lock_interruptible(&task->signal->cred_guard_mutex);
+	length = mutex_lock_interruptible(&current->signal->cred_guard_mutex);
 	if (length < 0)
 		goto out_free;
 
-	length = security_setprocattr(task,
-				      (char*)file->f_path.dentry->d_name.name,
+	length = security_setprocattr(file->f_path.dentry->d_name.name,
 				      page, count);
-	mutex_unlock(&task->signal->cred_guard_mutex);
+	mutex_unlock(&current->signal->cred_guard_mutex);
 out_free:
 	kfree(page);
 out:
author	Stephen Rothwell <sfr@canb.auug.org.au>	2017-02-09 13:31:04 +1100
committer	Stephen Rothwell <sfr@canb.auug.org.au>	2017-02-09 13:31:06 +1100
commit	51c202457997b7d81d4a013740043aea942d6702 (patch)
tree	1a2e6a246475b2fdc118a3a547fd33c9417a789a /fs
parent	8db9f0e1c4029debb2742c36f075e34f98b1aaa6 (diff)
parent	1ea0ce40690dff38935538e8dab7b12683ded0d3 (diff)