On 10/19/23, Paul Moore <[email protected]> wrote: > On Thu, Oct 19, 2023 at 12:56 PM Mateusz Guzik <[email protected]> wrote: >> On 10/19/23, Paul Moore <[email protected]> wrote: >> > On Thu, Oct 19, 2023 at 10:52 AM Mateusz Guzik <[email protected]> >> > wrote: >> >> On 10/19/23, Paul Moore <[email protected]> wrote: >> >> > Thinking about it a bit more this morning, I think we can safely >> >> > ignore the non-@current case in audit_exe_compare() as the whole >> >> > point >> >> > of the audit exe filter is to record the actions of processes >> >> > instantiated from that executable file; if the @current task is not >> >> > being logged/filtered, we shouldn't have to worry about the exe >> >> > filter. >> >> >> >> I did a quick stab at figuring out whether one can get there with >> >> non-current to begin with, but did not convince myself it is not >> >> possible. >> >> >> >> That said, should you repost, I think refing and unrefing mm should be >> >> a >> >> voided. >> > >> > We have to deref current->mm to get the exe_file, but so long as we >> > get a reference with mmget()/mmput() it should be safe, no? >> >> For task == current the very condition which allows you to safely >> mmget also makes the operation redundant -- current already has a ref >> on mm for as long as it executes. > > I've been using the move_pages(2) syscall code as an example and in > the find_mm_struct() function the code either does a mmget() if > accessing current->mm or a get_task_mm() if accessing an arbitrary > task. > > -> SYSCALL_DEFINE6(move_pages, ...) > -> kernel_move_pages(...) > -> find_mm_struct(...) > > What am I missing? >
To my reading they did not want to special-case it in the caller -- they just mmput regardless of what task is. Again, you may notice there are no locks held in that usecase. The pointer is blindly derefed and a refcount bumped. For this to be safe, it has to be guaranteed > 0 already, which it is for a task accessing it's own mm struct. You can find the releasing mmput in exit -> do_exit -> exit_mm callchain. -- Mateusz Guzik <mjguzik gmail.com>
