[PATCH] kernel/cred: Fix bug on cred reference count
Edwin van Vliet
released. However, the line is repeated so the old obj ref is released twice
yet the subj ref is not. So either the comment is wrong, or this is simpy a
bug. Releasing the same ref twice seems wrong in any case.
Signed-off-by: Edwin van Vliet <ed...@cheatah.nl>
---
kernel/cred.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/kernel/cred.c b/kernel/cred.c
index 174fa84..2492f08 100644
--- a/kernel/cred.c
+++ b/kernel/cred.c
@@ -537,7 +537,7 @@ int commit_creds(struct cred *new)
/* release the old obj and subj refs both */
put_cred(old);
- put_cred(old);
+ put_cred(new);
return 0;
}
EXPORT_SYMBOL(commit_creds);
--
1.7.5.4
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majo...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
David Howells
> The comment above states that the old obj ref and subj ref should BOTH be
> released. However, the line is repeated so the old obj ref is released twice
> yet the subj ref is not. So either the comment is wrong, or this is simpy a
> bug. Releasing the same ref twice seems wrong in any case.
The comment is correct and the double release is correct.
task_struct has *two* refs to the cred being replaced and both need to be
updated:
current->real_cred - The objective cred
current->cred - The subjective cred
The subjective cred is the one used by a task to access other objects; the
objective cred details how the task is perceived by the outside world and
affects how other tasks act upon it.
Normally a task's two cred pointers point to the same cred, but under some
circumstances (such as in cachefiles), the subjective cred can be overridden.
David