pagemap: close races with suid execve, CVE-2011-1020

[linux-flexiantxendom0-natty.git] / fs / proc / task_mmu.c

diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c
index c4bec29..3fe21d5 100644 (file)
--- a/fs/proc/task_mmu.c
+++ b/fs/proc/task_mmu.c
@@ -731,7 +731,8 @@ static ssize_t pagemap_read(struct file *file, char __user *buf,
                goto out;
 
        ret = -EACCES;
-       if (!ptrace_may_access(task, PTRACE_MODE_READ))
+       mm = mm_for_maps(task);
+       if (!mm)
                goto out_task;
 
        ret = -EINVAL;
@@ -744,10 +745,6 @@ static ssize_t pagemap_read(struct file *file, char __user *buf,
        if (!count)
                goto out_task;
 
-       mm = get_task_mm(task);
-       if (!mm)
-               goto out_task;
-
        pm.len = PM_ENTRY_BYTES * (PAGEMAP_WALK_SIZE >> PAGE_SHIFT);
        pm.buffer = kmalloc(pm.len, GFP_TEMPORARY);
        ret = -ENOMEM;