pidfd: Use new infrastructure to fix deadlocks in execve

This changes __pidfd_fget to use the new exec_update_mutex
instead of cred_guard_mutex.

This should be safe, as the credentials do not change
before exec_update_mutex is locked.  Therefore whatever
file access is possible with holding the cred_guard_mutex
here is also possbile with the exec_update_mutex.

Signed-off-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>

diff --git a/kernel/pid.c b/kernel/pid.c
index 60820e7..efd3487 100644 (file)
--- a/kernel/pid.c
+++ b/kernel/pid.c
@@ -577,7 +577,7 @@ static struct file *__pidfd_fget(struct task_struct *task, int fd)
        struct file *file;
        int ret;
 
-       ret = mutex_lock_killable(&task->signal->cred_guard_mutex);
+       ret = mutex_lock_killable(&task->signal->exec_update_mutex);
        if (ret)
                return ERR_PTR(ret);
 
@@ -586,7 +586,7 @@ static struct file *__pidfd_fget(struct task_struct *task, int fd)
        else
                file = ERR_PTR(-EPERM);
 
-       mutex_unlock(&task->signal->cred_guard_mutex);
+       mutex_unlock(&task->signal->exec_update_mutex);
 
        return file ?: ERR_PTR(-EBADF);
 }