SKAS3: add locking around ->mm for PTRACE_SWITCH_MM From: Paolo 'Blaisorblade' Giarrusso x86-64 port of skas-add-locking-for-mm-switch. Original changelog follows. I just discovered that task_lock() and task_unlock() is used to protect task_struct->mm... so this patch makes sure it is used for this purpose in SKAS code. Seeing this comment: /* * Protects ->fs, ->files, ->mm, ->ptrace, ->group_info, ->comm and * synchronises with wait4(). * * Nests both inside and outside of read_lock(&tasklist_lock). * It must not be nested with write_lock_irq(&tasklist_lock), * neither inside nor outside. */ static inline void task_lock(struct task_struct *p) I've verified to some extent that it is called even without holding tasklist_lock (for instance during execve). Signed-off-by: Paolo 'Blaisorblade' Giarrusso --- linux-2.6.git-paolo/arch/x86_64/ia32/ptrace32.c | 2 ++ linux-2.6.git-paolo/arch/x86_64/kernel/ptrace.c | 2 ++ 2 files changed, 4 insertions(+) Index: linux-2.6.git/arch/x86_64/ia32/ptrace32.c =================================================================== --- linux-2.6.git.orig/arch/x86_64/ia32/ptrace32.c +++ linux-2.6.git/arch/x86_64/ia32/ptrace32.c @@ -391,8 +391,10 @@ asmlinkage long sys32_ptrace(long reques } atomic_inc(&new->mm_users); + task_lock(child); child->mm = new; child->active_mm = new; + task_unlock(child); mmput(old); ret = 0; break; Index: linux-2.6.git/arch/x86_64/kernel/ptrace.c =================================================================== --- linux-2.6.git.orig/arch/x86_64/kernel/ptrace.c +++ linux-2.6.git/arch/x86_64/kernel/ptrace.c @@ -610,8 +610,10 @@ long arch_ptrace(struct task_struct *chi } atomic_inc(&new->mm_users); + task_lock(child); child->mm = new; child->active_mm = new; + task_unlock(child); mmput(old); ret = 0; break;