Strictly this is not necessary today, but according to Paul McKenney it's not guaranteed that irq disabled regions will prevent RCU progress. That's a property of the current implementation. In preempt-rt this assumption is not true anymore. Use get_task_cred() to make this future proof. Signed-off-by: Thomas Gleixner Cc: James Morris Cc: linux-security-module@vger.kernel.org --- security/keys/keyctl.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) Index: linux-2.6-tip/security/keys/keyctl.c =================================================================== --- linux-2.6-tip.orig/security/keys/keyctl.c +++ linux-2.6-tip/security/keys/keyctl.c @@ -1237,7 +1237,7 @@ long keyctl_get_security(key_serial_t ke long keyctl_session_to_parent(void) { struct task_struct *me, *parent; - const struct cred *mycred, *pcred; + const struct cred *mycred, *pcred = NULL; struct cred *cred, *oldcred; key_ref_t keyring_r; int ret; @@ -1274,7 +1274,7 @@ long keyctl_session_to_parent(void) /* the parent and the child must have different session keyrings or * there's no point */ mycred = current_cred(); - pcred = __task_cred(parent); + pcred = get_task_cred(parent); if (mycred == pcred || mycred->tgcred->session_keyring == pcred->tgcred->session_keyring) goto already_same; @@ -1312,6 +1312,7 @@ long keyctl_session_to_parent(void) set_ti_thread_flag(task_thread_info(parent), TIF_NOTIFY_RESUME); write_unlock_irq(&tasklist_lock); + put_cred(pcred); if (oldcred) put_cred(oldcred); return 0; @@ -1321,6 +1322,8 @@ already_same: not_permitted: write_unlock_irq(&tasklist_lock); put_cred(cred); + if (pcred) + put_cred(pcred); return ret; error_keyring: -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/