From patchwork Thu Nov 7 00:57:17 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vinicius Costa Gomes X-Patchwork-Id: 13865678 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C3238D515; Thu, 7 Nov 2024 00:57:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.11 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730941064; cv=none; b=Pfnh8Mqw+fw7f6hY5VvAHmU3QSt8gz6CjxeZl5cWbow/US8yrsoQFbD0IFpTvxfnIsf863RMAoKaSTvc8PXK5PE1fbBTvcQ+XLQ1VMrULHChyL8NJC5wgVrFxV44/N3Or2MRWgqpJLiz9ZddMr6dz+sgpPykJuMImEfPvz1wo8k= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730941064; c=relaxed/simple; bh=Wd/qbg0Eyo7dMUuoAAhNI1ZG5Rq7Hpgl5iQzNCWNzk8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=L/vq7tY0Wp+vm+emajsbwws2mH/3eC3y/xalaRUePpI4C+6lth+AXnIi9HpSLxw0iLLtO6akCzGVcnF98h6ZKgFMQZ2ojepgnsFupotIr5CksjnLc+0RO001hxRAIIVrakQPgfJuBtA3FtSUwg1YorMFP2nxKtfB13HJUhB13lI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=G78dOpJK; arc=none smtp.client-ip=198.175.65.11 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="G78dOpJK" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1730941063; x=1762477063; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Wd/qbg0Eyo7dMUuoAAhNI1ZG5Rq7Hpgl5iQzNCWNzk8=; b=G78dOpJKfgCcKkVWWVvz7StR1fk75r5ufqBvpHtfZOYI+kTjqGjD7UlV X6EQaHLllV0JsV7JOl8WjMdSZFbJ3Pg1+SaxA9wj9hrLMsvgBiLjCNTMf WMByZRBV2BaSTLADATHdPf6jBU1NZ6ySiPsub6lsOXtO2pgnS3O9n/nmM AUsc2jMKwVxT3eLbbSWcRFXEFV2iBLzYSCfyuk8FBUKGJg8rTkEr7F2yy EVCDGkozsfjEHKey++siiH/SELbWfhUJbVVtwvtnoG4CENE+R7k3NdRSR /gh/iH8XwdyK+73mheMD/Cdt//IkOBun6mjTXpiKISPySLxOtHG5vkIhc w==; X-CSE-ConnectionGUID: HoyvKaILTMqgC+OIYoCe6Q== X-CSE-MsgGUID: rb/HBLl5Q0ejSpsgThwtMA== X-IronPort-AV: E=McAfee;i="6700,10204,11222"; a="41320183" X-IronPort-AV: E=Sophos;i="6.11,199,1725346800"; d="scan'208";a="41320183" Received: from fmviesa010.fm.intel.com ([10.60.135.150]) by orvoesa103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Nov 2024 16:57:42 -0800 X-CSE-ConnectionGUID: BvKh602rSHG+B2y9z+RxzQ== X-CSE-MsgGUID: 8cuCYh0pTyWFUUDOcdyiow== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,264,1725346800"; d="scan'208";a="85193423" Received: from rfrazer-mobl3.amr.corp.intel.com (HELO vcostago-mobl3.lan) ([10.124.222.105]) by fmviesa010-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Nov 2024 16:57:41 -0800 From: Vinicius Costa Gomes To: brauner@kernel.org, amir73il@gmail.com, hu1.chen@intel.com Cc: miklos@szeredi.hu, malini.bhandaru@intel.com, tim.c.chen@intel.com, mikko.ylinen@intel.com, linux-unionfs@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, Vinicius Costa Gomes Subject: [PATCH v4 1/4] cred: Add a light version of override/revert_creds() Date: Wed, 6 Nov 2024 16:57:17 -0800 Message-ID: <20241107005720.901335-2-vinicius.gomes@intel.com> X-Mailer: git-send-email 2.47.0 In-Reply-To: <20241107005720.901335-1-vinicius.gomes@intel.com> References: <20241107005720.901335-1-vinicius.gomes@intel.com> Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Add a light version of override/revert_creds(), this should only be used when the credentials in question will outlive the critical section and the critical section doesn't change the ->usage of the credentials. Suggested-by: Christian Brauner Signed-off-by: Vinicius Costa Gomes --- include/linux/cred.h | 18 ++++++++++++++++++ kernel/cred.c | 6 +++--- 2 files changed, 21 insertions(+), 3 deletions(-) diff --git a/include/linux/cred.h b/include/linux/cred.h index 2976f534a7a3..e4a3155fe409 100644 --- a/include/linux/cred.h +++ b/include/linux/cred.h @@ -172,6 +172,24 @@ static inline bool cap_ambient_invariant_ok(const struct cred *cred) cred->cap_inheritable)); } +/* + * Override creds without bumping reference count. Caller must ensure + * reference remains valid or has taken reference. Almost always not the + * interface you want. Use override_creds()/revert_creds() instead. + */ +static inline const struct cred *override_creds_light(const struct cred *override_cred) +{ + const struct cred *old = current->cred; + + rcu_assign_pointer(current->cred, override_cred); + return old; +} + +static inline void revert_creds_light(const struct cred *revert_cred) +{ + rcu_assign_pointer(current->cred, revert_cred); +} + /** * get_new_cred_many - Get references on a new set of credentials * @cred: The new credentials to reference diff --git a/kernel/cred.c b/kernel/cred.c index 075cfa7c896f..da7da250f7c8 100644 --- a/kernel/cred.c +++ b/kernel/cred.c @@ -485,7 +485,7 @@ EXPORT_SYMBOL(abort_creds); */ const struct cred *override_creds(const struct cred *new) { - const struct cred *old = current->cred; + const struct cred *old; kdebug("override_creds(%p{%ld})", new, atomic_long_read(&new->usage)); @@ -499,7 +499,7 @@ const struct cred *override_creds(const struct cred *new) * visible to other threads under RCU. */ get_new_cred((struct cred *)new); - rcu_assign_pointer(current->cred, new); + old = override_creds_light(new); kdebug("override_creds() = %p{%ld}", old, atomic_long_read(&old->usage)); @@ -521,7 +521,7 @@ void revert_creds(const struct cred *old) kdebug("revert_creds(%p{%ld})", old, atomic_long_read(&old->usage)); - rcu_assign_pointer(current->cred, old); + revert_creds_light(old); put_cred(override); } EXPORT_SYMBOL(revert_creds); From patchwork Thu Nov 7 00:57:18 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vinicius Costa Gomes X-Patchwork-Id: 13865679 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D51F1DDA9; Thu, 7 Nov 2024 00:57:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.11 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730941066; cv=none; b=k19raEAz2nESOh3ojzFxhti6JaHaMckj+whD/4wON+oP/blF/YbCTkQF09NsGPfefqfxhOkUEynv4h6ti/LhAeO5iA6a5RhViO70o+YTFHBNXcGAPsfnF+ulHRuNQafaaa0TDcVYoafV96TVtYUgcb0pQMPiaEXEU62IeN6YZbs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730941066; c=relaxed/simple; bh=Nv/kEc4CVTqwYdLKuLpdo5expB9qETdFqCz08KbSXzQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=X0J3Nk0qepNdMYq8iYc3fcipBdhs7fWnwAb4nUUqakhRnlLvPY9/bZCuFlnKPUKOiRoDW7zSbnvvIRdCt6/GbUTQ7u7zp8aItw66210LauKh06KuHWWlRGd7OwRAaxSF3m0CmAQ77f9EzwNZH0NqRLAzASl3/v/3nPJHmrjOj7Y= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=mgB3nxIv; arc=none smtp.client-ip=198.175.65.11 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="mgB3nxIv" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1730941065; x=1762477065; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Nv/kEc4CVTqwYdLKuLpdo5expB9qETdFqCz08KbSXzQ=; b=mgB3nxIvWJWRd1eZBEaQntHX8BFfu+jwuGoEV5tjIy2ljcREd8KDFxIG zbf0+WHlU7dO9EAEU8s0BxnDzZ/TffI5ljpR1RkZgVvAP6pl7bu0hD1Do TuXmeaFvf+XXEnN+587LvHrQaO2uYe+IIQOyxtdGNhGgDaoKdkUxjsvWy 80XV+0OZTtJkLr/3kBtRHDCi61mVC4pgpGvb7eeX7hx3+WybNoZ1HlVh+ BFX6Y7B8v6vVxbXzd5ynlGXfLKcKmyo++ruASWc+kLMjSHRwXeOUMxS0D gQ0/CbsGw7/8ioUQAvf29qD4NAiix/WQ5KUj7pmI4mzYmtCbcTTQYkatJ A==; X-CSE-ConnectionGUID: WEDjjHoYT2ec6k3Fa6AvOg== X-CSE-MsgGUID: yhjgoDMzSUui9/CvBbPjgw== X-IronPort-AV: E=McAfee;i="6700,10204,11222"; a="41320187" X-IronPort-AV: E=Sophos;i="6.11,199,1725346800"; d="scan'208";a="41320187" Received: from fmviesa010.fm.intel.com ([10.60.135.150]) by orvoesa103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Nov 2024 16:57:42 -0800 X-CSE-ConnectionGUID: JoIOGtVlQI+5hQCAKFKVNg== X-CSE-MsgGUID: A+8Ikt7yR8OeZ4wxzda/RQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,264,1725346800"; d="scan'208";a="85193431" Received: from rfrazer-mobl3.amr.corp.intel.com (HELO vcostago-mobl3.lan) ([10.124.222.105]) by fmviesa010-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Nov 2024 16:57:42 -0800 From: Vinicius Costa Gomes To: brauner@kernel.org, amir73il@gmail.com, hu1.chen@intel.com Cc: miklos@szeredi.hu, malini.bhandaru@intel.com, tim.c.chen@intel.com, mikko.ylinen@intel.com, linux-unionfs@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, Vinicius Costa Gomes Subject: [PATCH v4 2/4] fs/backing-file: Convert to revert/override_creds_light() Date: Wed, 6 Nov 2024 16:57:18 -0800 Message-ID: <20241107005720.901335-3-vinicius.gomes@intel.com> X-Mailer: git-send-email 2.47.0 In-Reply-To: <20241107005720.901335-1-vinicius.gomes@intel.com> References: <20241107005720.901335-1-vinicius.gomes@intel.com> Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 As the credentials used by backing-file are long lived in relation to the critical section (override_creds() -> revert_creds()) we can replace them by their lighter alternatives. Signed-off-by: Vinicius Costa Gomes --- fs/backing-file.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/fs/backing-file.c b/fs/backing-file.c index a38737592ec7..526ddb4d6f76 100644 --- a/fs/backing-file.c +++ b/fs/backing-file.c @@ -176,7 +176,7 @@ ssize_t backing_file_read_iter(struct file *file, struct iov_iter *iter, !(file->f_mode & FMODE_CAN_ODIRECT)) return -EINVAL; - old_cred = override_creds(ctx->cred); + old_cred = override_creds_light(ctx->cred); if (is_sync_kiocb(iocb)) { rwf_t rwf = iocb_to_rw_flags(flags); @@ -197,7 +197,7 @@ ssize_t backing_file_read_iter(struct file *file, struct iov_iter *iter, backing_aio_cleanup(aio, ret); } out: - revert_creds(old_cred); + revert_creds_light(old_cred); if (ctx->accessed) ctx->accessed(iocb->ki_filp); @@ -233,7 +233,7 @@ ssize_t backing_file_write_iter(struct file *file, struct iov_iter *iter, */ flags &= ~IOCB_DIO_CALLER_COMP; - old_cred = override_creds(ctx->cred); + old_cred = override_creds_light(ctx->cred); if (is_sync_kiocb(iocb)) { rwf_t rwf = iocb_to_rw_flags(flags); @@ -264,7 +264,7 @@ ssize_t backing_file_write_iter(struct file *file, struct iov_iter *iter, backing_aio_cleanup(aio, ret); } out: - revert_creds(old_cred); + revert_creds_light(old_cred); return ret; } @@ -281,9 +281,9 @@ ssize_t backing_file_splice_read(struct file *in, struct kiocb *iocb, if (WARN_ON_ONCE(!(in->f_mode & FMODE_BACKING))) return -EIO; - old_cred = override_creds(ctx->cred); + old_cred = override_creds_light(ctx->cred); ret = vfs_splice_read(in, &iocb->ki_pos, pipe, len, flags); - revert_creds(old_cred); + revert_creds_light(old_cred); if (ctx->accessed) ctx->accessed(iocb->ki_filp); @@ -310,11 +310,11 @@ ssize_t backing_file_splice_write(struct pipe_inode_info *pipe, if (ret) return ret; - old_cred = override_creds(ctx->cred); + old_cred = override_creds_light(ctx->cred); file_start_write(out); ret = out->f_op->splice_write(pipe, out, &iocb->ki_pos, len, flags); file_end_write(out); - revert_creds(old_cred); + revert_creds_light(old_cred); if (ctx->end_write) ctx->end_write(iocb, ret); @@ -337,9 +337,9 @@ int backing_file_mmap(struct file *file, struct vm_area_struct *vma, vma_set_file(vma, file); - old_cred = override_creds(ctx->cred); + old_cred = override_creds_light(ctx->cred); ret = call_mmap(vma->vm_file, vma); - revert_creds(old_cred); + revert_creds_light(old_cred); if (ctx->accessed) ctx->accessed(vma->vm_file); From patchwork Thu Nov 7 00:57:19 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vinicius Costa Gomes X-Patchwork-Id: 13865682 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 80A8010A1F; Thu, 7 Nov 2024 00:57:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.11 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730941068; cv=none; b=ak46VY601t8nTjb6b2792qYxMBWz0F2lPfoqR/0asxK76JkRIEm/KH5yWNb7kF2X3PKdC3CZLUDtw4CeqaZbT4nN51aSGSPT7KgRkefhwM6PegyZwrhMD5ZkLU16wpn/Zgl2tWXqYUn84WeDbyHv4kXJQb4DvNcO9x288pL4LMw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730941068; c=relaxed/simple; bh=BgP7CUVEi1v7wLqOlPeBJI6W/NpcpFWJok8RKMmKwVM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=rLqFfGZExyx0GoZbAjFpu9yTlDJRWQDOVS8ZPuZoJ5BBNx39uyEz6diIQpd2eIE6B2Vrnk+L7Z5Y3k56hP9aZbF+PJBxWRrbA1kTz/Z5CRHLvT/gjJFi+Ggprk/GSYJA8KTLsOPSD8HX6rhS/UtxYDD/AlonA6azGtlaLereLag= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=kv1oxmmc; arc=none smtp.client-ip=198.175.65.11 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="kv1oxmmc" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1730941066; x=1762477066; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=BgP7CUVEi1v7wLqOlPeBJI6W/NpcpFWJok8RKMmKwVM=; b=kv1oxmmcJx4zB7/XuG542tH+DVtGmAVOP0jEezt0uEOq0nt7uMXVw+Lu sQsbvwLzcju4c+DzLlYHXhQmDDkXGFbhwUGnjW9vMiQU/crAZQ8/0+vaj GyZs64yab68g42cjSdGwgAPmOV40lYUJwgzTGmSRb1BsbNFiGpJ4vsqxx EcP7jZqhKQhatx3OFI0UcA1mqzZIMqhLiR+D4PGKlNSy+VRSCD4ozNqM7 1n7W1hp4+YUHsaeqBQI3GScugfFAAM47VJqgm1QF+XYXTetWUvWT4PTcv xtPYnKeipQKFZ8T/+bM0DZShoWUoAENRZeduV7GBTaPzwatWZbbdPAspd Q==; X-CSE-ConnectionGUID: YyAT43I/R9GWYaQ1sW9cBQ== X-CSE-MsgGUID: GLmnOKHmQ7Ka4R+Jm4ZxRw== X-IronPort-AV: E=McAfee;i="6700,10204,11222"; a="41320194" X-IronPort-AV: E=Sophos;i="6.11,199,1725346800"; d="scan'208";a="41320194" Received: from fmviesa010.fm.intel.com ([10.60.135.150]) by orvoesa103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Nov 2024 16:57:43 -0800 X-CSE-ConnectionGUID: 1EG1mS+WRuC1KdsV4VzkpQ== X-CSE-MsgGUID: ftjVFDwwTmCUR5pMu5MA/w== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,264,1725346800"; d="scan'208";a="85193440" Received: from rfrazer-mobl3.amr.corp.intel.com (HELO vcostago-mobl3.lan) ([10.124.222.105]) by fmviesa010-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Nov 2024 16:57:42 -0800 From: Vinicius Costa Gomes To: brauner@kernel.org, amir73il@gmail.com, hu1.chen@intel.com Cc: miklos@szeredi.hu, malini.bhandaru@intel.com, tim.c.chen@intel.com, mikko.ylinen@intel.com, linux-unionfs@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, Vinicius Costa Gomes Subject: [PATCH v4 3/4] ovl: use wrapper ovl_revert_creds() Date: Wed, 6 Nov 2024 16:57:19 -0800 Message-ID: <20241107005720.901335-4-vinicius.gomes@intel.com> X-Mailer: git-send-email 2.47.0 In-Reply-To: <20241107005720.901335-1-vinicius.gomes@intel.com> References: <20241107005720.901335-1-vinicius.gomes@intel.com> Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Introduce ovl_revert_creds() wrapper of revert_creds() to match callers of ovl_override_creds(). Suggested-by: Amir Goldstein Signed-off-by: Vinicius Costa Gomes Signed-off-by: Amir Goldstein --- fs/overlayfs/copy_up.c | 2 +- fs/overlayfs/dir.c | 10 +++++----- fs/overlayfs/file.c | 14 +++++++------- fs/overlayfs/inode.c | 20 ++++++++++---------- fs/overlayfs/namei.c | 10 +++++----- fs/overlayfs/overlayfs.h | 1 + fs/overlayfs/readdir.c | 8 ++++---- fs/overlayfs/util.c | 9 +++++++-- fs/overlayfs/xattrs.c | 9 ++++----- 9 files changed, 44 insertions(+), 39 deletions(-) diff --git a/fs/overlayfs/copy_up.c b/fs/overlayfs/copy_up.c index 2ed6ad641a20..dafd1c71b977 100644 --- a/fs/overlayfs/copy_up.c +++ b/fs/overlayfs/copy_up.c @@ -1260,7 +1260,7 @@ static int ovl_copy_up_flags(struct dentry *dentry, int flags) dput(parent); dput(next); } - revert_creds(old_cred); + ovl_revert_creds(old_cred); return err; } diff --git a/fs/overlayfs/dir.c b/fs/overlayfs/dir.c index ab65e98a1def..09db5eb19242 100644 --- a/fs/overlayfs/dir.c +++ b/fs/overlayfs/dir.c @@ -621,7 +621,7 @@ static int ovl_create_or_link(struct dentry *dentry, struct inode *inode, err = ovl_create_over_whiteout(dentry, inode, attr); out_revert_creds: - revert_creds(old_cred); + ovl_revert_creds(old_cred); return err; } @@ -702,7 +702,7 @@ static int ovl_set_link_redirect(struct dentry *dentry) old_cred = ovl_override_creds(dentry->d_sb); err = ovl_set_redirect(dentry, false); - revert_creds(old_cred); + ovl_revert_creds(old_cred); return err; } @@ -912,7 +912,7 @@ static int ovl_do_remove(struct dentry *dentry, bool is_dir) err = ovl_remove_upper(dentry, is_dir, &list); else err = ovl_remove_and_whiteout(dentry, &list); - revert_creds(old_cred); + ovl_revert_creds(old_cred); if (!err) { if (is_dir) clear_nlink(dentry->d_inode); @@ -1292,7 +1292,7 @@ static int ovl_rename(struct mnt_idmap *idmap, struct inode *olddir, out_unlock: unlock_rename(new_upperdir, old_upperdir); out_revert_creds: - revert_creds(old_cred); + ovl_revert_creds(old_cred); if (update_nlink) ovl_nlink_end(new); else @@ -1337,7 +1337,7 @@ static int ovl_create_tmpfile(struct file *file, struct dentry *dentry, fput(realfile); } out_revert_creds: - revert_creds(old_cred); + ovl_revert_creds(old_cred); return err; } diff --git a/fs/overlayfs/file.c b/fs/overlayfs/file.c index 12c4d502ff91..608a88ff8d81 100644 --- a/fs/overlayfs/file.c +++ b/fs/overlayfs/file.c @@ -51,7 +51,7 @@ static struct file *ovl_open_realfile(const struct file *file, realfile = backing_file_open(&file->f_path, flags, realpath, current_cred()); } - revert_creds(old_cred); + ovl_revert_creds(old_cred); pr_debug("open(%p[%pD2/%c], 0%o) -> (%p, 0%o)\n", file, file, ovl_whatisit(inode, realinode), file->f_flags, @@ -215,7 +215,7 @@ static loff_t ovl_llseek(struct file *file, loff_t offset, int whence) old_cred = ovl_override_creds(inode->i_sb); ret = vfs_llseek(fd_file(real), offset, whence); - revert_creds(old_cred); + ovl_revert_creds(old_cred); file->f_pos = fd_file(real)->f_pos; ovl_inode_unlock(inode); @@ -412,7 +412,7 @@ static int ovl_fsync(struct file *file, loff_t start, loff_t end, int datasync) if (file_inode(fd_file(real)) == ovl_inode_upper(file_inode(file))) { old_cred = ovl_override_creds(file_inode(file)->i_sb); ret = vfs_fsync_range(fd_file(real), start, end, datasync); - revert_creds(old_cred); + ovl_revert_creds(old_cred); } fdput(real); @@ -451,7 +451,7 @@ static long ovl_fallocate(struct file *file, int mode, loff_t offset, loff_t len old_cred = ovl_override_creds(file_inode(file)->i_sb); ret = vfs_fallocate(fd_file(real), mode, offset, len); - revert_creds(old_cred); + ovl_revert_creds(old_cred); /* Update size */ ovl_file_modified(file); @@ -476,7 +476,7 @@ static int ovl_fadvise(struct file *file, loff_t offset, loff_t len, int advice) old_cred = ovl_override_creds(file_inode(file)->i_sb); ret = vfs_fadvise(fd_file(real), offset, len, advice); - revert_creds(old_cred); + ovl_revert_creds(old_cred); fdput(real); @@ -535,7 +535,7 @@ static loff_t ovl_copyfile(struct file *file_in, loff_t pos_in, flags); break; } - revert_creds(old_cred); + ovl_revert_creds(old_cred); /* Update size */ ovl_file_modified(file_out); @@ -597,7 +597,7 @@ static int ovl_flush(struct file *file, fl_owner_t id) if (fd_file(real)->f_op->flush) { old_cred = ovl_override_creds(file_inode(file)->i_sb); err = fd_file(real)->f_op->flush(fd_file(real), id); - revert_creds(old_cred); + ovl_revert_creds(old_cred); } fdput(real); diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c index 35fd3e3e1778..6c3add3801be 100644 --- a/fs/overlayfs/inode.c +++ b/fs/overlayfs/inode.c @@ -80,7 +80,7 @@ int ovl_setattr(struct mnt_idmap *idmap, struct dentry *dentry, inode_lock(upperdentry->d_inode); old_cred = ovl_override_creds(dentry->d_sb); err = ovl_do_notify_change(ofs, upperdentry, attr); - revert_creds(old_cred); + ovl_revert_creds(old_cred); if (!err) ovl_copyattr(dentry->d_inode); inode_unlock(upperdentry->d_inode); @@ -280,7 +280,7 @@ int ovl_getattr(struct mnt_idmap *idmap, const struct path *path, stat->nlink = dentry->d_inode->i_nlink; out: - revert_creds(old_cred); + ovl_revert_creds(old_cred); return err; } @@ -317,7 +317,7 @@ int ovl_permission(struct mnt_idmap *idmap, mask |= MAY_READ; } err = inode_permission(mnt_idmap(realpath.mnt), realinode, mask); - revert_creds(old_cred); + ovl_revert_creds(old_cred); return err; } @@ -334,7 +334,7 @@ static const char *ovl_get_link(struct dentry *dentry, old_cred = ovl_override_creds(dentry->d_sb); p = vfs_get_link(ovl_dentry_real(dentry), done); - revert_creds(old_cred); + ovl_revert_creds(old_cred); return p; } @@ -469,7 +469,7 @@ struct posix_acl *do_ovl_get_acl(struct mnt_idmap *idmap, old_cred = ovl_override_creds(inode->i_sb); acl = ovl_get_acl_path(&realpath, posix_acl_xattr_name(type), noperm); - revert_creds(old_cred); + ovl_revert_creds(old_cred); } return acl; @@ -498,7 +498,7 @@ static int ovl_set_or_remove_acl(struct dentry *dentry, struct inode *inode, old_cred = ovl_override_creds(dentry->d_sb); real_acl = vfs_get_acl(mnt_idmap(realpath.mnt), realdentry, acl_name); - revert_creds(old_cred); + ovl_revert_creds(old_cred); if (IS_ERR(real_acl)) { err = PTR_ERR(real_acl); goto out; @@ -523,7 +523,7 @@ static int ovl_set_or_remove_acl(struct dentry *dentry, struct inode *inode, err = ovl_do_set_acl(ofs, realdentry, acl_name, acl); else err = ovl_do_remove_acl(ofs, realdentry, acl_name); - revert_creds(old_cred); + ovl_revert_creds(old_cred); ovl_drop_write(dentry); /* copy c/mtime */ @@ -600,7 +600,7 @@ static int ovl_fiemap(struct inode *inode, struct fiemap_extent_info *fieinfo, old_cred = ovl_override_creds(inode->i_sb); err = realinode->i_op->fiemap(realinode, fieinfo, start, len); - revert_creds(old_cred); + ovl_revert_creds(old_cred); return err; } @@ -671,7 +671,7 @@ int ovl_fileattr_set(struct mnt_idmap *idmap, err = ovl_set_protattr(inode, upperpath.dentry, fa); if (!err) err = ovl_real_fileattr_set(&upperpath, fa); - revert_creds(old_cred); + ovl_revert_creds(old_cred); ovl_drop_write(dentry); /* @@ -733,7 +733,7 @@ int ovl_fileattr_get(struct dentry *dentry, struct fileattr *fa) old_cred = ovl_override_creds(inode->i_sb); err = ovl_real_fileattr_get(&realpath, fa); ovl_fileattr_prot_flags(inode, fa); - revert_creds(old_cred); + ovl_revert_creds(old_cred); return err; } diff --git a/fs/overlayfs/namei.c b/fs/overlayfs/namei.c index 5764f91d283e..7e27b7d4adee 100644 --- a/fs/overlayfs/namei.c +++ b/fs/overlayfs/namei.c @@ -961,7 +961,7 @@ static int ovl_maybe_validate_verity(struct dentry *dentry) if (err == 0) ovl_set_flag(OVL_VERIFIED_DIGEST, inode); - revert_creds(old_cred); + ovl_revert_creds(old_cred); } ovl_inode_unlock(inode); @@ -995,7 +995,7 @@ static int ovl_maybe_lookup_lowerdata(struct dentry *dentry) old_cred = ovl_override_creds(dentry->d_sb); err = ovl_lookup_data_layers(dentry, redirect, &datapath); - revert_creds(old_cred); + ovl_revert_creds(old_cred); if (err) goto out_err; @@ -1342,7 +1342,7 @@ struct dentry *ovl_lookup(struct inode *dir, struct dentry *dentry, ovl_dentry_init_reval(dentry, upperdentry, OVL_I_E(inode)); - revert_creds(old_cred); + ovl_revert_creds(old_cred); if (origin_path) { dput(origin_path->dentry); kfree(origin_path); @@ -1366,7 +1366,7 @@ struct dentry *ovl_lookup(struct inode *dir, struct dentry *dentry, kfree(upperredirect); out: kfree(d.redirect); - revert_creds(old_cred); + ovl_revert_creds(old_cred); return ERR_PTR(err); } @@ -1423,7 +1423,7 @@ bool ovl_lower_positive(struct dentry *dentry) dput(this); } } - revert_creds(old_cred); + ovl_revert_creds(old_cred); return positive; } diff --git a/fs/overlayfs/overlayfs.h b/fs/overlayfs/overlayfs.h index 0bfe35da4b7b..7b7a6e3a43e2 100644 --- a/fs/overlayfs/overlayfs.h +++ b/fs/overlayfs/overlayfs.h @@ -429,6 +429,7 @@ int ovl_want_write(struct dentry *dentry); void ovl_drop_write(struct dentry *dentry); struct dentry *ovl_workdir(struct dentry *dentry); const struct cred *ovl_override_creds(struct super_block *sb); +void ovl_revert_creds(const struct cred *old_cred); static inline const struct cred *ovl_creds(struct super_block *sb) { diff --git a/fs/overlayfs/readdir.c b/fs/overlayfs/readdir.c index 0ca8af060b0c..881ec5592da5 100644 --- a/fs/overlayfs/readdir.c +++ b/fs/overlayfs/readdir.c @@ -290,7 +290,7 @@ static int ovl_check_whiteouts(const struct path *path, struct ovl_readdir_data } inode_unlock(dir->d_inode); } - revert_creds(old_cred); + ovl_revert_creds(old_cred); return err; } @@ -808,7 +808,7 @@ static int ovl_iterate(struct file *file, struct dir_context *ctx) } err = 0; out: - revert_creds(old_cred); + ovl_revert_creds(old_cred); return err; } @@ -860,7 +860,7 @@ static struct file *ovl_dir_open_realfile(const struct file *file, old_cred = ovl_override_creds(file_inode(file)->i_sb); res = ovl_path_open(realpath, O_RDONLY | (file->f_flags & O_LARGEFILE)); - revert_creds(old_cred); + ovl_revert_creds(old_cred); return res; } @@ -987,7 +987,7 @@ int ovl_check_empty_dir(struct dentry *dentry, struct list_head *list) old_cred = ovl_override_creds(dentry->d_sb); err = ovl_dir_read_merged(dentry, list, &root); - revert_creds(old_cred); + ovl_revert_creds(old_cred); if (err) return err; diff --git a/fs/overlayfs/util.c b/fs/overlayfs/util.c index edc9216f6e27..9408046f4f41 100644 --- a/fs/overlayfs/util.c +++ b/fs/overlayfs/util.c @@ -68,6 +68,11 @@ const struct cred *ovl_override_creds(struct super_block *sb) return override_creds(ofs->creator_cred); } +void ovl_revert_creds(const struct cred *old_cred) +{ + revert_creds(old_cred); +} + /* * Check if underlying fs supports file handles and try to determine encoding * type, in order to deduce maximum inode number used by fs. @@ -1178,7 +1183,7 @@ int ovl_nlink_start(struct dentry *dentry) * value relative to the upper inode nlink in an upper inode xattr. */ err = ovl_set_nlink_upper(dentry); - revert_creds(old_cred); + ovl_revert_creds(old_cred); if (err) goto out_drop_write; @@ -1203,7 +1208,7 @@ void ovl_nlink_end(struct dentry *dentry) old_cred = ovl_override_creds(dentry->d_sb); ovl_cleanup_index(dentry); - revert_creds(old_cred); + ovl_revert_creds(old_cred); } ovl_inode_unlock(inode); diff --git a/fs/overlayfs/xattrs.c b/fs/overlayfs/xattrs.c index 383978e4663c..88055deca936 100644 --- a/fs/overlayfs/xattrs.c +++ b/fs/overlayfs/xattrs.c @@ -47,7 +47,7 @@ static int ovl_xattr_set(struct dentry *dentry, struct inode *inode, const char ovl_path_lower(dentry, &realpath); old_cred = ovl_override_creds(dentry->d_sb); err = vfs_getxattr(mnt_idmap(realpath.mnt), realdentry, name, NULL, 0); - revert_creds(old_cred); + ovl_revert_creds(old_cred); if (err < 0) goto out; } @@ -72,7 +72,7 @@ static int ovl_xattr_set(struct dentry *dentry, struct inode *inode, const char WARN_ON(flags != XATTR_REPLACE); err = ovl_do_removexattr(ofs, realdentry, name); } - revert_creds(old_cred); + ovl_revert_creds(old_cred); ovl_drop_write(dentry); /* copy c/mtime */ @@ -91,7 +91,7 @@ static int ovl_xattr_get(struct dentry *dentry, struct inode *inode, const char ovl_i_path_real(inode, &realpath); old_cred = ovl_override_creds(dentry->d_sb); res = vfs_getxattr(mnt_idmap(realpath.mnt), realpath.dentry, name, value, size); - revert_creds(old_cred); + ovl_revert_creds(old_cred); return res; } @@ -121,7 +121,7 @@ ssize_t ovl_listxattr(struct dentry *dentry, char *list, size_t size) old_cred = ovl_override_creds(dentry->d_sb); res = vfs_listxattr(realdentry, list, size); - revert_creds(old_cred); + ovl_revert_creds(old_cred); if (res <= 0 || size == 0) return res; @@ -268,4 +268,3 @@ const struct xattr_handler * const *ovl_xattr_handlers(struct ovl_fs *ofs) return ofs->config.userxattr ? ovl_user_xattr_handlers : ovl_trusted_xattr_handlers; } - From patchwork Thu Nov 7 00:57:20 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vinicius Costa Gomes X-Patchwork-Id: 13865681 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C736514F70; Thu, 7 Nov 2024 00:57:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.11 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730941068; cv=none; b=ohenuRwp/dQjSmf+A5FzGUGW+jdigIHky2fUbmbERpDM42arL0Ard+/Ugk2xgG7+JZ9OXWQwxxLDaV/w8eEWHCHb1n2lr4fYe55NY6tN0KvJKsF4SFr8jKb1ZwX3XuKG+unPlIMyKsT0phHFIOjrfFHZP5cTEjt14/q5O4ZBfXE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730941068; c=relaxed/simple; bh=lvczs+KGO/SNLRad/bgNhITn0FjIxg1/VkTgbqju/bE=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Y6L8nT6BJpVu6ffp19c3PDnl8f/RSL1DWvHrwg8wC1/x61fCwFyht+ogKvWo+0insTuHTtkFMoYDLua5GYt1zuPFdP2Kb48GXpDWLqlEykSAQrHsBhpIhZkbgDigsNgDTXAz1CwXWbeuwF5JXpcE4kvPLZg+JRF4To75kLi1D8k= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=WDik/j1G; arc=none smtp.client-ip=198.175.65.11 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="WDik/j1G" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1730941067; x=1762477067; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=lvczs+KGO/SNLRad/bgNhITn0FjIxg1/VkTgbqju/bE=; b=WDik/j1GmQ2wwfIFCn0oSDu7l/4Xh4+kRuzuisHTlNJIyIio9RoUkD2k g+yOvSUqh2NeUCB+OyOUbCaxey8RMxVYP8xygHBIdjnxe+4UcGHMjmhey g2kgxZpEUZNXEwGUCxRfnCllP5etIeQdwPJ1sQcAxrVOENS6hU+2Bqgt2 iVXhJEUxdjo5x4MC+qnxGqcq2980Lb78z+eXDZSUha+CdmphEL6NinzSZ 3/e7uU2jTzlYn8X587YXTfY9Nq7iQhzJ+X08JJV/qYaM3LsQpgg/Dr9ra nD+54nt3FEG84p5jTLgsl5mjegEFYFDy0XyEpL9hrHfKMTEHu+GQCXEzh A==; X-CSE-ConnectionGUID: by8ZH7PURNWxjzj3sQZovQ== X-CSE-MsgGUID: OnfS1c9jRgeuYWmG9sPRMA== X-IronPort-AV: E=McAfee;i="6700,10204,11222"; a="41320198" X-IronPort-AV: E=Sophos;i="6.11,199,1725346800"; d="scan'208";a="41320198" Received: from fmviesa010.fm.intel.com ([10.60.135.150]) by orvoesa103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Nov 2024 16:57:43 -0800 X-CSE-ConnectionGUID: FRrcaGJJRKq/UQ8rYpTXzA== X-CSE-MsgGUID: 5/a1YUR9RROdsKTCNAWlHQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,264,1725346800"; d="scan'208";a="85193449" Received: from rfrazer-mobl3.amr.corp.intel.com (HELO vcostago-mobl3.lan) ([10.124.222.105]) by fmviesa010-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Nov 2024 16:57:43 -0800 From: Vinicius Costa Gomes To: brauner@kernel.org, amir73il@gmail.com, hu1.chen@intel.com Cc: miklos@szeredi.hu, malini.bhandaru@intel.com, tim.c.chen@intel.com, mikko.ylinen@intel.com, linux-unionfs@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, Vinicius Costa Gomes Subject: [PATCH v4 4/4] ovl: Optimize override/revert creds Date: Wed, 6 Nov 2024 16:57:20 -0800 Message-ID: <20241107005720.901335-5-vinicius.gomes@intel.com> X-Mailer: git-send-email 2.47.0 In-Reply-To: <20241107005720.901335-1-vinicius.gomes@intel.com> References: <20241107005720.901335-1-vinicius.gomes@intel.com> Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Use override_creds_light() in ovl_override_creds() and revert_creds_light() in ovl_revert_creds_light(). The _light() functions do not change the 'usage' of the credentials in question, as they refer to the credentials associated with the mounter, which have a longer lifetime. In ovl_setup_cred_for_create(), do not need to modify the mounter credentials (returned by override_creds()) 'usage' counter. Add a warning to verify that we are indeed working with the mounter credentials (stored in the superblock). Failure in this assumption means that creds may leak. Suggested-by: Christian Brauner Signed-off-by: Vinicius Costa Gomes Acked-by: Vinicius Costa Gomes --- fs/overlayfs/dir.c | 7 ++++++- fs/overlayfs/util.c | 4 ++-- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/fs/overlayfs/dir.c b/fs/overlayfs/dir.c index 09db5eb19242..136a2c7fb9e5 100644 --- a/fs/overlayfs/dir.c +++ b/fs/overlayfs/dir.c @@ -571,7 +571,12 @@ static int ovl_setup_cred_for_create(struct dentry *dentry, struct inode *inode, put_cred(override_cred); return err; } - put_cred(override_creds(override_cred)); + + /* + * We must be called with creator creds already, otherwise we risk + * leaking creds. + */ + WARN_ON_ONCE(override_creds(override_cred) != ovl_creds(dentry->d_sb)); put_cred(override_cred); return 0; diff --git a/fs/overlayfs/util.c b/fs/overlayfs/util.c index 9408046f4f41..3bb107471fb4 100644 --- a/fs/overlayfs/util.c +++ b/fs/overlayfs/util.c @@ -65,12 +65,12 @@ const struct cred *ovl_override_creds(struct super_block *sb) { struct ovl_fs *ofs = OVL_FS(sb); - return override_creds(ofs->creator_cred); + return override_creds_light(ofs->creator_cred); } void ovl_revert_creds(const struct cred *old_cred) { - revert_creds(old_cred); + revert_creds_light(old_cred); } /*