* [PATCH 01/26] tree-wide: s/override_creds()/override_creds_light(get_new_cred())/g
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
@ 2024-11-24 13:43 ` Christian Brauner
2024-11-24 13:43 ` [PATCH 02/26] cred: return old creds from revert_creds_light() Christian Brauner
` (27 subsequent siblings)
28 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:43 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
drivers/base/firmware_loader/main.c | 2 +-
drivers/crypto/ccp/sev-dev.c | 2 +-
drivers/target/target_core_configfs.c | 2 +-
fs/aio.c | 2 +-
fs/binfmt_misc.c | 2 +-
fs/cachefiles/internal.h | 2 +-
fs/coredump.c | 2 +-
fs/nfs/localio.c | 4 ++--
fs/nfs/nfs4idmap.c | 2 +-
fs/nfsd/auth.c | 2 +-
fs/nfsd/nfs4recover.c | 2 +-
fs/nfsd/nfsfh.c | 2 +-
fs/open.c | 2 +-
fs/overlayfs/copy_up.c | 2 +-
fs/smb/client/cifs_spnego.c | 2 +-
fs/smb/client/cifsacl.c | 4 ++--
fs/smb/server/smb_common.c | 2 +-
io_uring/io_uring.c | 2 +-
io_uring/sqpoll.c | 2 +-
kernel/acct.c | 2 +-
kernel/cgroup/cgroup.c | 2 +-
kernel/trace/trace_events_user.c | 2 +-
net/dns_resolver/dns_query.c | 2 +-
23 files changed, 25 insertions(+), 25 deletions(-)
diff --git a/drivers/base/firmware_loader/main.c b/drivers/base/firmware_loader/main.c
index 324a9a3c087aa2e2c4e0b53b30a2f11f61195aa3..74039d6b2b71b91d0d1d57b71f74501abaf646e2 100644
--- a/drivers/base/firmware_loader/main.c
+++ b/drivers/base/firmware_loader/main.c
@@ -912,7 +912,7 @@ _request_firmware(const struct firmware **firmware_p, const char *name,
ret = -ENOMEM;
goto out;
}
- old_cred = override_creds(kern_cred);
+ old_cred = override_creds_light(get_new_cred(kern_cred));
ret = fw_get_filesystem_firmware(device, fw->priv, "", NULL);
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index af018afd9cd7fc68c5f9004e2d0a2ee162d8c4b9..2ad6e41af085a400e88b3207c9b55345f57526e1 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -244,7 +244,7 @@ static struct file *open_file_as_root(const char *filename, int flags, umode_t m
if (!cred)
return ERR_PTR(-ENOMEM);
cred->fsuid = GLOBAL_ROOT_UID;
- old_cred = override_creds(cred);
+ old_cred = override_creds_light(get_new_cred(cred));
fp = file_open_root(&root, filename, flags, mode);
path_put(&root);
diff --git a/drivers/target/target_core_configfs.c b/drivers/target/target_core_configfs.c
index c40217f44b1bc53d149e8d5ea12c0e5297373800..be98d16b2c57c933ffe2c2477b881144f2283630 100644
--- a/drivers/target/target_core_configfs.c
+++ b/drivers/target/target_core_configfs.c
@@ -3756,7 +3756,7 @@ static int __init target_core_init_configfs(void)
ret = -ENOMEM;
goto out;
}
- old_cred = override_creds(kern_cred);
+ old_cred = override_creds_light(get_new_cred(kern_cred));
target_init_dbroot();
revert_creds(old_cred);
put_cred(kern_cred);
diff --git a/fs/aio.c b/fs/aio.c
index 50671640b5883f5d20f652e23c4ea3fe04c989f2..a52fe2e999e73b00af9a19f1c01f0e384f667871 100644
--- a/fs/aio.c
+++ b/fs/aio.c
@@ -1639,7 +1639,7 @@ static int aio_write(struct kiocb *req, const struct iocb *iocb,
static void aio_fsync_work(struct work_struct *work)
{
struct aio_kiocb *iocb = container_of(work, struct aio_kiocb, fsync.work);
- const struct cred *old_cred = override_creds(iocb->fsync.creds);
+ const struct cred *old_cred = override_creds_light(get_new_cred(iocb->fsync.creds));
iocb->ki_res.res = vfs_fsync(iocb->fsync.file, iocb->fsync.datasync);
revert_creds(old_cred);
diff --git a/fs/binfmt_misc.c b/fs/binfmt_misc.c
index 31660d8cc2c610bd42f00f1de7ed6c39618cc5db..f8355eee3d19ef6d20565ec1938e8691ba084d83 100644
--- a/fs/binfmt_misc.c
+++ b/fs/binfmt_misc.c
@@ -826,7 +826,7 @@ static ssize_t bm_register_write(struct file *file, const char __user *buffer,
* didn't matter much as only a privileged process could open
* the register file.
*/
- old_cred = override_creds(file->f_cred);
+ old_cred = override_creds_light(get_new_cred(file->f_cred));
f = open_exec(e->interpreter);
revert_creds(old_cred);
if (IS_ERR(f)) {
diff --git a/fs/cachefiles/internal.h b/fs/cachefiles/internal.h
index 7b99bd98de75b8d95e09da1ca7cd1bb3378fcc62..b156cc2e0e63b28b521923b578cb3547dece5e66 100644
--- a/fs/cachefiles/internal.h
+++ b/fs/cachefiles/internal.h
@@ -393,7 +393,7 @@ extern int cachefiles_determine_cache_security(struct cachefiles_cache *cache,
static inline void cachefiles_begin_secure(struct cachefiles_cache *cache,
const struct cred **_saved_cred)
{
- *_saved_cred = override_creds(cache->cache_cred);
+ *_saved_cred = override_creds_light(get_new_cred(cache->cache_cred));
}
static inline void cachefiles_end_secure(struct cachefiles_cache *cache,
diff --git a/fs/coredump.c b/fs/coredump.c
index d48edb37bc35c0896d97a2f6a6cc259d8812f936..b6aae41b80d22bfed78eed6f3e45bdeb5d2daf06 100644
--- a/fs/coredump.c
+++ b/fs/coredump.c
@@ -576,7 +576,7 @@ void do_coredump(const kernel_siginfo_t *siginfo)
if (retval < 0)
goto fail_creds;
- old_cred = override_creds(cred);
+ old_cred = override_creds_light(get_new_cred(cred));
ispipe = format_corename(&cn, &cprm, &argv, &argc);
diff --git a/fs/nfs/localio.c b/fs/nfs/localio.c
index 8f0ce82a677e1589092a30240d6e60a289d64a58..018e8159c5679757f9fbf257ad3ef60e89d3ee09 100644
--- a/fs/nfs/localio.c
+++ b/fs/nfs/localio.c
@@ -371,7 +371,7 @@ static void nfs_local_call_read(struct work_struct *work)
struct iov_iter iter;
ssize_t status;
- save_cred = override_creds(filp->f_cred);
+ save_cred = override_creds_light(get_new_cred(filp->f_cred));
nfs_local_iter_init(&iter, iocb, READ);
@@ -541,7 +541,7 @@ static void nfs_local_call_write(struct work_struct *work)
ssize_t status;
current->flags |= PF_LOCAL_THROTTLE | PF_MEMALLOC_NOIO;
- save_cred = override_creds(filp->f_cred);
+ save_cred = override_creds_light(get_new_cred(filp->f_cred));
nfs_local_iter_init(&iter, iocb, WRITE);
diff --git a/fs/nfs/nfs4idmap.c b/fs/nfs/nfs4idmap.c
index 25a7c771cfd89f3e6d494f26a78212d3d619c135..b9442f70271d8397fb36dcb62570f6d304fe5c71 100644
--- a/fs/nfs/nfs4idmap.c
+++ b/fs/nfs/nfs4idmap.c
@@ -311,7 +311,7 @@ static ssize_t nfs_idmap_get_key(const char *name, size_t namelen,
const struct user_key_payload *payload;
ssize_t ret;
- saved_cred = override_creds(id_resolver_cache);
+ saved_cred = override_creds_light(get_new_cred(id_resolver_cache));
rkey = nfs_idmap_request_key(name, namelen, type, idmap);
revert_creds(saved_cred);
diff --git a/fs/nfsd/auth.c b/fs/nfsd/auth.c
index 93e33d1ee8917fc5d462f56b5c65380f7555e638..614a5ec4824b4ab9f6faa132c565688c94261704 100644
--- a/fs/nfsd/auth.c
+++ b/fs/nfsd/auth.c
@@ -79,7 +79,7 @@ int nfsd_setuser(struct svc_cred *cred, struct svc_export *exp)
else
new->cap_effective = cap_raise_nfsd_set(new->cap_effective,
new->cap_permitted);
- put_cred(override_creds(new));
+ put_cred(override_creds_light(get_new_cred(new)));
put_cred(new);
return 0;
diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c
index b7d61eb8afe9e10d94b614ae50c2790fe6816732..f55ed06611aaaffa6dc8723b96b9876a3a3db0f7 100644
--- a/fs/nfsd/nfs4recover.c
+++ b/fs/nfsd/nfs4recover.c
@@ -81,7 +81,7 @@ nfs4_save_creds(const struct cred **original_creds)
new->fsuid = GLOBAL_ROOT_UID;
new->fsgid = GLOBAL_ROOT_GID;
- *original_creds = override_creds(new);
+ *original_creds = override_creds_light(get_new_cred(new));
put_cred(new);
return 0;
}
diff --git a/fs/nfsd/nfsfh.c b/fs/nfsd/nfsfh.c
index 40ad58a6a0361e48a48262a2c61abbcfd908a3bb..8e323cc8e2c5b26ec660ceedeb95be4ef0ac809e 100644
--- a/fs/nfsd/nfsfh.c
+++ b/fs/nfsd/nfsfh.c
@@ -221,7 +221,7 @@ static __be32 nfsd_set_fh_dentry(struct svc_rqst *rqstp, struct net *net,
new->cap_effective =
cap_raise_nfsd_set(new->cap_effective,
new->cap_permitted);
- put_cred(override_creds(new));
+ put_cred(override_creds_light(get_new_cred(new)));
put_cred(new);
} else {
error = nfsd_setuser_and_check_port(rqstp, cred, exp);
diff --git a/fs/open.c b/fs/open.c
index e6911101fe71d665d5f1a6346e5f82212bb8ed65..2459cd061f47f46756b7d0a7bf2f563b631ec1d5 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -448,7 +448,7 @@ static const struct cred *access_override_creds(void)
*/
override_cred->non_rcu = 1;
- old_cred = override_creds(override_cred);
+ old_cred = override_creds_light(get_new_cred(override_cred));
/* override_cred() gets its own ref */
put_cred(override_cred);
diff --git a/fs/overlayfs/copy_up.c b/fs/overlayfs/copy_up.c
index 3601ddfeddc2ec70764756905d528570ad1020e1..527b041213c8166d60d6a273675c2e2bc18dec36 100644
--- a/fs/overlayfs/copy_up.c
+++ b/fs/overlayfs/copy_up.c
@@ -741,7 +741,7 @@ static int ovl_prep_cu_creds(struct dentry *dentry, struct ovl_cu_creds *cc)
return err;
if (cc->new)
- cc->old = override_creds(cc->new);
+ cc->old = override_creds_light(get_new_cred(cc->new));
return 0;
}
diff --git a/fs/smb/client/cifs_spnego.c b/fs/smb/client/cifs_spnego.c
index 28f568b5fc2771b7a11d0e83d0ac1cb9baf20636..721d8b1254b6491f0b4cb5318fd60d81e13b1599 100644
--- a/fs/smb/client/cifs_spnego.c
+++ b/fs/smb/client/cifs_spnego.c
@@ -173,7 +173,7 @@ cifs_get_spnego_key(struct cifs_ses *sesInfo,
}
cifs_dbg(FYI, "key description = %s\n", description);
- saved_cred = override_creds(spnego_cred);
+ saved_cred = override_creds_light(get_new_cred(spnego_cred));
spnego_key = request_key(&cifs_spnego_key_type, description, "");
revert_creds(saved_cred);
diff --git a/fs/smb/client/cifsacl.c b/fs/smb/client/cifsacl.c
index ba79aa2107cc9f5b5fa628e9b9998d04e78c8bc1..b1ea4ea3de4b15013ac74cfce988515613543532 100644
--- a/fs/smb/client/cifsacl.c
+++ b/fs/smb/client/cifsacl.c
@@ -292,7 +292,7 @@ id_to_sid(unsigned int cid, uint sidtype, struct smb_sid *ssid)
return -EINVAL;
rc = 0;
- saved_cred = override_creds(root_cred);
+ saved_cred = override_creds_light(get_new_cred(root_cred));
sidkey = request_key(&cifs_idmap_key_type, desc, "");
if (IS_ERR(sidkey)) {
rc = -EINVAL;
@@ -398,7 +398,7 @@ sid_to_id(struct cifs_sb_info *cifs_sb, struct smb_sid *psid,
if (!sidstr)
return -ENOMEM;
- saved_cred = override_creds(root_cred);
+ saved_cred = override_creds_light(get_new_cred(root_cred));
sidkey = request_key(&cifs_idmap_key_type, sidstr, "");
if (IS_ERR(sidkey)) {
cifs_dbg(FYI, "%s: Can't map SID %s to a %cid\n",
diff --git a/fs/smb/server/smb_common.c b/fs/smb/server/smb_common.c
index 75b4eb856d32f7ddc856ad5cf04906638cede0b5..c2a59956e3a51b7727a7e358f3842d92d70f085d 100644
--- a/fs/smb/server/smb_common.c
+++ b/fs/smb/server/smb_common.c
@@ -780,7 +780,7 @@ int __ksmbd_override_fsids(struct ksmbd_work *work,
cred->cap_effective = cap_drop_fs_set(cred->cap_effective);
WARN_ON(work->saved_cred);
- work->saved_cred = override_creds(cred);
+ work->saved_cred = override_creds_light(get_new_cred(cred));
if (!work->saved_cred) {
abort_creds(cred);
return -EINVAL;
diff --git a/io_uring/io_uring.c b/io_uring/io_uring.c
index 8012933998837ddcef45c14f1dfe543947a9eaec..7ef3b67ebbde7b04d9428631ee72e7f45245feb4 100644
--- a/io_uring/io_uring.c
+++ b/io_uring/io_uring.c
@@ -1704,7 +1704,7 @@ static int io_issue_sqe(struct io_kiocb *req, unsigned int issue_flags)
return -EBADF;
if (unlikely((req->flags & REQ_F_CREDS) && req->creds != current_cred()))
- creds = override_creds(req->creds);
+ creds = override_creds_light(get_new_cred(req->creds));
if (!def->audit_skip)
audit_uring_entry(req->opcode);
diff --git a/io_uring/sqpoll.c b/io_uring/sqpoll.c
index 6df5e649c413e39e36db6cde2a8c6745e533bea9..58a76d5818959a9d7eeef52a8bacd29eba3f3d26 100644
--- a/io_uring/sqpoll.c
+++ b/io_uring/sqpoll.c
@@ -174,7 +174,7 @@ static int __io_sq_thread(struct io_ring_ctx *ctx, bool cap_entries)
const struct cred *creds = NULL;
if (ctx->sq_creds != current_cred())
- creds = override_creds(ctx->sq_creds);
+ creds = override_creds_light(get_new_cred(ctx->sq_creds));
mutex_lock(&ctx->uring_lock);
if (!wq_list_empty(&ctx->iopoll_list))
diff --git a/kernel/acct.c b/kernel/acct.c
index 179848ad33e978a557ce695a0d6020aa169177c6..8f18eb02dd416b884222b66f0f386379c46b30ea 100644
--- a/kernel/acct.c
+++ b/kernel/acct.c
@@ -501,7 +501,7 @@ static void do_acct_process(struct bsd_acct_struct *acct)
flim = rlimit(RLIMIT_FSIZE);
current->signal->rlim[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY;
/* Perform file operations on behalf of whoever enabled accounting */
- orig_cred = override_creds(file->f_cred);
+ orig_cred = override_creds_light(get_new_cred(file->f_cred));
/*
* First check to see if there is enough free_space to continue
diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
index d9061bd55436b502e065b477a903ed682d722c2e..97329b4fe5027dcc5d80f6b074f4c494c4794df7 100644
--- a/kernel/cgroup/cgroup.c
+++ b/kernel/cgroup/cgroup.c
@@ -5216,7 +5216,7 @@ static ssize_t __cgroup_procs_write(struct kernfs_open_file *of, char *buf,
* permissions using the credentials from file open to protect against
* inherited fd attacks.
*/
- saved_cred = override_creds(of->file->f_cred);
+ saved_cred = override_creds_light(get_new_cred(of->file->f_cred));
ret = cgroup_attach_permissions(src_cgrp, dst_cgrp,
of->file->f_path.dentry->d_sb,
threadgroup, ctx->ns);
diff --git a/kernel/trace/trace_events_user.c b/kernel/trace/trace_events_user.c
index 17bcad8f79de70a29fb58f84ce12ffb929515794..4dd7c45d227e9459e694535cee3f853c09826cff 100644
--- a/kernel/trace/trace_events_user.c
+++ b/kernel/trace/trace_events_user.c
@@ -1469,7 +1469,7 @@ static int user_event_set_call_visible(struct user_event *user, bool visible)
*/
cred->fsuid = GLOBAL_ROOT_UID;
- old_cred = override_creds(cred);
+ old_cred = override_creds_light(get_new_cred(cred));
if (visible)
ret = trace_add_event_call(&user->call);
diff --git a/net/dns_resolver/dns_query.c b/net/dns_resolver/dns_query.c
index 82b084cc1cc6349bb532d5ada555b0bcbb1cdbea..a54f5f841cea1edd7f449d4e3e79e37b8ed865f4 100644
--- a/net/dns_resolver/dns_query.c
+++ b/net/dns_resolver/dns_query.c
@@ -124,7 +124,7 @@ int dns_query(struct net *net,
/* make the upcall, using special credentials to prevent the use of
* add_key() to preinstall malicious redirections
*/
- saved_cred = override_creds(dns_resolver_cache);
+ saved_cred = override_creds_light(get_new_cred(dns_resolver_cache));
rkey = request_key_net(&key_type_dns_resolver, desc, net, options);
revert_creds(saved_cred);
kfree(desc);
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* [PATCH 02/26] cred: return old creds from revert_creds_light()
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
2024-11-24 13:43 ` [PATCH 01/26] tree-wide: s/override_creds()/override_creds_light(get_new_cred())/g Christian Brauner
@ 2024-11-24 13:43 ` Christian Brauner
2024-11-24 13:43 ` [PATCH 03/26] tree-wide: s/revert_creds()/put_cred(revert_creds_light())/g Christian Brauner
` (26 subsequent siblings)
28 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:43 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
So we can easily convert revert_creds() callers over to drop the
reference count explicitly.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
include/linux/cred.h | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/include/linux/cred.h b/include/linux/cred.h
index e4a3155fe409d6b991fa6639005ebc233fc17dcc..382768a9707b5c3e6cbd3e8183769e1227a73107 100644
--- a/include/linux/cred.h
+++ b/include/linux/cred.h
@@ -185,9 +185,12 @@ static inline const struct cred *override_creds_light(const struct cred *overrid
return old;
}
-static inline void revert_creds_light(const struct cred *revert_cred)
+static inline const struct cred *revert_creds_light(const struct cred *revert_cred)
{
+ const struct cred *override_cred = current->cred;
+
rcu_assign_pointer(current->cred, revert_cred);
+ return override_cred;
}
/**
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* [PATCH 03/26] tree-wide: s/revert_creds()/put_cred(revert_creds_light())/g
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
2024-11-24 13:43 ` [PATCH 01/26] tree-wide: s/override_creds()/override_creds_light(get_new_cred())/g Christian Brauner
2024-11-24 13:43 ` [PATCH 02/26] cred: return old creds from revert_creds_light() Christian Brauner
@ 2024-11-24 13:43 ` Christian Brauner
2024-11-24 13:43 ` [PATCH 04/26] cred: remove old {override,revert}_creds() helpers Christian Brauner
` (25 subsequent siblings)
28 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:43 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
Convert all calls to revert_creds() over to explicitly dropping
reference counts in preparation for converting revert_creds() to
revert_creds_light() semantics.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
drivers/base/firmware_loader/main.c | 2 +-
drivers/crypto/ccp/sev-dev.c | 2 +-
drivers/target/target_core_configfs.c | 2 +-
fs/aio.c | 2 +-
fs/binfmt_misc.c | 2 +-
fs/cachefiles/internal.h | 2 +-
fs/coredump.c | 2 +-
fs/nfs/localio.c | 4 ++--
fs/nfs/nfs4idmap.c | 2 +-
fs/nfsd/auth.c | 2 +-
fs/nfsd/filecache.c | 2 +-
fs/nfsd/nfs4recover.c | 2 +-
fs/open.c | 2 +-
fs/overlayfs/copy_up.c | 2 +-
fs/smb/client/cifs_spnego.c | 2 +-
fs/smb/client/cifsacl.c | 4 ++--
fs/smb/server/smb_common.c | 2 +-
io_uring/io_uring.c | 2 +-
io_uring/sqpoll.c | 2 +-
kernel/acct.c | 2 +-
kernel/cgroup/cgroup.c | 2 +-
kernel/trace/trace_events_user.c | 2 +-
net/dns_resolver/dns_query.c | 2 +-
23 files changed, 25 insertions(+), 25 deletions(-)
diff --git a/drivers/base/firmware_loader/main.c b/drivers/base/firmware_loader/main.c
index 74039d6b2b71b91d0d1d57b71f74501abaf646e2..8e3323a618e4436746258ce289a524f98c3ff60a 100644
--- a/drivers/base/firmware_loader/main.c
+++ b/drivers/base/firmware_loader/main.c
@@ -944,7 +944,7 @@ _request_firmware(const struct firmware **firmware_p, const char *name,
} else
ret = assign_fw(fw, device);
- revert_creds(old_cred);
+ put_cred(revert_creds_light(old_cred));
put_cred(kern_cred);
out:
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index 2ad6e41af085a400e88b3207c9b55345f57526e1..9111a51d53e0e74e6d66bffe5b4e1bf1bf9157d0 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -249,7 +249,7 @@ static struct file *open_file_as_root(const char *filename, int flags, umode_t m
fp = file_open_root(&root, filename, flags, mode);
path_put(&root);
- revert_creds(old_cred);
+ put_cred(revert_creds_light(old_cred));
return fp;
}
diff --git a/drivers/target/target_core_configfs.c b/drivers/target/target_core_configfs.c
index be98d16b2c57c933ffe2c2477b881144f2283630..564bc71d2d0923b9fdd575d520fd22206259b40a 100644
--- a/drivers/target/target_core_configfs.c
+++ b/drivers/target/target_core_configfs.c
@@ -3758,7 +3758,7 @@ static int __init target_core_init_configfs(void)
}
old_cred = override_creds_light(get_new_cred(kern_cred));
target_init_dbroot();
- revert_creds(old_cred);
+ put_cred(revert_creds_light(old_cred));
put_cred(kern_cred);
return 0;
diff --git a/fs/aio.c b/fs/aio.c
index a52fe2e999e73b00af9a19f1c01f0e384f667871..6b987c48b6712abe2601b23f6aa9fac74c09161c 100644
--- a/fs/aio.c
+++ b/fs/aio.c
@@ -1642,7 +1642,7 @@ static void aio_fsync_work(struct work_struct *work)
const struct cred *old_cred = override_creds_light(get_new_cred(iocb->fsync.creds));
iocb->ki_res.res = vfs_fsync(iocb->fsync.file, iocb->fsync.datasync);
- revert_creds(old_cred);
+ put_cred(revert_creds_light(old_cred));
put_cred(iocb->fsync.creds);
iocb_put(iocb);
}
diff --git a/fs/binfmt_misc.c b/fs/binfmt_misc.c
index f8355eee3d19ef6d20565ec1938e8691ba084d83..84a96abfd090230334f935f666a145571c78b3a8 100644
--- a/fs/binfmt_misc.c
+++ b/fs/binfmt_misc.c
@@ -828,7 +828,7 @@ static ssize_t bm_register_write(struct file *file, const char __user *buffer,
*/
old_cred = override_creds_light(get_new_cred(file->f_cred));
f = open_exec(e->interpreter);
- revert_creds(old_cred);
+ put_cred(revert_creds_light(old_cred));
if (IS_ERR(f)) {
pr_notice("register: failed to install interpreter file %s\n",
e->interpreter);
diff --git a/fs/cachefiles/internal.h b/fs/cachefiles/internal.h
index b156cc2e0e63b28b521923b578cb3547dece5e66..809305dd531760d47e781064c1fc6e328849fc6b 100644
--- a/fs/cachefiles/internal.h
+++ b/fs/cachefiles/internal.h
@@ -399,7 +399,7 @@ static inline void cachefiles_begin_secure(struct cachefiles_cache *cache,
static inline void cachefiles_end_secure(struct cachefiles_cache *cache,
const struct cred *saved_cred)
{
- revert_creds(saved_cred);
+ put_cred(revert_creds_light(saved_cred));
}
/*
diff --git a/fs/coredump.c b/fs/coredump.c
index b6aae41b80d22bfed78eed6f3e45bdeb5d2daf06..ff119aaa5c313306b1183270a5d95904ed5951f4 100644
--- a/fs/coredump.c
+++ b/fs/coredump.c
@@ -781,7 +781,7 @@ void do_coredump(const kernel_siginfo_t *siginfo)
kfree(argv);
kfree(cn.corename);
coredump_finish(core_dumped);
- revert_creds(old_cred);
+ put_cred(revert_creds_light(old_cred));
fail_creds:
put_cred(cred);
fail:
diff --git a/fs/nfs/localio.c b/fs/nfs/localio.c
index 018e8159c5679757f9fbf257ad3ef60e89d3ee09..77ff066aa938158cd8fcf691ebfbda6385f70449 100644
--- a/fs/nfs/localio.c
+++ b/fs/nfs/localio.c
@@ -381,7 +381,7 @@ static void nfs_local_call_read(struct work_struct *work)
nfs_local_read_done(iocb, status);
nfs_local_pgio_release(iocb);
- revert_creds(save_cred);
+ put_cred(revert_creds_light(save_cred));
}
static int
@@ -554,7 +554,7 @@ static void nfs_local_call_write(struct work_struct *work)
nfs_local_vfs_getattr(iocb);
nfs_local_pgio_release(iocb);
- revert_creds(save_cred);
+ put_cred(revert_creds_light(save_cred));
current->flags = old_flags;
}
diff --git a/fs/nfs/nfs4idmap.c b/fs/nfs/nfs4idmap.c
index b9442f70271d8397fb36dcb62570f6d304fe5c71..629979b20e98cbc37e148289570574d9ba2e7675 100644
--- a/fs/nfs/nfs4idmap.c
+++ b/fs/nfs/nfs4idmap.c
@@ -313,7 +313,7 @@ static ssize_t nfs_idmap_get_key(const char *name, size_t namelen,
saved_cred = override_creds_light(get_new_cred(id_resolver_cache));
rkey = nfs_idmap_request_key(name, namelen, type, idmap);
- revert_creds(saved_cred);
+ put_cred(revert_creds_light(saved_cred));
if (IS_ERR(rkey)) {
ret = PTR_ERR(rkey);
diff --git a/fs/nfsd/auth.c b/fs/nfsd/auth.c
index 614a5ec4824b4ab9f6faa132c565688c94261704..dda14811d092689e5aa44bdd29f25403e4e3a780 100644
--- a/fs/nfsd/auth.c
+++ b/fs/nfsd/auth.c
@@ -27,7 +27,7 @@ int nfsd_setuser(struct svc_cred *cred, struct svc_export *exp)
int flags = nfsexp_flags(cred, exp);
/* discard any old override before preparing the new set */
- revert_creds(get_cred(current_real_cred()));
+ put_cred(revert_creds_light(get_cred(current_real_cred())));
new = prepare_creds();
if (!new)
return -ENOMEM;
diff --git a/fs/nfsd/filecache.c b/fs/nfsd/filecache.c
index 2e6783f63712454509c526969a622040985da577..fef2b8eb3a94736cbe8342a95f205f173f598447 100644
--- a/fs/nfsd/filecache.c
+++ b/fs/nfsd/filecache.c
@@ -1252,7 +1252,7 @@ nfsd_file_acquire_local(struct net *net, struct svc_cred *cred,
beres = nfsd_file_do_acquire(NULL, net, cred, client,
fhp, may_flags, NULL, pnf, true);
- revert_creds(save_cred);
+ put_cred(revert_creds_light(save_cred));
return beres;
}
diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c
index f55ed06611aaaffa6dc8723b96b9876a3a3db0f7..61c8f4ab10777952088d1312f2e3d606dbc4f801 100644
--- a/fs/nfsd/nfs4recover.c
+++ b/fs/nfsd/nfs4recover.c
@@ -89,7 +89,7 @@ nfs4_save_creds(const struct cred **original_creds)
static void
nfs4_reset_creds(const struct cred *original)
{
- revert_creds(original);
+ put_cred(revert_creds_light(original));
}
static void
diff --git a/fs/open.c b/fs/open.c
index 2459cd061f47f46756b7d0a7bf2f563b631ec1d5..23c414c10883927129a925a33680affc6f3a0a78 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -523,7 +523,7 @@ static long do_faccessat(int dfd, const char __user *filename, int mode, int fla
}
out:
if (old_cred)
- revert_creds(old_cred);
+ put_cred(revert_creds_light(old_cred));
return res;
}
diff --git a/fs/overlayfs/copy_up.c b/fs/overlayfs/copy_up.c
index 527b041213c8166d60d6a273675c2e2bc18dec36..0f19bdbc78a45f35df2829ccc8cc65deef244ffd 100644
--- a/fs/overlayfs/copy_up.c
+++ b/fs/overlayfs/copy_up.c
@@ -749,7 +749,7 @@ static int ovl_prep_cu_creds(struct dentry *dentry, struct ovl_cu_creds *cc)
static void ovl_revert_cu_creds(struct ovl_cu_creds *cc)
{
if (cc->new) {
- revert_creds(cc->old);
+ put_cred(revert_creds_light(cc->old));
put_cred(cc->new);
}
}
diff --git a/fs/smb/client/cifs_spnego.c b/fs/smb/client/cifs_spnego.c
index 721d8b1254b6491f0b4cb5318fd60d81e13b1599..f2353bccc9f5e4637772a89dd0b0f42861fd21f3 100644
--- a/fs/smb/client/cifs_spnego.c
+++ b/fs/smb/client/cifs_spnego.c
@@ -175,7 +175,7 @@ cifs_get_spnego_key(struct cifs_ses *sesInfo,
cifs_dbg(FYI, "key description = %s\n", description);
saved_cred = override_creds_light(get_new_cred(spnego_cred));
spnego_key = request_key(&cifs_spnego_key_type, description, "");
- revert_creds(saved_cred);
+ put_cred(revert_creds_light(saved_cred));
#ifdef CONFIG_CIFS_DEBUG2
if (cifsFYI && !IS_ERR(spnego_key)) {
diff --git a/fs/smb/client/cifsacl.c b/fs/smb/client/cifsacl.c
index b1ea4ea3de4b15013ac74cfce988515613543532..81d8d9802a56d4bb5d3d0480396f0c78c4c3fb80 100644
--- a/fs/smb/client/cifsacl.c
+++ b/fs/smb/client/cifsacl.c
@@ -327,7 +327,7 @@ id_to_sid(unsigned int cid, uint sidtype, struct smb_sid *ssid)
out_key_put:
key_put(sidkey);
out_revert_creds:
- revert_creds(saved_cred);
+ put_cred(revert_creds_light(saved_cred));
return rc;
invalidate_key:
@@ -438,7 +438,7 @@ sid_to_id(struct cifs_sb_info *cifs_sb, struct smb_sid *psid,
out_key_put:
key_put(sidkey);
out_revert_creds:
- revert_creds(saved_cred);
+ put_cred(revert_creds_light(saved_cred));
kfree(sidstr);
/*
diff --git a/fs/smb/server/smb_common.c b/fs/smb/server/smb_common.c
index c2a59956e3a51b7727a7e358f3842d92d70f085d..b13abbf67827fcad9c35606344cca055c09ba9c3 100644
--- a/fs/smb/server/smb_common.c
+++ b/fs/smb/server/smb_common.c
@@ -800,7 +800,7 @@ void ksmbd_revert_fsids(struct ksmbd_work *work)
WARN_ON(!work->saved_cred);
cred = current_cred();
- revert_creds(work->saved_cred);
+ put_cred(revert_creds_light(work->saved_cred));
put_cred(cred);
work->saved_cred = NULL;
}
diff --git a/io_uring/io_uring.c b/io_uring/io_uring.c
index 7ef3b67ebbde7b04d9428631ee72e7f45245feb4..a6a50e86791e79745ace095af68c4b658e4a2cdc 100644
--- a/io_uring/io_uring.c
+++ b/io_uring/io_uring.c
@@ -1715,7 +1715,7 @@ static int io_issue_sqe(struct io_kiocb *req, unsigned int issue_flags)
audit_uring_exit(!ret, ret);
if (creds)
- revert_creds(creds);
+ put_cred(revert_creds_light(creds));
if (ret == IOU_OK) {
if (issue_flags & IO_URING_F_COMPLETE_DEFER)
diff --git a/io_uring/sqpoll.c b/io_uring/sqpoll.c
index 58a76d5818959a9d7eeef52a8bacd29eba3f3d26..42ca6e07e0f7b0fe54a9f09857f87fecb5aa7085 100644
--- a/io_uring/sqpoll.c
+++ b/io_uring/sqpoll.c
@@ -192,7 +192,7 @@ static int __io_sq_thread(struct io_ring_ctx *ctx, bool cap_entries)
if (to_submit && wq_has_sleeper(&ctx->sqo_sq_wait))
wake_up(&ctx->sqo_sq_wait);
if (creds)
- revert_creds(creds);
+ put_cred(revert_creds_light(creds));
}
return ret;
diff --git a/kernel/acct.c b/kernel/acct.c
index 8f18eb02dd416b884222b66f0f386379c46b30ea..4e28aa9e1ef278cd7fb3160a27b549155ceaffc3 100644
--- a/kernel/acct.c
+++ b/kernel/acct.c
@@ -541,7 +541,7 @@ static void do_acct_process(struct bsd_acct_struct *acct)
}
out:
current->signal->rlim[RLIMIT_FSIZE].rlim_cur = flim;
- revert_creds(orig_cred);
+ put_cred(revert_creds_light(orig_cred));
}
/**
diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
index 97329b4fe5027dcc5d80f6b074f4c494c4794df7..68b816955c9c7e0141a073f54b14949b4c37aae6 100644
--- a/kernel/cgroup/cgroup.c
+++ b/kernel/cgroup/cgroup.c
@@ -5220,7 +5220,7 @@ static ssize_t __cgroup_procs_write(struct kernfs_open_file *of, char *buf,
ret = cgroup_attach_permissions(src_cgrp, dst_cgrp,
of->file->f_path.dentry->d_sb,
threadgroup, ctx->ns);
- revert_creds(saved_cred);
+ put_cred(revert_creds_light(saved_cred));
if (ret)
goto out_finish;
diff --git a/kernel/trace/trace_events_user.c b/kernel/trace/trace_events_user.c
index 4dd7c45d227e9459e694535cee3f853c09826cff..2fdadb2e8547ec86f48d84c81c95434c811cb3cd 100644
--- a/kernel/trace/trace_events_user.c
+++ b/kernel/trace/trace_events_user.c
@@ -1476,7 +1476,7 @@ static int user_event_set_call_visible(struct user_event *user, bool visible)
else
ret = trace_remove_event_call(&user->call);
- revert_creds(old_cred);
+ put_cred(revert_creds_light(old_cred));
put_cred(cred);
return ret;
diff --git a/net/dns_resolver/dns_query.c b/net/dns_resolver/dns_query.c
index a54f5f841cea1edd7f449d4e3e79e37b8ed865f4..297059b7e2a367f5e745aac4557cda5996689a00 100644
--- a/net/dns_resolver/dns_query.c
+++ b/net/dns_resolver/dns_query.c
@@ -126,7 +126,7 @@ int dns_query(struct net *net,
*/
saved_cred = override_creds_light(get_new_cred(dns_resolver_cache));
rkey = request_key_net(&key_type_dns_resolver, desc, net, options);
- revert_creds(saved_cred);
+ put_cred(revert_creds_light(saved_cred));
kfree(desc);
if (IS_ERR(rkey)) {
ret = PTR_ERR(rkey);
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* [PATCH 04/26] cred: remove old {override,revert}_creds() helpers
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (2 preceding siblings ...)
2024-11-24 13:43 ` [PATCH 03/26] tree-wide: s/revert_creds()/put_cred(revert_creds_light())/g Christian Brauner
@ 2024-11-24 13:43 ` Christian Brauner
2024-11-24 13:43 ` [PATCH 05/26] tree-wide: s/override_creds_light()/override_creds()/g Christian Brauner
` (24 subsequent siblings)
28 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:43 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
They are now unused.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
include/linux/cred.h | 7 -------
kernel/cred.c | 50 --------------------------------------------------
2 files changed, 57 deletions(-)
diff --git a/include/linux/cred.h b/include/linux/cred.h
index 382768a9707b5c3e6cbd3e8183769e1227a73107..439d7a1840e7ccbc94d814728698a4b383bc39b3 100644
--- a/include/linux/cred.h
+++ b/include/linux/cred.h
@@ -155,8 +155,6 @@ extern struct cred *prepare_creds(void);
extern struct cred *prepare_exec_creds(void);
extern int commit_creds(struct cred *);
extern void abort_creds(struct cred *);
-extern const struct cred *override_creds(const struct cred *);
-extern void revert_creds(const struct cred *);
extern struct cred *prepare_kernel_cred(struct task_struct *);
extern int set_security_override(struct cred *, u32);
extern int set_security_override_from_ctx(struct cred *, const char *);
@@ -172,11 +170,6 @@ static inline bool cap_ambient_invariant_ok(const struct cred *cred)
cred->cap_inheritable));
}
-/*
- * Override creds without bumping reference count. Caller must ensure
- * reference remains valid or has taken reference. Almost always not the
- * interface you want. Use override_creds()/revert_creds() instead.
- */
static inline const struct cred *override_creds_light(const struct cred *override_cred)
{
const struct cred *old = current->cred;
diff --git a/kernel/cred.c b/kernel/cred.c
index da7da250f7c8b5ad91feb938f1e949c5ccb4914b..9676965c0981a01121757b2d904785c1a59e885f 100644
--- a/kernel/cred.c
+++ b/kernel/cred.c
@@ -476,56 +476,6 @@ void abort_creds(struct cred *new)
}
EXPORT_SYMBOL(abort_creds);
-/**
- * override_creds - Override the current process's subjective credentials
- * @new: The credentials to be assigned
- *
- * Install a set of temporary override subjective credentials on the current
- * process, returning the old set for later reversion.
- */
-const struct cred *override_creds(const struct cred *new)
-{
- const struct cred *old;
-
- kdebug("override_creds(%p{%ld})", new,
- atomic_long_read(&new->usage));
-
- /*
- * NOTE! This uses 'get_new_cred()' rather than 'get_cred()'.
- *
- * That means that we do not clear the 'non_rcu' flag, since
- * we are only installing the cred into the thread-synchronous
- * '->cred' pointer, not the '->real_cred' pointer that is
- * visible to other threads under RCU.
- */
- get_new_cred((struct cred *)new);
- old = override_creds_light(new);
-
- kdebug("override_creds() = %p{%ld}", old,
- atomic_long_read(&old->usage));
- return old;
-}
-EXPORT_SYMBOL(override_creds);
-
-/**
- * revert_creds - Revert a temporary subjective credentials override
- * @old: The credentials to be restored
- *
- * Revert a temporary set of override subjective credentials to an old set,
- * discarding the override set.
- */
-void revert_creds(const struct cred *old)
-{
- const struct cred *override = current->cred;
-
- kdebug("revert_creds(%p{%ld})", old,
- atomic_long_read(&old->usage));
-
- revert_creds_light(old);
- put_cred(override);
-}
-EXPORT_SYMBOL(revert_creds);
-
/**
* cred_fscmp - Compare two credentials with respect to filesystem access.
* @a: The first credential
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* [PATCH 05/26] tree-wide: s/override_creds_light()/override_creds()/g
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (3 preceding siblings ...)
2024-11-24 13:43 ` [PATCH 04/26] cred: remove old {override,revert}_creds() helpers Christian Brauner
@ 2024-11-24 13:43 ` Christian Brauner
2024-11-24 13:43 ` [PATCH 06/26] tree-wide: s/revert_creds_light()/revert_creds()/g Christian Brauner
` (23 subsequent siblings)
28 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:43 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
Rename all calls to override_creds_light() back to overrid_creds().
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
drivers/base/firmware_loader/main.c | 2 +-
drivers/crypto/ccp/sev-dev.c | 2 +-
drivers/target/target_core_configfs.c | 2 +-
fs/aio.c | 2 +-
fs/backing-file.c | 10 +++++-----
fs/binfmt_misc.c | 2 +-
fs/cachefiles/internal.h | 2 +-
fs/coredump.c | 2 +-
fs/nfs/localio.c | 4 ++--
fs/nfs/nfs4idmap.c | 2 +-
fs/nfsd/auth.c | 2 +-
fs/nfsd/nfs4recover.c | 2 +-
fs/nfsd/nfsfh.c | 2 +-
fs/open.c | 2 +-
fs/overlayfs/copy_up.c | 2 +-
fs/overlayfs/dir.c | 2 +-
fs/overlayfs/util.c | 2 +-
fs/smb/client/cifs_spnego.c | 2 +-
fs/smb/client/cifsacl.c | 4 ++--
fs/smb/server/smb_common.c | 2 +-
include/linux/cred.h | 2 +-
io_uring/io_uring.c | 2 +-
io_uring/sqpoll.c | 2 +-
kernel/acct.c | 2 +-
kernel/cgroup/cgroup.c | 2 +-
kernel/trace/trace_events_user.c | 2 +-
net/dns_resolver/dns_query.c | 2 +-
27 files changed, 33 insertions(+), 33 deletions(-)
diff --git a/drivers/base/firmware_loader/main.c b/drivers/base/firmware_loader/main.c
index 8e3323a618e4436746258ce289a524f98c3ff60a..729df15600efb743091d7e1b71a306cdfa9acbf0 100644
--- a/drivers/base/firmware_loader/main.c
+++ b/drivers/base/firmware_loader/main.c
@@ -912,7 +912,7 @@ _request_firmware(const struct firmware **firmware_p, const char *name,
ret = -ENOMEM;
goto out;
}
- old_cred = override_creds_light(get_new_cred(kern_cred));
+ old_cred = override_creds(get_new_cred(kern_cred));
ret = fw_get_filesystem_firmware(device, fw->priv, "", NULL);
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index 9111a51d53e0e74e6d66bffe5b4e1bf1bf9157d0..ffae20fd52bc03e7123b116251c77a3ccd7c6cde 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -244,7 +244,7 @@ static struct file *open_file_as_root(const char *filename, int flags, umode_t m
if (!cred)
return ERR_PTR(-ENOMEM);
cred->fsuid = GLOBAL_ROOT_UID;
- old_cred = override_creds_light(get_new_cred(cred));
+ old_cred = override_creds(get_new_cred(cred));
fp = file_open_root(&root, filename, flags, mode);
path_put(&root);
diff --git a/drivers/target/target_core_configfs.c b/drivers/target/target_core_configfs.c
index 564bc71d2d0923b9fdd575d520fd22206259b40a..7788e1fe2633ded4f265ff874c62dc4a21fd1b6e 100644
--- a/drivers/target/target_core_configfs.c
+++ b/drivers/target/target_core_configfs.c
@@ -3756,7 +3756,7 @@ static int __init target_core_init_configfs(void)
ret = -ENOMEM;
goto out;
}
- old_cred = override_creds_light(get_new_cred(kern_cred));
+ old_cred = override_creds(get_new_cred(kern_cred));
target_init_dbroot();
put_cred(revert_creds_light(old_cred));
put_cred(kern_cred);
diff --git a/fs/aio.c b/fs/aio.c
index 6b987c48b6712abe2601b23f6aa9fac74c09161c..7e0ec687f480c05358c6c40638a7e187aafd8124 100644
--- a/fs/aio.c
+++ b/fs/aio.c
@@ -1639,7 +1639,7 @@ static int aio_write(struct kiocb *req, const struct iocb *iocb,
static void aio_fsync_work(struct work_struct *work)
{
struct aio_kiocb *iocb = container_of(work, struct aio_kiocb, fsync.work);
- const struct cred *old_cred = override_creds_light(get_new_cred(iocb->fsync.creds));
+ const struct cred *old_cred = override_creds(get_new_cred(iocb->fsync.creds));
iocb->ki_res.res = vfs_fsync(iocb->fsync.file, iocb->fsync.datasync);
put_cred(revert_creds_light(old_cred));
diff --git a/fs/backing-file.c b/fs/backing-file.c
index 526ddb4d6f764e8d3b0566ec51c5efa90faff0ee..bcf8c0b9ff42e2dd30dc239bb2580942fe6c40a7 100644
--- a/fs/backing-file.c
+++ b/fs/backing-file.c
@@ -176,7 +176,7 @@ ssize_t backing_file_read_iter(struct file *file, struct iov_iter *iter,
!(file->f_mode & FMODE_CAN_ODIRECT))
return -EINVAL;
- old_cred = override_creds_light(ctx->cred);
+ old_cred = override_creds(ctx->cred);
if (is_sync_kiocb(iocb)) {
rwf_t rwf = iocb_to_rw_flags(flags);
@@ -233,7 +233,7 @@ ssize_t backing_file_write_iter(struct file *file, struct iov_iter *iter,
*/
flags &= ~IOCB_DIO_CALLER_COMP;
- old_cred = override_creds_light(ctx->cred);
+ old_cred = override_creds(ctx->cred);
if (is_sync_kiocb(iocb)) {
rwf_t rwf = iocb_to_rw_flags(flags);
@@ -281,7 +281,7 @@ ssize_t backing_file_splice_read(struct file *in, struct kiocb *iocb,
if (WARN_ON_ONCE(!(in->f_mode & FMODE_BACKING)))
return -EIO;
- old_cred = override_creds_light(ctx->cred);
+ old_cred = override_creds(ctx->cred);
ret = vfs_splice_read(in, &iocb->ki_pos, pipe, len, flags);
revert_creds_light(old_cred);
@@ -310,7 +310,7 @@ ssize_t backing_file_splice_write(struct pipe_inode_info *pipe,
if (ret)
return ret;
- old_cred = override_creds_light(ctx->cred);
+ old_cred = override_creds(ctx->cred);
file_start_write(out);
ret = out->f_op->splice_write(pipe, out, &iocb->ki_pos, len, flags);
file_end_write(out);
@@ -337,7 +337,7 @@ int backing_file_mmap(struct file *file, struct vm_area_struct *vma,
vma_set_file(vma, file);
- old_cred = override_creds_light(ctx->cred);
+ old_cred = override_creds(ctx->cred);
ret = call_mmap(vma->vm_file, vma);
revert_creds_light(old_cred);
diff --git a/fs/binfmt_misc.c b/fs/binfmt_misc.c
index 84a96abfd090230334f935f666a145571c78b3a8..63544051404a9ff5ec8a74c754c3acfbc91f3279 100644
--- a/fs/binfmt_misc.c
+++ b/fs/binfmt_misc.c
@@ -826,7 +826,7 @@ static ssize_t bm_register_write(struct file *file, const char __user *buffer,
* didn't matter much as only a privileged process could open
* the register file.
*/
- old_cred = override_creds_light(get_new_cred(file->f_cred));
+ old_cred = override_creds(get_new_cred(file->f_cred));
f = open_exec(e->interpreter);
put_cred(revert_creds_light(old_cred));
if (IS_ERR(f)) {
diff --git a/fs/cachefiles/internal.h b/fs/cachefiles/internal.h
index 809305dd531760d47e781064c1fc6e328849fc6b..05b1d4cfb55afefd025c5f9c08afa81f67fdb9eb 100644
--- a/fs/cachefiles/internal.h
+++ b/fs/cachefiles/internal.h
@@ -393,7 +393,7 @@ extern int cachefiles_determine_cache_security(struct cachefiles_cache *cache,
static inline void cachefiles_begin_secure(struct cachefiles_cache *cache,
const struct cred **_saved_cred)
{
- *_saved_cred = override_creds_light(get_new_cred(cache->cache_cred));
+ *_saved_cred = override_creds(get_new_cred(cache->cache_cred));
}
static inline void cachefiles_end_secure(struct cachefiles_cache *cache,
diff --git a/fs/coredump.c b/fs/coredump.c
index ff119aaa5c313306b1183270a5d95904ed5951f4..4eae37892da58e982b53da4596952a1b3d2e1630 100644
--- a/fs/coredump.c
+++ b/fs/coredump.c
@@ -576,7 +576,7 @@ void do_coredump(const kernel_siginfo_t *siginfo)
if (retval < 0)
goto fail_creds;
- old_cred = override_creds_light(get_new_cred(cred));
+ old_cred = override_creds(get_new_cred(cred));
ispipe = format_corename(&cn, &cprm, &argv, &argc);
diff --git a/fs/nfs/localio.c b/fs/nfs/localio.c
index 77ff066aa938158cd8fcf691ebfbda6385f70449..374c6e35c7b4969ef193b71510ee9a34c45bb815 100644
--- a/fs/nfs/localio.c
+++ b/fs/nfs/localio.c
@@ -371,7 +371,7 @@ static void nfs_local_call_read(struct work_struct *work)
struct iov_iter iter;
ssize_t status;
- save_cred = override_creds_light(get_new_cred(filp->f_cred));
+ save_cred = override_creds(get_new_cred(filp->f_cred));
nfs_local_iter_init(&iter, iocb, READ);
@@ -541,7 +541,7 @@ static void nfs_local_call_write(struct work_struct *work)
ssize_t status;
current->flags |= PF_LOCAL_THROTTLE | PF_MEMALLOC_NOIO;
- save_cred = override_creds_light(get_new_cred(filp->f_cred));
+ save_cred = override_creds(get_new_cred(filp->f_cred));
nfs_local_iter_init(&iter, iocb, WRITE);
diff --git a/fs/nfs/nfs4idmap.c b/fs/nfs/nfs4idmap.c
index 629979b20e98cbc37e148289570574d9ba2e7675..3cae4057f8ba30914a91a3d368ace8f52175644d 100644
--- a/fs/nfs/nfs4idmap.c
+++ b/fs/nfs/nfs4idmap.c
@@ -311,7 +311,7 @@ static ssize_t nfs_idmap_get_key(const char *name, size_t namelen,
const struct user_key_payload *payload;
ssize_t ret;
- saved_cred = override_creds_light(get_new_cred(id_resolver_cache));
+ saved_cred = override_creds(get_new_cred(id_resolver_cache));
rkey = nfs_idmap_request_key(name, namelen, type, idmap);
put_cred(revert_creds_light(saved_cred));
diff --git a/fs/nfsd/auth.c b/fs/nfsd/auth.c
index dda14811d092689e5aa44bdd29f25403e4e3a780..dafea9183b4e6413d61c0c83a1b8f26a9712d5c6 100644
--- a/fs/nfsd/auth.c
+++ b/fs/nfsd/auth.c
@@ -79,7 +79,7 @@ int nfsd_setuser(struct svc_cred *cred, struct svc_export *exp)
else
new->cap_effective = cap_raise_nfsd_set(new->cap_effective,
new->cap_permitted);
- put_cred(override_creds_light(get_new_cred(new)));
+ put_cred(override_creds(get_new_cred(new)));
put_cred(new);
return 0;
diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c
index 61c8f4ab10777952088d1312f2e3d606dbc4f801..475c47f1c0afa2de56038bbb7cdd9fc5e583c8bd 100644
--- a/fs/nfsd/nfs4recover.c
+++ b/fs/nfsd/nfs4recover.c
@@ -81,7 +81,7 @@ nfs4_save_creds(const struct cred **original_creds)
new->fsuid = GLOBAL_ROOT_UID;
new->fsgid = GLOBAL_ROOT_GID;
- *original_creds = override_creds_light(get_new_cred(new));
+ *original_creds = override_creds(get_new_cred(new));
put_cred(new);
return 0;
}
diff --git a/fs/nfsd/nfsfh.c b/fs/nfsd/nfsfh.c
index 8e323cc8e2c5b26ec660ceedeb95be4ef0ac809e..60b0275d5529d49ac87e8b89e4eb650ecd624f71 100644
--- a/fs/nfsd/nfsfh.c
+++ b/fs/nfsd/nfsfh.c
@@ -221,7 +221,7 @@ static __be32 nfsd_set_fh_dentry(struct svc_rqst *rqstp, struct net *net,
new->cap_effective =
cap_raise_nfsd_set(new->cap_effective,
new->cap_permitted);
- put_cred(override_creds_light(get_new_cred(new)));
+ put_cred(override_creds(get_new_cred(new)));
put_cred(new);
} else {
error = nfsd_setuser_and_check_port(rqstp, cred, exp);
diff --git a/fs/open.c b/fs/open.c
index 23c414c10883927129a925a33680affc6f3a0a78..bd0a34653f0ebe210ddfeabf5ea3bc002bf2833d 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -448,7 +448,7 @@ static const struct cred *access_override_creds(void)
*/
override_cred->non_rcu = 1;
- old_cred = override_creds_light(get_new_cred(override_cred));
+ old_cred = override_creds(get_new_cred(override_cred));
/* override_cred() gets its own ref */
put_cred(override_cred);
diff --git a/fs/overlayfs/copy_up.c b/fs/overlayfs/copy_up.c
index 0f19bdbc78a45f35df2829ccc8cc65deef244ffd..7805667b2e05264c011cd41ff6f77b9ae0fb30d9 100644
--- a/fs/overlayfs/copy_up.c
+++ b/fs/overlayfs/copy_up.c
@@ -741,7 +741,7 @@ static int ovl_prep_cu_creds(struct dentry *dentry, struct ovl_cu_creds *cc)
return err;
if (cc->new)
- cc->old = override_creds_light(get_new_cred(cc->new));
+ cc->old = override_creds(get_new_cred(cc->new));
return 0;
}
diff --git a/fs/overlayfs/dir.c b/fs/overlayfs/dir.c
index 08e683917d121b1fe8f0f0b4d4ba4f0f3c72f47d..151271f0586c7249cfa61cd45d249ec930adaf82 100644
--- a/fs/overlayfs/dir.c
+++ b/fs/overlayfs/dir.c
@@ -580,7 +580,7 @@ static const struct cred *ovl_setup_cred_for_create(struct dentry *dentry,
* We must be called with creator creds already, otherwise we risk
* leaking creds.
*/
- old_cred = override_creds_light(override_cred);
+ old_cred = override_creds(override_cred);
WARN_ON_ONCE(old_cred != ovl_creds(dentry->d_sb));
return override_cred;
diff --git a/fs/overlayfs/util.c b/fs/overlayfs/util.c
index 9aa7493b1e10365cbcc97fceab26d614a319727f..2513a79a10b0bd69fa9d1c8a0f4726f3246ac39c 100644
--- a/fs/overlayfs/util.c
+++ b/fs/overlayfs/util.c
@@ -65,7 +65,7 @@ const struct cred *ovl_override_creds(struct super_block *sb)
{
struct ovl_fs *ofs = OVL_FS(sb);
- return override_creds_light(ofs->creator_cred);
+ return override_creds(ofs->creator_cred);
}
void ovl_revert_creds(const struct cred *old_cred)
diff --git a/fs/smb/client/cifs_spnego.c b/fs/smb/client/cifs_spnego.c
index f2353bccc9f5e4637772a89dd0b0f42861fd21f3..f22dc0be357fa03cecc524976de5c69fddeef1ca 100644
--- a/fs/smb/client/cifs_spnego.c
+++ b/fs/smb/client/cifs_spnego.c
@@ -173,7 +173,7 @@ cifs_get_spnego_key(struct cifs_ses *sesInfo,
}
cifs_dbg(FYI, "key description = %s\n", description);
- saved_cred = override_creds_light(get_new_cred(spnego_cred));
+ saved_cred = override_creds(get_new_cred(spnego_cred));
spnego_key = request_key(&cifs_spnego_key_type, description, "");
put_cred(revert_creds_light(saved_cred));
diff --git a/fs/smb/client/cifsacl.c b/fs/smb/client/cifsacl.c
index 81d8d9802a56d4bb5d3d0480396f0c78c4c3fb80..d65e094b97cb2b1bd1c79d1959443fd8cae93f8f 100644
--- a/fs/smb/client/cifsacl.c
+++ b/fs/smb/client/cifsacl.c
@@ -292,7 +292,7 @@ id_to_sid(unsigned int cid, uint sidtype, struct smb_sid *ssid)
return -EINVAL;
rc = 0;
- saved_cred = override_creds_light(get_new_cred(root_cred));
+ saved_cred = override_creds(get_new_cred(root_cred));
sidkey = request_key(&cifs_idmap_key_type, desc, "");
if (IS_ERR(sidkey)) {
rc = -EINVAL;
@@ -398,7 +398,7 @@ sid_to_id(struct cifs_sb_info *cifs_sb, struct smb_sid *psid,
if (!sidstr)
return -ENOMEM;
- saved_cred = override_creds_light(get_new_cred(root_cred));
+ saved_cred = override_creds(get_new_cred(root_cred));
sidkey = request_key(&cifs_idmap_key_type, sidstr, "");
if (IS_ERR(sidkey)) {
cifs_dbg(FYI, "%s: Can't map SID %s to a %cid\n",
diff --git a/fs/smb/server/smb_common.c b/fs/smb/server/smb_common.c
index b13abbf67827fcad9c35606344cca055c09ba9c3..f09652bcca542464ed2f27fce9e912f797410612 100644
--- a/fs/smb/server/smb_common.c
+++ b/fs/smb/server/smb_common.c
@@ -780,7 +780,7 @@ int __ksmbd_override_fsids(struct ksmbd_work *work,
cred->cap_effective = cap_drop_fs_set(cred->cap_effective);
WARN_ON(work->saved_cred);
- work->saved_cred = override_creds_light(get_new_cred(cred));
+ work->saved_cred = override_creds(get_new_cred(cred));
if (!work->saved_cred) {
abort_creds(cred);
return -EINVAL;
diff --git a/include/linux/cred.h b/include/linux/cred.h
index 439d7a1840e7ccbc94d814728698a4b383bc39b3..a049993d22cca4e122091309f11fbc9e10d2e955 100644
--- a/include/linux/cred.h
+++ b/include/linux/cred.h
@@ -170,7 +170,7 @@ static inline bool cap_ambient_invariant_ok(const struct cred *cred)
cred->cap_inheritable));
}
-static inline const struct cred *override_creds_light(const struct cred *override_cred)
+static inline const struct cred *override_creds(const struct cred *override_cred)
{
const struct cred *old = current->cred;
diff --git a/io_uring/io_uring.c b/io_uring/io_uring.c
index a6a50e86791e79745ace095af68c4b658e4a2cdc..946df208e7741a0e2e11eff2ee0b8978bcea7c3c 100644
--- a/io_uring/io_uring.c
+++ b/io_uring/io_uring.c
@@ -1704,7 +1704,7 @@ static int io_issue_sqe(struct io_kiocb *req, unsigned int issue_flags)
return -EBADF;
if (unlikely((req->flags & REQ_F_CREDS) && req->creds != current_cred()))
- creds = override_creds_light(get_new_cred(req->creds));
+ creds = override_creds(get_new_cred(req->creds));
if (!def->audit_skip)
audit_uring_entry(req->opcode);
diff --git a/io_uring/sqpoll.c b/io_uring/sqpoll.c
index 42ca6e07e0f7b0fe54a9f09857f87fecb5aa7085..0fd424442118f38db0307fe10e0c6ee102c1f185 100644
--- a/io_uring/sqpoll.c
+++ b/io_uring/sqpoll.c
@@ -174,7 +174,7 @@ static int __io_sq_thread(struct io_ring_ctx *ctx, bool cap_entries)
const struct cred *creds = NULL;
if (ctx->sq_creds != current_cred())
- creds = override_creds_light(get_new_cred(ctx->sq_creds));
+ creds = override_creds(get_new_cred(ctx->sq_creds));
mutex_lock(&ctx->uring_lock);
if (!wq_list_empty(&ctx->iopoll_list))
diff --git a/kernel/acct.c b/kernel/acct.c
index 4e28aa9e1ef278cd7fb3160a27b549155ceaffc3..a51a3b483fd9d94da916dc4e052ef4ab1042a39f 100644
--- a/kernel/acct.c
+++ b/kernel/acct.c
@@ -501,7 +501,7 @@ static void do_acct_process(struct bsd_acct_struct *acct)
flim = rlimit(RLIMIT_FSIZE);
current->signal->rlim[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY;
/* Perform file operations on behalf of whoever enabled accounting */
- orig_cred = override_creds_light(get_new_cred(file->f_cred));
+ orig_cred = override_creds(get_new_cred(file->f_cred));
/*
* First check to see if there is enough free_space to continue
diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
index 68b816955c9c7e0141a073f54b14949b4c37aae6..2d618b577e52e0117f77340dac79581882599578 100644
--- a/kernel/cgroup/cgroup.c
+++ b/kernel/cgroup/cgroup.c
@@ -5216,7 +5216,7 @@ static ssize_t __cgroup_procs_write(struct kernfs_open_file *of, char *buf,
* permissions using the credentials from file open to protect against
* inherited fd attacks.
*/
- saved_cred = override_creds_light(get_new_cred(of->file->f_cred));
+ saved_cred = override_creds(get_new_cred(of->file->f_cred));
ret = cgroup_attach_permissions(src_cgrp, dst_cgrp,
of->file->f_path.dentry->d_sb,
threadgroup, ctx->ns);
diff --git a/kernel/trace/trace_events_user.c b/kernel/trace/trace_events_user.c
index 2fdadb2e8547ec86f48d84c81c95434c811cb3cd..857124d81f1255e7e6b4d18009b53191a71b57fc 100644
--- a/kernel/trace/trace_events_user.c
+++ b/kernel/trace/trace_events_user.c
@@ -1469,7 +1469,7 @@ static int user_event_set_call_visible(struct user_event *user, bool visible)
*/
cred->fsuid = GLOBAL_ROOT_UID;
- old_cred = override_creds_light(get_new_cred(cred));
+ old_cred = override_creds(get_new_cred(cred));
if (visible)
ret = trace_add_event_call(&user->call);
diff --git a/net/dns_resolver/dns_query.c b/net/dns_resolver/dns_query.c
index 297059b7e2a367f5e745aac4557cda5996689a00..f8749d688d6676dd83d0c4b8e83ca893f1bd4248 100644
--- a/net/dns_resolver/dns_query.c
+++ b/net/dns_resolver/dns_query.c
@@ -124,7 +124,7 @@ int dns_query(struct net *net,
/* make the upcall, using special credentials to prevent the use of
* add_key() to preinstall malicious redirections
*/
- saved_cred = override_creds_light(get_new_cred(dns_resolver_cache));
+ saved_cred = override_creds(get_new_cred(dns_resolver_cache));
rkey = request_key_net(&key_type_dns_resolver, desc, net, options);
put_cred(revert_creds_light(saved_cred));
kfree(desc);
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* [PATCH 06/26] tree-wide: s/revert_creds_light()/revert_creds()/g
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (4 preceding siblings ...)
2024-11-24 13:43 ` [PATCH 05/26] tree-wide: s/override_creds_light()/override_creds()/g Christian Brauner
@ 2024-11-24 13:43 ` Christian Brauner
2024-11-24 13:43 ` [PATCH 07/26] firmware: avoid pointless reference count bump Christian Brauner
` (22 subsequent siblings)
28 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:43 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
Rename all calls to revert_creds_light() back to revert_creds().
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
drivers/base/firmware_loader/main.c | 2 +-
drivers/crypto/ccp/sev-dev.c | 2 +-
drivers/target/target_core_configfs.c | 2 +-
fs/aio.c | 2 +-
fs/backing-file.c | 10 +++++-----
fs/binfmt_misc.c | 2 +-
fs/cachefiles/internal.h | 2 +-
fs/coredump.c | 2 +-
fs/nfs/localio.c | 4 ++--
fs/nfs/nfs4idmap.c | 2 +-
fs/nfsd/auth.c | 2 +-
fs/nfsd/filecache.c | 2 +-
fs/nfsd/nfs4recover.c | 2 +-
fs/open.c | 2 +-
fs/overlayfs/copy_up.c | 2 +-
fs/overlayfs/dir.c | 2 +-
fs/overlayfs/util.c | 2 +-
fs/smb/client/cifs_spnego.c | 2 +-
fs/smb/client/cifsacl.c | 4 ++--
fs/smb/server/smb_common.c | 2 +-
include/linux/cred.h | 2 +-
io_uring/io_uring.c | 2 +-
io_uring/sqpoll.c | 2 +-
kernel/acct.c | 2 +-
kernel/cgroup/cgroup.c | 2 +-
kernel/trace/trace_events_user.c | 2 +-
net/dns_resolver/dns_query.c | 2 +-
27 files changed, 33 insertions(+), 33 deletions(-)
diff --git a/drivers/base/firmware_loader/main.c b/drivers/base/firmware_loader/main.c
index 729df15600efb743091d7e1b71a306cdfa9acbf0..96a2c3011ca82148b4ba547764a1f92e252dbf5f 100644
--- a/drivers/base/firmware_loader/main.c
+++ b/drivers/base/firmware_loader/main.c
@@ -944,7 +944,7 @@ _request_firmware(const struct firmware **firmware_p, const char *name,
} else
ret = assign_fw(fw, device);
- put_cred(revert_creds_light(old_cred));
+ put_cred(revert_creds(old_cred));
put_cred(kern_cred);
out:
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index ffae20fd52bc03e7123b116251c77a3ccd7c6cde..187c34b02442dd50640f88713bc5f6f88a1990f4 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -249,7 +249,7 @@ static struct file *open_file_as_root(const char *filename, int flags, umode_t m
fp = file_open_root(&root, filename, flags, mode);
path_put(&root);
- put_cred(revert_creds_light(old_cred));
+ put_cred(revert_creds(old_cred));
return fp;
}
diff --git a/drivers/target/target_core_configfs.c b/drivers/target/target_core_configfs.c
index 7788e1fe2633ded4f265ff874c62dc4a21fd1b6e..ec7a5598719397da5cadfed12a05ca8eb81e46a9 100644
--- a/drivers/target/target_core_configfs.c
+++ b/drivers/target/target_core_configfs.c
@@ -3758,7 +3758,7 @@ static int __init target_core_init_configfs(void)
}
old_cred = override_creds(get_new_cred(kern_cred));
target_init_dbroot();
- put_cred(revert_creds_light(old_cred));
+ put_cred(revert_creds(old_cred));
put_cred(kern_cred);
return 0;
diff --git a/fs/aio.c b/fs/aio.c
index 7e0ec687f480c05358c6c40638a7e187aafd8124..5e57dcaed7f1ae1e4b38009b51a665954b31f5bd 100644
--- a/fs/aio.c
+++ b/fs/aio.c
@@ -1642,7 +1642,7 @@ static void aio_fsync_work(struct work_struct *work)
const struct cred *old_cred = override_creds(get_new_cred(iocb->fsync.creds));
iocb->ki_res.res = vfs_fsync(iocb->fsync.file, iocb->fsync.datasync);
- put_cred(revert_creds_light(old_cred));
+ put_cred(revert_creds(old_cred));
put_cred(iocb->fsync.creds);
iocb_put(iocb);
}
diff --git a/fs/backing-file.c b/fs/backing-file.c
index bcf8c0b9ff42e2dd30dc239bb2580942fe6c40a7..a38737592ec77b50fa4d417a98ca272ca5f89399 100644
--- a/fs/backing-file.c
+++ b/fs/backing-file.c
@@ -197,7 +197,7 @@ ssize_t backing_file_read_iter(struct file *file, struct iov_iter *iter,
backing_aio_cleanup(aio, ret);
}
out:
- revert_creds_light(old_cred);
+ revert_creds(old_cred);
if (ctx->accessed)
ctx->accessed(iocb->ki_filp);
@@ -264,7 +264,7 @@ ssize_t backing_file_write_iter(struct file *file, struct iov_iter *iter,
backing_aio_cleanup(aio, ret);
}
out:
- revert_creds_light(old_cred);
+ revert_creds(old_cred);
return ret;
}
@@ -283,7 +283,7 @@ ssize_t backing_file_splice_read(struct file *in, struct kiocb *iocb,
old_cred = override_creds(ctx->cred);
ret = vfs_splice_read(in, &iocb->ki_pos, pipe, len, flags);
- revert_creds_light(old_cred);
+ revert_creds(old_cred);
if (ctx->accessed)
ctx->accessed(iocb->ki_filp);
@@ -314,7 +314,7 @@ ssize_t backing_file_splice_write(struct pipe_inode_info *pipe,
file_start_write(out);
ret = out->f_op->splice_write(pipe, out, &iocb->ki_pos, len, flags);
file_end_write(out);
- revert_creds_light(old_cred);
+ revert_creds(old_cred);
if (ctx->end_write)
ctx->end_write(iocb, ret);
@@ -339,7 +339,7 @@ int backing_file_mmap(struct file *file, struct vm_area_struct *vma,
old_cred = override_creds(ctx->cred);
ret = call_mmap(vma->vm_file, vma);
- revert_creds_light(old_cred);
+ revert_creds(old_cred);
if (ctx->accessed)
ctx->accessed(vma->vm_file);
diff --git a/fs/binfmt_misc.c b/fs/binfmt_misc.c
index 63544051404a9ff5ec8a74c754c3acfbc91f3279..5692c512b740bb8f11d5da89a2e5f388aafebc13 100644
--- a/fs/binfmt_misc.c
+++ b/fs/binfmt_misc.c
@@ -828,7 +828,7 @@ static ssize_t bm_register_write(struct file *file, const char __user *buffer,
*/
old_cred = override_creds(get_new_cred(file->f_cred));
f = open_exec(e->interpreter);
- put_cred(revert_creds_light(old_cred));
+ put_cred(revert_creds(old_cred));
if (IS_ERR(f)) {
pr_notice("register: failed to install interpreter file %s\n",
e->interpreter);
diff --git a/fs/cachefiles/internal.h b/fs/cachefiles/internal.h
index 05b1d4cfb55afefd025c5f9c08afa81f67fdb9eb..1cfeb3b3831900b7c389c55c59fc7e3b84acfca6 100644
--- a/fs/cachefiles/internal.h
+++ b/fs/cachefiles/internal.h
@@ -399,7 +399,7 @@ static inline void cachefiles_begin_secure(struct cachefiles_cache *cache,
static inline void cachefiles_end_secure(struct cachefiles_cache *cache,
const struct cred *saved_cred)
{
- put_cred(revert_creds_light(saved_cred));
+ put_cred(revert_creds(saved_cred));
}
/*
diff --git a/fs/coredump.c b/fs/coredump.c
index 4eae37892da58e982b53da4596952a1b3d2e1630..0d3a65cac546db6710eb1337b0a9c4ec0ffff679 100644
--- a/fs/coredump.c
+++ b/fs/coredump.c
@@ -781,7 +781,7 @@ void do_coredump(const kernel_siginfo_t *siginfo)
kfree(argv);
kfree(cn.corename);
coredump_finish(core_dumped);
- put_cred(revert_creds_light(old_cred));
+ put_cred(revert_creds(old_cred));
fail_creds:
put_cred(cred);
fail:
diff --git a/fs/nfs/localio.c b/fs/nfs/localio.c
index 374c6e35c7b4969ef193b71510ee9a34c45bb815..cb0ba4a810324cc9a4913767ce5a9b4f52c416ac 100644
--- a/fs/nfs/localio.c
+++ b/fs/nfs/localio.c
@@ -381,7 +381,7 @@ static void nfs_local_call_read(struct work_struct *work)
nfs_local_read_done(iocb, status);
nfs_local_pgio_release(iocb);
- put_cred(revert_creds_light(save_cred));
+ put_cred(revert_creds(save_cred));
}
static int
@@ -554,7 +554,7 @@ static void nfs_local_call_write(struct work_struct *work)
nfs_local_vfs_getattr(iocb);
nfs_local_pgio_release(iocb);
- put_cred(revert_creds_light(save_cred));
+ put_cred(revert_creds(save_cred));
current->flags = old_flags;
}
diff --git a/fs/nfs/nfs4idmap.c b/fs/nfs/nfs4idmap.c
index 3cae4057f8ba30914a91a3d368ace8f52175644d..25b6a8920a6545d43f437f2f0330ccc35380ccc3 100644
--- a/fs/nfs/nfs4idmap.c
+++ b/fs/nfs/nfs4idmap.c
@@ -313,7 +313,7 @@ static ssize_t nfs_idmap_get_key(const char *name, size_t namelen,
saved_cred = override_creds(get_new_cred(id_resolver_cache));
rkey = nfs_idmap_request_key(name, namelen, type, idmap);
- put_cred(revert_creds_light(saved_cred));
+ put_cred(revert_creds(saved_cred));
if (IS_ERR(rkey)) {
ret = PTR_ERR(rkey);
diff --git a/fs/nfsd/auth.c b/fs/nfsd/auth.c
index dafea9183b4e6413d61c0c83a1b8f26a9712d5c6..c399a5f030afbde6ad7bc9cf28f1e354d74db9a8 100644
--- a/fs/nfsd/auth.c
+++ b/fs/nfsd/auth.c
@@ -27,7 +27,7 @@ int nfsd_setuser(struct svc_cred *cred, struct svc_export *exp)
int flags = nfsexp_flags(cred, exp);
/* discard any old override before preparing the new set */
- put_cred(revert_creds_light(get_cred(current_real_cred())));
+ put_cred(revert_creds(get_cred(current_real_cred())));
new = prepare_creds();
if (!new)
return -ENOMEM;
diff --git a/fs/nfsd/filecache.c b/fs/nfsd/filecache.c
index fef2b8eb3a94736cbe8342a95f205f173f598447..3ae9d8356d7de5190b4b038b1104b6d93d07eb65 100644
--- a/fs/nfsd/filecache.c
+++ b/fs/nfsd/filecache.c
@@ -1252,7 +1252,7 @@ nfsd_file_acquire_local(struct net *net, struct svc_cred *cred,
beres = nfsd_file_do_acquire(NULL, net, cred, client,
fhp, may_flags, NULL, pnf, true);
- put_cred(revert_creds_light(save_cred));
+ put_cred(revert_creds(save_cred));
return beres;
}
diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c
index 475c47f1c0afa2de56038bbb7cdd9fc5e583c8bd..2834091cc988b1403aa2908f69e336f2fe4e0922 100644
--- a/fs/nfsd/nfs4recover.c
+++ b/fs/nfsd/nfs4recover.c
@@ -89,7 +89,7 @@ nfs4_save_creds(const struct cred **original_creds)
static void
nfs4_reset_creds(const struct cred *original)
{
- put_cred(revert_creds_light(original));
+ put_cred(revert_creds(original));
}
static void
diff --git a/fs/open.c b/fs/open.c
index bd0a34653f0ebe210ddfeabf5ea3bc002bf2833d..0a5cd8e74fb9bb4cc484d84096c6123b21acbf16 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -523,7 +523,7 @@ static long do_faccessat(int dfd, const char __user *filename, int mode, int fla
}
out:
if (old_cred)
- put_cred(revert_creds_light(old_cred));
+ put_cred(revert_creds(old_cred));
return res;
}
diff --git a/fs/overlayfs/copy_up.c b/fs/overlayfs/copy_up.c
index 7805667b2e05264c011cd41ff6f77b9ae0fb30d9..439bd9a5ceecc4d2f4dc5dfda7cea14c3d9411ba 100644
--- a/fs/overlayfs/copy_up.c
+++ b/fs/overlayfs/copy_up.c
@@ -749,7 +749,7 @@ static int ovl_prep_cu_creds(struct dentry *dentry, struct ovl_cu_creds *cc)
static void ovl_revert_cu_creds(struct ovl_cu_creds *cc)
{
if (cc->new) {
- put_cred(revert_creds_light(cc->old));
+ put_cred(revert_creds(cc->old));
put_cred(cc->new);
}
}
diff --git a/fs/overlayfs/dir.c b/fs/overlayfs/dir.c
index 151271f0586c7249cfa61cd45d249ec930adaf82..c9993ff66fc26ec45ab5a5b4679d1d2056a01df2 100644
--- a/fs/overlayfs/dir.c
+++ b/fs/overlayfs/dir.c
@@ -575,7 +575,7 @@ static const struct cred *ovl_setup_cred_for_create(struct dentry *dentry,
}
/*
- * Caller is going to match this with revert_creds_light() and drop
+ * Caller is going to match this with revert_creds() and drop
* referenec on the returned creds.
* We must be called with creator creds already, otherwise we risk
* leaking creds.
diff --git a/fs/overlayfs/util.c b/fs/overlayfs/util.c
index 2513a79a10b0bd69fa9d1c8a0f4726f3246ac39c..0819c739cc2ffce0dfefa84d3ff8f9f103eec191 100644
--- a/fs/overlayfs/util.c
+++ b/fs/overlayfs/util.c
@@ -70,7 +70,7 @@ const struct cred *ovl_override_creds(struct super_block *sb)
void ovl_revert_creds(const struct cred *old_cred)
{
- revert_creds_light(old_cred);
+ revert_creds(old_cred);
}
/*
diff --git a/fs/smb/client/cifs_spnego.c b/fs/smb/client/cifs_spnego.c
index f22dc0be357fa03cecc524976de5c69fddeef1ca..6284d924fdb1e25e07af7e10b6286df97c0942dd 100644
--- a/fs/smb/client/cifs_spnego.c
+++ b/fs/smb/client/cifs_spnego.c
@@ -175,7 +175,7 @@ cifs_get_spnego_key(struct cifs_ses *sesInfo,
cifs_dbg(FYI, "key description = %s\n", description);
saved_cred = override_creds(get_new_cred(spnego_cred));
spnego_key = request_key(&cifs_spnego_key_type, description, "");
- put_cred(revert_creds_light(saved_cred));
+ put_cred(revert_creds(saved_cred));
#ifdef CONFIG_CIFS_DEBUG2
if (cifsFYI && !IS_ERR(spnego_key)) {
diff --git a/fs/smb/client/cifsacl.c b/fs/smb/client/cifsacl.c
index d65e094b97cb2b1bd1c79d1959443fd8cae93f8f..5718906369a96fc80bee6a472f93bac1159f1709 100644
--- a/fs/smb/client/cifsacl.c
+++ b/fs/smb/client/cifsacl.c
@@ -327,7 +327,7 @@ id_to_sid(unsigned int cid, uint sidtype, struct smb_sid *ssid)
out_key_put:
key_put(sidkey);
out_revert_creds:
- put_cred(revert_creds_light(saved_cred));
+ put_cred(revert_creds(saved_cred));
return rc;
invalidate_key:
@@ -438,7 +438,7 @@ sid_to_id(struct cifs_sb_info *cifs_sb, struct smb_sid *psid,
out_key_put:
key_put(sidkey);
out_revert_creds:
- put_cred(revert_creds_light(saved_cred));
+ put_cred(revert_creds(saved_cred));
kfree(sidstr);
/*
diff --git a/fs/smb/server/smb_common.c b/fs/smb/server/smb_common.c
index f09652bcca542464ed2f27fce9e912f797410612..f1d770a214c8b2c7d7dd4083ef57c7130bbce52c 100644
--- a/fs/smb/server/smb_common.c
+++ b/fs/smb/server/smb_common.c
@@ -800,7 +800,7 @@ void ksmbd_revert_fsids(struct ksmbd_work *work)
WARN_ON(!work->saved_cred);
cred = current_cred();
- put_cred(revert_creds_light(work->saved_cred));
+ put_cred(revert_creds(work->saved_cred));
put_cred(cred);
work->saved_cred = NULL;
}
diff --git a/include/linux/cred.h b/include/linux/cred.h
index a049993d22cca4e122091309f11fbc9e10d2e955..7ce1551c8aa7b7e000dffbd49ba6b27530ebc9ef 100644
--- a/include/linux/cred.h
+++ b/include/linux/cred.h
@@ -178,7 +178,7 @@ static inline const struct cred *override_creds(const struct cred *override_cred
return old;
}
-static inline const struct cred *revert_creds_light(const struct cred *revert_cred)
+static inline const struct cred *revert_creds(const struct cred *revert_cred)
{
const struct cred *override_cred = current->cred;
diff --git a/io_uring/io_uring.c b/io_uring/io_uring.c
index 946df208e7741a0e2e11eff2ee0b8978bcea7c3c..ad4d8e94a8665cf5f3e9ea0fd9bc6c03a03cc48f 100644
--- a/io_uring/io_uring.c
+++ b/io_uring/io_uring.c
@@ -1715,7 +1715,7 @@ static int io_issue_sqe(struct io_kiocb *req, unsigned int issue_flags)
audit_uring_exit(!ret, ret);
if (creds)
- put_cred(revert_creds_light(creds));
+ put_cred(revert_creds(creds));
if (ret == IOU_OK) {
if (issue_flags & IO_URING_F_COMPLETE_DEFER)
diff --git a/io_uring/sqpoll.c b/io_uring/sqpoll.c
index 0fd424442118f38db0307fe10e0c6ee102c1f185..1ca96347433695de1eb0e3bec7c6da4299e9ceb0 100644
--- a/io_uring/sqpoll.c
+++ b/io_uring/sqpoll.c
@@ -192,7 +192,7 @@ static int __io_sq_thread(struct io_ring_ctx *ctx, bool cap_entries)
if (to_submit && wq_has_sleeper(&ctx->sqo_sq_wait))
wake_up(&ctx->sqo_sq_wait);
if (creds)
- put_cred(revert_creds_light(creds));
+ put_cred(revert_creds(creds));
}
return ret;
diff --git a/kernel/acct.c b/kernel/acct.c
index a51a3b483fd9d94da916dc4e052ef4ab1042a39f..ea8c94887b5853b10e7a7e632f7b0bc4d52ab10b 100644
--- a/kernel/acct.c
+++ b/kernel/acct.c
@@ -541,7 +541,7 @@ static void do_acct_process(struct bsd_acct_struct *acct)
}
out:
current->signal->rlim[RLIMIT_FSIZE].rlim_cur = flim;
- put_cred(revert_creds_light(orig_cred));
+ put_cred(revert_creds(orig_cred));
}
/**
diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
index 2d618b577e52e0117f77340dac79581882599578..1a94e8b154beeed45d69056917f3dd9fc6d950fa 100644
--- a/kernel/cgroup/cgroup.c
+++ b/kernel/cgroup/cgroup.c
@@ -5220,7 +5220,7 @@ static ssize_t __cgroup_procs_write(struct kernfs_open_file *of, char *buf,
ret = cgroup_attach_permissions(src_cgrp, dst_cgrp,
of->file->f_path.dentry->d_sb,
threadgroup, ctx->ns);
- put_cred(revert_creds_light(saved_cred));
+ put_cred(revert_creds(saved_cred));
if (ret)
goto out_finish;
diff --git a/kernel/trace/trace_events_user.c b/kernel/trace/trace_events_user.c
index 857124d81f1255e7e6b4d18009b53191a71b57fc..c54ae15f425c2c1dad3f8c776027beca2f00a0a5 100644
--- a/kernel/trace/trace_events_user.c
+++ b/kernel/trace/trace_events_user.c
@@ -1476,7 +1476,7 @@ static int user_event_set_call_visible(struct user_event *user, bool visible)
else
ret = trace_remove_event_call(&user->call);
- put_cred(revert_creds_light(old_cred));
+ put_cred(revert_creds(old_cred));
put_cred(cred);
return ret;
diff --git a/net/dns_resolver/dns_query.c b/net/dns_resolver/dns_query.c
index f8749d688d6676dd83d0c4b8e83ca893f1bd4248..0b0789fe2194151102d5234aca3fc2dae9a1ed69 100644
--- a/net/dns_resolver/dns_query.c
+++ b/net/dns_resolver/dns_query.c
@@ -126,7 +126,7 @@ int dns_query(struct net *net,
*/
saved_cred = override_creds(get_new_cred(dns_resolver_cache));
rkey = request_key_net(&key_type_dns_resolver, desc, net, options);
- put_cred(revert_creds_light(saved_cred));
+ put_cred(revert_creds(saved_cred));
kfree(desc);
if (IS_ERR(rkey)) {
ret = PTR_ERR(rkey);
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* [PATCH 07/26] firmware: avoid pointless reference count bump
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (5 preceding siblings ...)
2024-11-24 13:43 ` [PATCH 06/26] tree-wide: s/revert_creds_light()/revert_creds()/g Christian Brauner
@ 2024-11-24 13:43 ` Christian Brauner
2024-11-24 14:56 ` Amir Goldstein
2024-11-24 13:43 ` [PATCH 08/26] sev-dev: avoid pointless cred " Christian Brauner
` (21 subsequent siblings)
28 siblings, 1 reply; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:43 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
The creds are allocated via prepare_kernel_cred() which has already
taken a reference.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
drivers/base/firmware_loader/main.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/base/firmware_loader/main.c b/drivers/base/firmware_loader/main.c
index 96a2c3011ca82148b4ba547764a1f92e252dbf5f..740ef6223a62ca37e776d1558f840f09c7c46c95 100644
--- a/drivers/base/firmware_loader/main.c
+++ b/drivers/base/firmware_loader/main.c
@@ -912,7 +912,7 @@ _request_firmware(const struct firmware **firmware_p, const char *name,
ret = -ENOMEM;
goto out;
}
- old_cred = override_creds(get_new_cred(kern_cred));
+ old_cred = override_creds(kern_cred);
ret = fw_get_filesystem_firmware(device, fw->priv, "", NULL);
@@ -945,7 +945,6 @@ _request_firmware(const struct firmware **firmware_p, const char *name,
ret = assign_fw(fw, device);
put_cred(revert_creds(old_cred));
- put_cred(kern_cred);
out:
if (ret < 0) {
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* Re: [PATCH 07/26] firmware: avoid pointless reference count bump
2024-11-24 13:43 ` [PATCH 07/26] firmware: avoid pointless reference count bump Christian Brauner
@ 2024-11-24 14:56 ` Amir Goldstein
0 siblings, 0 replies; 53+ messages in thread
From: Amir Goldstein @ 2024-11-24 14:56 UTC (permalink / raw)
To: Christian Brauner
Cc: Linus Torvalds, Miklos Szeredi, linux-kernel, linux-fsdevel
On Sun, Nov 24, 2024 at 2:44 PM Christian Brauner <brauner@kernel.org> wrote:
>
> The creds are allocated via prepare_kernel_cred() which has already
> taken a reference.
>
> Signed-off-by: Christian Brauner <brauner@kernel.org>
> ---
> drivers/base/firmware_loader/main.c | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/drivers/base/firmware_loader/main.c b/drivers/base/firmware_loader/main.c
> index 96a2c3011ca82148b4ba547764a1f92e252dbf5f..740ef6223a62ca37e776d1558f840f09c7c46c95 100644
> --- a/drivers/base/firmware_loader/main.c
> +++ b/drivers/base/firmware_loader/main.c
> @@ -912,7 +912,7 @@ _request_firmware(const struct firmware **firmware_p, const char *name,
> ret = -ENOMEM;
> goto out;
> }
> - old_cred = override_creds(get_new_cred(kern_cred));
> + old_cred = override_creds(kern_cred);
>
> ret = fw_get_filesystem_firmware(device, fw->priv, "", NULL);
>
> @@ -945,7 +945,6 @@ _request_firmware(const struct firmware **firmware_p, const char *name,
> ret = assign_fw(fw, device);
>
> put_cred(revert_creds(old_cred));
> - put_cred(kern_cred);
This may seem like nit picking, but I think that:
revert_creds(old_cred));
put_cred(kern_cred);
Is nicer. It is more balanced and it is more consistent with the majority of
patches in this series which in a balanced manner remove both the
get_new_cred from the override_creds line and the put_cred from the
revert_creds line.
If someone wanted to, both old_cred and kern_cred could be converted
to use scoped cleanup handlers. This is more apparent when the cleanup
is explicit on the local kern_cred var.
The same comment applies to a few other patches in this series.
Thanks,
Amir.
^ permalink raw reply [flat|nested] 53+ messages in thread
* [PATCH 08/26] sev-dev: avoid pointless cred reference count bump
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (6 preceding siblings ...)
2024-11-24 13:43 ` [PATCH 07/26] firmware: avoid pointless reference count bump Christian Brauner
@ 2024-11-24 13:43 ` Christian Brauner
2024-11-24 18:19 ` Al Viro
2024-11-24 13:43 ` [PATCH 09/26] target_core_configfs: " Christian Brauner
` (20 subsequent siblings)
28 siblings, 1 reply; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:43 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
and fix a memory leak while at it. The new creds are created via
prepare_creds() and then reverted via put_cred(revert_creds()). The
additional reference count bump from override_creds() wasn't even taken
into account before.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
drivers/crypto/ccp/sev-dev.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index 187c34b02442dd50640f88713bc5f6f88a1990f4..2e87ca0e292a1c1706a8e878285159b481b68a6f 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -244,7 +244,7 @@ static struct file *open_file_as_root(const char *filename, int flags, umode_t m
if (!cred)
return ERR_PTR(-ENOMEM);
cred->fsuid = GLOBAL_ROOT_UID;
- old_cred = override_creds(get_new_cred(cred));
+ old_cred = override_creds(cred);
fp = file_open_root(&root, filename, flags, mode);
path_put(&root);
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* Re: [PATCH 08/26] sev-dev: avoid pointless cred reference count bump
2024-11-24 13:43 ` [PATCH 08/26] sev-dev: avoid pointless cred " Christian Brauner
@ 2024-11-24 18:19 ` Al Viro
0 siblings, 0 replies; 53+ messages in thread
From: Al Viro @ 2024-11-24 18:19 UTC (permalink / raw)
To: Christian Brauner
Cc: Linus Torvalds, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
On Sun, Nov 24, 2024 at 02:43:54PM +0100, Christian Brauner wrote:
> drivers/crypto/ccp/sev-dev.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
> index 187c34b02442dd50640f88713bc5f6f88a1990f4..2e87ca0e292a1c1706a8e878285159b481b68a6f 100644
> --- a/drivers/crypto/ccp/sev-dev.c
> +++ b/drivers/crypto/ccp/sev-dev.c
> @@ -244,7 +244,7 @@ static struct file *open_file_as_root(const char *filename, int flags, umode_t m
> if (!cred)
> return ERR_PTR(-ENOMEM);
> cred->fsuid = GLOBAL_ROOT_UID;
> - old_cred = override_creds(get_new_cred(cred));
> + old_cred = override_creds(cred);
>
> fp = file_open_root(&root, filename, flags, mode);
> path_put(&root);
Looks sane, but the use of file reads/writes in there does not.
At the very least, this
nwrite = kernel_write(fp, sev_init_ex_buffer, NV_LENGTH, &offset);
vfs_fsync(fp, 0);
filp_close(fp, NULL);
if (nwrite != NV_LENGTH) {
dev_err(sev->dev,
"SEV: failed to write %u bytes to non volatile memory area, ret %ld\n",
NV_LENGTH, nwrite);
return -EIO;
}
is either too much or too little - if it's serious about reporting errors,
it would better check what fsync and close return...
Oh, well - unrelated to your patchset, obviously
^ permalink raw reply [flat|nested] 53+ messages in thread
* [PATCH 09/26] target_core_configfs: avoid pointless cred reference count bump
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (7 preceding siblings ...)
2024-11-24 13:43 ` [PATCH 08/26] sev-dev: avoid pointless cred " Christian Brauner
@ 2024-11-24 13:43 ` Christian Brauner
2024-11-24 18:26 ` Al Viro
2024-11-24 13:43 ` [PATCH 10/26] aio: " Christian Brauner
` (19 subsequent siblings)
28 siblings, 1 reply; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:43 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
The creds are allocated via prepare_kernel_cred() which has already
taken a reference.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
drivers/target/target_core_configfs.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/target/target_core_configfs.c b/drivers/target/target_core_configfs.c
index ec7a5598719397da5cadfed12a05ca8eb81e46a9..d102ab79c56dd7977465f7455749e6e7a2c9fba1 100644
--- a/drivers/target/target_core_configfs.c
+++ b/drivers/target/target_core_configfs.c
@@ -3756,10 +3756,9 @@ static int __init target_core_init_configfs(void)
ret = -ENOMEM;
goto out;
}
- old_cred = override_creds(get_new_cred(kern_cred));
+ old_cred = override_creds(kern_cred);
target_init_dbroot();
put_cred(revert_creds(old_cred));
- put_cred(kern_cred);
return 0;
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* Re: [PATCH 09/26] target_core_configfs: avoid pointless cred reference count bump
2024-11-24 13:43 ` [PATCH 09/26] target_core_configfs: " Christian Brauner
@ 2024-11-24 18:26 ` Al Viro
2024-11-25 11:31 ` Christian Brauner
0 siblings, 1 reply; 53+ messages in thread
From: Al Viro @ 2024-11-24 18:26 UTC (permalink / raw)
To: Christian Brauner
Cc: Linus Torvalds, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
On Sun, Nov 24, 2024 at 02:43:55PM +0100, Christian Brauner wrote:
> The creds are allocated via prepare_kernel_cred() which has already
> taken a reference.
>
> Signed-off-by: Christian Brauner <brauner@kernel.org>
> ---
> drivers/target/target_core_configfs.c | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/drivers/target/target_core_configfs.c b/drivers/target/target_core_configfs.c
> index ec7a5598719397da5cadfed12a05ca8eb81e46a9..d102ab79c56dd7977465f7455749e6e7a2c9fba1 100644
> --- a/drivers/target/target_core_configfs.c
> +++ b/drivers/target/target_core_configfs.c
> @@ -3756,10 +3756,9 @@ static int __init target_core_init_configfs(void)
> ret = -ENOMEM;
> goto out;
> }
> - old_cred = override_creds(get_new_cred(kern_cred));
> + old_cred = override_creds(kern_cred);
> target_init_dbroot();
> put_cred(revert_creds(old_cred));
> - put_cred(kern_cred);
FWIW, I agree with Amir -
revert_creds(old_cred);
put_cred(kern_cred);
might be easier to follow. In effect, you have two scopes here -
from prepare_kernel_cred() to put_cred() and, nested in it,
from override_creds() to revert_creds().
I'm not saying that __cleanup() is the right tool in those cases,
but the closing brackets of those scopes would be better off
separated.
^ permalink raw reply [flat|nested] 53+ messages in thread
* Re: [PATCH 09/26] target_core_configfs: avoid pointless cred reference count bump
2024-11-24 18:26 ` Al Viro
@ 2024-11-25 11:31 ` Christian Brauner
0 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-25 11:31 UTC (permalink / raw)
To: Al Viro
Cc: Linus Torvalds, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
On Sun, Nov 24, 2024 at 06:26:12PM +0000, Al Viro wrote:
> On Sun, Nov 24, 2024 at 02:43:55PM +0100, Christian Brauner wrote:
> > The creds are allocated via prepare_kernel_cred() which has already
> > taken a reference.
> >
> > Signed-off-by: Christian Brauner <brauner@kernel.org>
> > ---
> > drivers/target/target_core_configfs.c | 3 +--
> > 1 file changed, 1 insertion(+), 2 deletions(-)
> >
> > diff --git a/drivers/target/target_core_configfs.c b/drivers/target/target_core_configfs.c
> > index ec7a5598719397da5cadfed12a05ca8eb81e46a9..d102ab79c56dd7977465f7455749e6e7a2c9fba1 100644
> > --- a/drivers/target/target_core_configfs.c
> > +++ b/drivers/target/target_core_configfs.c
> > @@ -3756,10 +3756,9 @@ static int __init target_core_init_configfs(void)
> > ret = -ENOMEM;
> > goto out;
> > }
> > - old_cred = override_creds(get_new_cred(kern_cred));
> > + old_cred = override_creds(kern_cred);
> > target_init_dbroot();
> > put_cred(revert_creds(old_cred));
> > - put_cred(kern_cred);
>
> FWIW, I agree with Amir -
> revert_creds(old_cred);
> put_cred(kern_cred);
Ok, done.
^ permalink raw reply [flat|nested] 53+ messages in thread
* [PATCH 10/26] aio: avoid pointless cred reference count bump
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (8 preceding siblings ...)
2024-11-24 13:43 ` [PATCH 09/26] target_core_configfs: " Christian Brauner
@ 2024-11-24 13:43 ` Christian Brauner
2024-11-24 13:43 ` [PATCH 11/26] binfmt_misc: " Christian Brauner
` (18 subsequent siblings)
28 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:43 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
No need for the extra reference count bump.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
fs/aio.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/fs/aio.c b/fs/aio.c
index 5e57dcaed7f1ae1e4b38009b51a665954b31f5bd..98eb0f5d0ee49c564d87f9050d304c5a99130445 100644
--- a/fs/aio.c
+++ b/fs/aio.c
@@ -1639,11 +1639,10 @@ static int aio_write(struct kiocb *req, const struct iocb *iocb,
static void aio_fsync_work(struct work_struct *work)
{
struct aio_kiocb *iocb = container_of(work, struct aio_kiocb, fsync.work);
- const struct cred *old_cred = override_creds(get_new_cred(iocb->fsync.creds));
+ const struct cred *old_cred = override_creds(iocb->fsync.creds);
iocb->ki_res.res = vfs_fsync(iocb->fsync.file, iocb->fsync.datasync);
put_cred(revert_creds(old_cred));
- put_cred(iocb->fsync.creds);
iocb_put(iocb);
}
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* [PATCH 11/26] binfmt_misc: avoid pointless cred reference count bump
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (9 preceding siblings ...)
2024-11-24 13:43 ` [PATCH 10/26] aio: " Christian Brauner
@ 2024-11-24 13:43 ` Christian Brauner
2024-11-24 13:43 ` [PATCH 12/26] coredump: " Christian Brauner
` (17 subsequent siblings)
28 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:43 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
No need for the extra reference count bump.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
fs/binfmt_misc.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/binfmt_misc.c b/fs/binfmt_misc.c
index 5692c512b740bb8f11d5da89a2e5f388aafebc13..31660d8cc2c610bd42f00f1de7ed6c39618cc5db 100644
--- a/fs/binfmt_misc.c
+++ b/fs/binfmt_misc.c
@@ -826,9 +826,9 @@ static ssize_t bm_register_write(struct file *file, const char __user *buffer,
* didn't matter much as only a privileged process could open
* the register file.
*/
- old_cred = override_creds(get_new_cred(file->f_cred));
+ old_cred = override_creds(file->f_cred);
f = open_exec(e->interpreter);
- put_cred(revert_creds(old_cred));
+ revert_creds(old_cred);
if (IS_ERR(f)) {
pr_notice("register: failed to install interpreter file %s\n",
e->interpreter);
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* [PATCH 12/26] coredump: avoid pointless cred reference count bump
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (10 preceding siblings ...)
2024-11-24 13:43 ` [PATCH 11/26] binfmt_misc: " Christian Brauner
@ 2024-11-24 13:43 ` Christian Brauner
2024-11-24 13:43 ` [PATCH 13/26] nfs/localio: avoid pointless cred reference count bumps Christian Brauner
` (16 subsequent siblings)
28 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:43 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
The creds are allocated via prepare_creds() which has already taken a
reference.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
fs/coredump.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/coredump.c b/fs/coredump.c
index 0d3a65cac546db6710eb1337b0a9c4ec0ffff679..d48edb37bc35c0896d97a2f6a6cc259d8812f936 100644
--- a/fs/coredump.c
+++ b/fs/coredump.c
@@ -576,7 +576,7 @@ void do_coredump(const kernel_siginfo_t *siginfo)
if (retval < 0)
goto fail_creds;
- old_cred = override_creds(get_new_cred(cred));
+ old_cred = override_creds(cred);
ispipe = format_corename(&cn, &cprm, &argv, &argc);
@@ -781,7 +781,7 @@ void do_coredump(const kernel_siginfo_t *siginfo)
kfree(argv);
kfree(cn.corename);
coredump_finish(core_dumped);
- put_cred(revert_creds(old_cred));
+ revert_creds(old_cred);
fail_creds:
put_cred(cred);
fail:
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* [PATCH 13/26] nfs/localio: avoid pointless cred reference count bumps
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (11 preceding siblings ...)
2024-11-24 13:43 ` [PATCH 12/26] coredump: " Christian Brauner
@ 2024-11-24 13:43 ` Christian Brauner
2024-11-24 13:44 ` [PATCH 14/26] nfs/nfs4idmap: avoid pointless reference count bump Christian Brauner
` (15 subsequent siblings)
28 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:43 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
No need for the extra reference count bump.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
fs/nfs/localio.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/fs/nfs/localio.c b/fs/nfs/localio.c
index cb0ba4a810324cc9a4913767ce5a9b4f52c416ac..8f0ce82a677e1589092a30240d6e60a289d64a58 100644
--- a/fs/nfs/localio.c
+++ b/fs/nfs/localio.c
@@ -371,7 +371,7 @@ static void nfs_local_call_read(struct work_struct *work)
struct iov_iter iter;
ssize_t status;
- save_cred = override_creds(get_new_cred(filp->f_cred));
+ save_cred = override_creds(filp->f_cred);
nfs_local_iter_init(&iter, iocb, READ);
@@ -381,7 +381,7 @@ static void nfs_local_call_read(struct work_struct *work)
nfs_local_read_done(iocb, status);
nfs_local_pgio_release(iocb);
- put_cred(revert_creds(save_cred));
+ revert_creds(save_cred);
}
static int
@@ -541,7 +541,7 @@ static void nfs_local_call_write(struct work_struct *work)
ssize_t status;
current->flags |= PF_LOCAL_THROTTLE | PF_MEMALLOC_NOIO;
- save_cred = override_creds(get_new_cred(filp->f_cred));
+ save_cred = override_creds(filp->f_cred);
nfs_local_iter_init(&iter, iocb, WRITE);
@@ -554,7 +554,7 @@ static void nfs_local_call_write(struct work_struct *work)
nfs_local_vfs_getattr(iocb);
nfs_local_pgio_release(iocb);
- put_cred(revert_creds(save_cred));
+ revert_creds(save_cred);
current->flags = old_flags;
}
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* [PATCH 14/26] nfs/nfs4idmap: avoid pointless reference count bump
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (12 preceding siblings ...)
2024-11-24 13:43 ` [PATCH 13/26] nfs/localio: avoid pointless cred reference count bumps Christian Brauner
@ 2024-11-24 13:44 ` Christian Brauner
2024-11-24 13:44 ` [PATCH 15/26] nfs/nfs4recover: avoid pointless cred " Christian Brauner
` (14 subsequent siblings)
28 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:44 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
No need for the extra reference count bump.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
fs/nfs/nfs4idmap.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/nfs/nfs4idmap.c b/fs/nfs/nfs4idmap.c
index 25b6a8920a6545d43f437f2f0330ccc35380ccc3..25a7c771cfd89f3e6d494f26a78212d3d619c135 100644
--- a/fs/nfs/nfs4idmap.c
+++ b/fs/nfs/nfs4idmap.c
@@ -311,9 +311,9 @@ static ssize_t nfs_idmap_get_key(const char *name, size_t namelen,
const struct user_key_payload *payload;
ssize_t ret;
- saved_cred = override_creds(get_new_cred(id_resolver_cache));
+ saved_cred = override_creds(id_resolver_cache);
rkey = nfs_idmap_request_key(name, namelen, type, idmap);
- put_cred(revert_creds(saved_cred));
+ revert_creds(saved_cred);
if (IS_ERR(rkey)) {
ret = PTR_ERR(rkey);
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* [PATCH 15/26] nfs/nfs4recover: avoid pointless cred reference count bump
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (13 preceding siblings ...)
2024-11-24 13:44 ` [PATCH 14/26] nfs/nfs4idmap: avoid pointless reference count bump Christian Brauner
@ 2024-11-24 13:44 ` Christian Brauner
2024-11-25 13:10 ` Chuck Lever
2024-11-24 13:44 ` [PATCH 16/26] nfsfh: " Christian Brauner
` (13 subsequent siblings)
28 siblings, 1 reply; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:44 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
No need for the extra reference count bump.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
fs/nfsd/nfs4recover.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c
index 2834091cc988b1403aa2908f69e336f2fe4e0922..5b1d36b26f93450bb14d1d922feeeb6c35399fd5 100644
--- a/fs/nfsd/nfs4recover.c
+++ b/fs/nfsd/nfs4recover.c
@@ -81,8 +81,7 @@ nfs4_save_creds(const struct cred **original_creds)
new->fsuid = GLOBAL_ROOT_UID;
new->fsgid = GLOBAL_ROOT_GID;
- *original_creds = override_creds(get_new_cred(new));
- put_cred(new);
+ *original_creds = override_creds(new);
return 0;
}
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* Re: [PATCH 15/26] nfs/nfs4recover: avoid pointless cred reference count bump
2024-11-24 13:44 ` [PATCH 15/26] nfs/nfs4recover: avoid pointless cred " Christian Brauner
@ 2024-11-25 13:10 ` Chuck Lever
0 siblings, 0 replies; 53+ messages in thread
From: Chuck Lever @ 2024-11-25 13:10 UTC (permalink / raw)
To: Christian Brauner
Cc: Linus Torvalds, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
On Sun, Nov 24, 2024 at 02:44:01PM +0100, Christian Brauner wrote:
> No need for the extra reference count bump.
>
> Signed-off-by: Christian Brauner <brauner@kernel.org>
> ---
> fs/nfsd/nfs4recover.c | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c
> index 2834091cc988b1403aa2908f69e336f2fe4e0922..5b1d36b26f93450bb14d1d922feeeb6c35399fd5 100644
> --- a/fs/nfsd/nfs4recover.c
> +++ b/fs/nfsd/nfs4recover.c
> @@ -81,8 +81,7 @@ nfs4_save_creds(const struct cred **original_creds)
>
> new->fsuid = GLOBAL_ROOT_UID;
> new->fsgid = GLOBAL_ROOT_GID;
> - *original_creds = override_creds(get_new_cred(new));
> - put_cred(new);
> + *original_creds = override_creds(new);
> return 0;
> }
>
>
> --
> 2.45.2
>
>
Acked-by: Chuck Lever <chuck.lever@oracle.com>
--
Chuck Lever
^ permalink raw reply [flat|nested] 53+ messages in thread
* [PATCH 16/26] nfsfh: avoid pointless cred reference count bump
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (14 preceding siblings ...)
2024-11-24 13:44 ` [PATCH 15/26] nfs/nfs4recover: avoid pointless cred " Christian Brauner
@ 2024-11-24 13:44 ` Christian Brauner
2024-11-25 13:11 ` Chuck Lever
2024-11-24 13:44 ` [PATCH 17/26] open: " Christian Brauner
` (12 subsequent siblings)
28 siblings, 1 reply; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:44 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
No need for the extra reference count bump.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
fs/nfsd/nfsfh.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/fs/nfsd/nfsfh.c b/fs/nfsd/nfsfh.c
index 60b0275d5529d49ac87e8b89e4eb650ecd624f71..ef925d96078397a5bc0d0842dbafa44a5a49f358 100644
--- a/fs/nfsd/nfsfh.c
+++ b/fs/nfsd/nfsfh.c
@@ -221,8 +221,7 @@ static __be32 nfsd_set_fh_dentry(struct svc_rqst *rqstp, struct net *net,
new->cap_effective =
cap_raise_nfsd_set(new->cap_effective,
new->cap_permitted);
- put_cred(override_creds(get_new_cred(new)));
- put_cred(new);
+ put_cred(override_creds(new));
} else {
error = nfsd_setuser_and_check_port(rqstp, cred, exp);
if (error)
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* Re: [PATCH 16/26] nfsfh: avoid pointless cred reference count bump
2024-11-24 13:44 ` [PATCH 16/26] nfsfh: " Christian Brauner
@ 2024-11-25 13:11 ` Chuck Lever
0 siblings, 0 replies; 53+ messages in thread
From: Chuck Lever @ 2024-11-25 13:11 UTC (permalink / raw)
To: Christian Brauner
Cc: Linus Torvalds, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
On Sun, Nov 24, 2024 at 02:44:02PM +0100, Christian Brauner wrote:
> No need for the extra reference count bump.
>
> Signed-off-by: Christian Brauner <brauner@kernel.org>
> ---
> fs/nfsd/nfsfh.c | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/fs/nfsd/nfsfh.c b/fs/nfsd/nfsfh.c
> index 60b0275d5529d49ac87e8b89e4eb650ecd624f71..ef925d96078397a5bc0d0842dbafa44a5a49f358 100644
> --- a/fs/nfsd/nfsfh.c
> +++ b/fs/nfsd/nfsfh.c
> @@ -221,8 +221,7 @@ static __be32 nfsd_set_fh_dentry(struct svc_rqst *rqstp, struct net *net,
> new->cap_effective =
> cap_raise_nfsd_set(new->cap_effective,
> new->cap_permitted);
> - put_cred(override_creds(get_new_cred(new)));
> - put_cred(new);
> + put_cred(override_creds(new));
> } else {
> error = nfsd_setuser_and_check_port(rqstp, cred, exp);
> if (error)
>
> --
> 2.45.2
>
>
Acked-by: Chuck Lever <chuck.lever@oracle.com>
--
Chuck Lever
^ permalink raw reply [flat|nested] 53+ messages in thread
* [PATCH 17/26] open: avoid pointless cred reference count bump
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (15 preceding siblings ...)
2024-11-24 13:44 ` [PATCH 16/26] nfsfh: " Christian Brauner
@ 2024-11-24 13:44 ` Christian Brauner
2024-11-24 13:44 ` [PATCH 18/26] ovl: " Christian Brauner
` (11 subsequent siblings)
28 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:44 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
No need for the extra reference count bump.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
fs/open.c | 8 +-------
1 file changed, 1 insertion(+), 7 deletions(-)
diff --git a/fs/open.c b/fs/open.c
index 0a5cd8e74fb9bb4cc484d84096c6123b21acbf16..74ee5e02d68c590475f18f099b188f052f17f555 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -447,13 +447,7 @@ static const struct cred *access_override_creds(void)
* freeing.
*/
override_cred->non_rcu = 1;
-
- old_cred = override_creds(get_new_cred(override_cred));
-
- /* override_cred() gets its own ref */
- put_cred(override_cred);
-
- return old_cred;
+ return override_creds(override_cred);
}
static long do_faccessat(int dfd, const char __user *filename, int mode, int flags)
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* [PATCH 18/26] ovl: avoid pointless cred reference count bump
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (16 preceding siblings ...)
2024-11-24 13:44 ` [PATCH 17/26] open: " Christian Brauner
@ 2024-11-24 13:44 ` Christian Brauner
2024-11-24 14:59 ` Amir Goldstein
2024-11-24 13:44 ` [PATCH 19/26] cifs: " Christian Brauner
` (10 subsequent siblings)
28 siblings, 1 reply; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:44 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
No need for the extra reference count bump.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
fs/overlayfs/copy_up.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/fs/overlayfs/copy_up.c b/fs/overlayfs/copy_up.c
index 439bd9a5ceecc4d2f4dc5dfda7cea14c3d9411ba..39f08531abc7e99c32e709a46988939f072a9abe 100644
--- a/fs/overlayfs/copy_up.c
+++ b/fs/overlayfs/copy_up.c
@@ -741,17 +741,15 @@ static int ovl_prep_cu_creds(struct dentry *dentry, struct ovl_cu_creds *cc)
return err;
if (cc->new)
- cc->old = override_creds(get_new_cred(cc->new));
+ cc->old = override_creds(cc->new);
return 0;
}
static void ovl_revert_cu_creds(struct ovl_cu_creds *cc)
{
- if (cc->new) {
+ if (cc->new)
put_cred(revert_creds(cc->old));
- put_cred(cc->new);
- }
}
/*
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* Re: [PATCH 18/26] ovl: avoid pointless cred reference count bump
2024-11-24 13:44 ` [PATCH 18/26] ovl: " Christian Brauner
@ 2024-11-24 14:59 ` Amir Goldstein
2024-11-25 11:30 ` Christian Brauner
0 siblings, 1 reply; 53+ messages in thread
From: Amir Goldstein @ 2024-11-24 14:59 UTC (permalink / raw)
To: Christian Brauner
Cc: Linus Torvalds, Miklos Szeredi, linux-kernel, linux-fsdevel
On Sun, Nov 24, 2024 at 2:44 PM Christian Brauner <brauner@kernel.org> wrote:
>
> No need for the extra reference count bump.
>
> Signed-off-by: Christian Brauner <brauner@kernel.org>
> ---
> fs/overlayfs/copy_up.c | 6 ++----
> 1 file changed, 2 insertions(+), 4 deletions(-)
>
> diff --git a/fs/overlayfs/copy_up.c b/fs/overlayfs/copy_up.c
> index 439bd9a5ceecc4d2f4dc5dfda7cea14c3d9411ba..39f08531abc7e99c32e709a46988939f072a9abe 100644
> --- a/fs/overlayfs/copy_up.c
> +++ b/fs/overlayfs/copy_up.c
> @@ -741,17 +741,15 @@ static int ovl_prep_cu_creds(struct dentry *dentry, struct ovl_cu_creds *cc)
> return err;
>
> if (cc->new)
> - cc->old = override_creds(get_new_cred(cc->new));
> + cc->old = override_creds(cc->new);
>
> return 0;
> }
>
> static void ovl_revert_cu_creds(struct ovl_cu_creds *cc)
> {
> - if (cc->new) {
> + if (cc->new)
> put_cred(revert_creds(cc->old));
> - put_cred(cc->new);
> - }
Same comment here, I think this will read more clearly as
revert_creds(cc->old));
put_cred(cc->new);
and better reflects the counterpart of ovl_prep_cu_creds().
Thanks,
Amir.
^ permalink raw reply [flat|nested] 53+ messages in thread* Re: [PATCH 18/26] ovl: avoid pointless cred reference count bump
2024-11-24 14:59 ` Amir Goldstein
@ 2024-11-25 11:30 ` Christian Brauner
0 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-25 11:30 UTC (permalink / raw)
To: Amir Goldstein
Cc: Linus Torvalds, Miklos Szeredi, linux-kernel, linux-fsdevel
On Sun, Nov 24, 2024 at 03:59:40PM +0100, Amir Goldstein wrote:
> On Sun, Nov 24, 2024 at 2:44 PM Christian Brauner <brauner@kernel.org> wrote:
> >
> > No need for the extra reference count bump.
> >
> > Signed-off-by: Christian Brauner <brauner@kernel.org>
> > ---
> > fs/overlayfs/copy_up.c | 6 ++----
> > 1 file changed, 2 insertions(+), 4 deletions(-)
> >
> > diff --git a/fs/overlayfs/copy_up.c b/fs/overlayfs/copy_up.c
> > index 439bd9a5ceecc4d2f4dc5dfda7cea14c3d9411ba..39f08531abc7e99c32e709a46988939f072a9abe 100644
> > --- a/fs/overlayfs/copy_up.c
> > +++ b/fs/overlayfs/copy_up.c
> > @@ -741,17 +741,15 @@ static int ovl_prep_cu_creds(struct dentry *dentry, struct ovl_cu_creds *cc)
> > return err;
> >
> > if (cc->new)
> > - cc->old = override_creds(get_new_cred(cc->new));
> > + cc->old = override_creds(cc->new);
> >
> > return 0;
> > }
> >
> > static void ovl_revert_cu_creds(struct ovl_cu_creds *cc)
> > {
> > - if (cc->new) {
> > + if (cc->new)
> > put_cred(revert_creds(cc->old));
> > - put_cred(cc->new);
> > - }
>
> Same comment here, I think this will read more clearly as
> revert_creds(cc->old));
> put_cred(cc->new);
>
> and better reflects the counterpart of ovl_prep_cu_creds().
Ok, done.
^ permalink raw reply [flat|nested] 53+ messages in thread
* [PATCH 19/26] cifs: avoid pointless cred reference count bump
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (17 preceding siblings ...)
2024-11-24 13:44 ` [PATCH 18/26] ovl: " Christian Brauner
@ 2024-11-24 13:44 ` Christian Brauner
2024-11-24 13:44 ` [PATCH 20/26] " Christian Brauner
` (9 subsequent siblings)
28 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:44 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
No need for the extra reference count bump.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
fs/smb/client/cifs_spnego.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/smb/client/cifs_spnego.c b/fs/smb/client/cifs_spnego.c
index 6284d924fdb1e25e07af7e10b6286df97c0942dd..28f568b5fc2771b7a11d0e83d0ac1cb9baf20636 100644
--- a/fs/smb/client/cifs_spnego.c
+++ b/fs/smb/client/cifs_spnego.c
@@ -173,9 +173,9 @@ cifs_get_spnego_key(struct cifs_ses *sesInfo,
}
cifs_dbg(FYI, "key description = %s\n", description);
- saved_cred = override_creds(get_new_cred(spnego_cred));
+ saved_cred = override_creds(spnego_cred);
spnego_key = request_key(&cifs_spnego_key_type, description, "");
- put_cred(revert_creds(saved_cred));
+ revert_creds(saved_cred);
#ifdef CONFIG_CIFS_DEBUG2
if (cifsFYI && !IS_ERR(spnego_key)) {
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* [PATCH 20/26] cifs: avoid pointless cred reference count bump
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (18 preceding siblings ...)
2024-11-24 13:44 ` [PATCH 19/26] cifs: " Christian Brauner
@ 2024-11-24 13:44 ` Christian Brauner
2024-11-24 13:44 ` [PATCH 21/26] smb: " Christian Brauner
` (8 subsequent siblings)
28 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:44 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
No need for the extra reference count bump.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
fs/smb/client/cifsacl.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/fs/smb/client/cifsacl.c b/fs/smb/client/cifsacl.c
index 5718906369a96fc80bee6a472f93bac1159f1709..ba79aa2107cc9f5b5fa628e9b9998d04e78c8bc1 100644
--- a/fs/smb/client/cifsacl.c
+++ b/fs/smb/client/cifsacl.c
@@ -292,7 +292,7 @@ id_to_sid(unsigned int cid, uint sidtype, struct smb_sid *ssid)
return -EINVAL;
rc = 0;
- saved_cred = override_creds(get_new_cred(root_cred));
+ saved_cred = override_creds(root_cred);
sidkey = request_key(&cifs_idmap_key_type, desc, "");
if (IS_ERR(sidkey)) {
rc = -EINVAL;
@@ -327,7 +327,7 @@ id_to_sid(unsigned int cid, uint sidtype, struct smb_sid *ssid)
out_key_put:
key_put(sidkey);
out_revert_creds:
- put_cred(revert_creds(saved_cred));
+ revert_creds(saved_cred);
return rc;
invalidate_key:
@@ -398,7 +398,7 @@ sid_to_id(struct cifs_sb_info *cifs_sb, struct smb_sid *psid,
if (!sidstr)
return -ENOMEM;
- saved_cred = override_creds(get_new_cred(root_cred));
+ saved_cred = override_creds(root_cred);
sidkey = request_key(&cifs_idmap_key_type, sidstr, "");
if (IS_ERR(sidkey)) {
cifs_dbg(FYI, "%s: Can't map SID %s to a %cid\n",
@@ -438,7 +438,7 @@ sid_to_id(struct cifs_sb_info *cifs_sb, struct smb_sid *psid,
out_key_put:
key_put(sidkey);
out_revert_creds:
- put_cred(revert_creds(saved_cred));
+ revert_creds(saved_cred);
kfree(sidstr);
/*
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* [PATCH 21/26] smb: avoid pointless cred reference count bump
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (19 preceding siblings ...)
2024-11-24 13:44 ` [PATCH 20/26] " Christian Brauner
@ 2024-11-24 13:44 ` Christian Brauner
2024-11-24 18:37 ` Al Viro
2024-11-24 13:44 ` [PATCH 22/26] io_uring: " Christian Brauner
` (7 subsequent siblings)
28 siblings, 1 reply; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:44 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
No need for the extra reference count bump.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
fs/smb/server/smb_common.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/fs/smb/server/smb_common.c b/fs/smb/server/smb_common.c
index f1d770a214c8b2c7d7dd4083ef57c7130bbce52c..a3f96804f84f03c22376769dffdf60cd66f5e3d2 100644
--- a/fs/smb/server/smb_common.c
+++ b/fs/smb/server/smb_common.c
@@ -780,7 +780,7 @@ int __ksmbd_override_fsids(struct ksmbd_work *work,
cred->cap_effective = cap_drop_fs_set(cred->cap_effective);
WARN_ON(work->saved_cred);
- work->saved_cred = override_creds(get_new_cred(cred));
+ work->saved_cred = override_creds(cred);
if (!work->saved_cred) {
abort_creds(cred);
return -EINVAL;
@@ -799,9 +799,7 @@ void ksmbd_revert_fsids(struct ksmbd_work *work)
WARN_ON(!work->saved_cred);
- cred = current_cred();
put_cred(revert_creds(work->saved_cred));
- put_cred(cred);
work->saved_cred = NULL;
}
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* Re: [PATCH 21/26] smb: avoid pointless cred reference count bump
2024-11-24 13:44 ` [PATCH 21/26] smb: " Christian Brauner
@ 2024-11-24 18:37 ` Al Viro
2024-11-25 11:22 ` Christian Brauner
0 siblings, 1 reply; 53+ messages in thread
From: Al Viro @ 2024-11-24 18:37 UTC (permalink / raw)
To: Christian Brauner
Cc: Linus Torvalds, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
On Sun, Nov 24, 2024 at 02:44:07PM +0100, Christian Brauner wrote:
> No need for the extra reference count bump.
>
> Signed-off-by: Christian Brauner <brauner@kernel.org>
> ---
> fs/smb/server/smb_common.c | 4 +---
> 1 file changed, 1 insertion(+), 3 deletions(-)
>
> diff --git a/fs/smb/server/smb_common.c b/fs/smb/server/smb_common.c
> index f1d770a214c8b2c7d7dd4083ef57c7130bbce52c..a3f96804f84f03c22376769dffdf60cd66f5e3d2 100644
> --- a/fs/smb/server/smb_common.c
> +++ b/fs/smb/server/smb_common.c
> @@ -780,7 +780,7 @@ int __ksmbd_override_fsids(struct ksmbd_work *work,
> cred->cap_effective = cap_drop_fs_set(cred->cap_effective);
>
> WARN_ON(work->saved_cred);
> - work->saved_cred = override_creds(get_new_cred(cred));
> + work->saved_cred = override_creds(cred);
> if (!work->saved_cred) {
> abort_creds(cred);
> return -EINVAL;
Won't that leave a dangling pointer?
^ permalink raw reply [flat|nested] 53+ messages in thread* Re: [PATCH 21/26] smb: avoid pointless cred reference count bump
2024-11-24 18:37 ` Al Viro
@ 2024-11-25 11:22 ` Christian Brauner
0 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-25 11:22 UTC (permalink / raw)
To: Al Viro
Cc: Linus Torvalds, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
On Sun, Nov 24, 2024 at 06:37:43PM +0000, Al Viro wrote:
> On Sun, Nov 24, 2024 at 02:44:07PM +0100, Christian Brauner wrote:
> > No need for the extra reference count bump.
> >
> > Signed-off-by: Christian Brauner <brauner@kernel.org>
> > ---
> > fs/smb/server/smb_common.c | 4 +---
> > 1 file changed, 1 insertion(+), 3 deletions(-)
> >
> > diff --git a/fs/smb/server/smb_common.c b/fs/smb/server/smb_common.c
> > index f1d770a214c8b2c7d7dd4083ef57c7130bbce52c..a3f96804f84f03c22376769dffdf60cd66f5e3d2 100644
> > --- a/fs/smb/server/smb_common.c
> > +++ b/fs/smb/server/smb_common.c
> > @@ -780,7 +780,7 @@ int __ksmbd_override_fsids(struct ksmbd_work *work,
> > cred->cap_effective = cap_drop_fs_set(cred->cap_effective);
> >
> > WARN_ON(work->saved_cred);
> > - work->saved_cred = override_creds(get_new_cred(cred));
> > + work->saved_cred = override_creds(cred);
> > if (!work->saved_cred) {
> > abort_creds(cred);
> > return -EINVAL;
>
> Won't that leave a dangling pointer?
Afaict, the whole check doesn't make sense because I don't see how
override_creds() could be called on a task with current->cred == NULL.
There's no way to opt out of having current->cred set.
^ permalink raw reply [flat|nested] 53+ messages in thread
* [PATCH 22/26] io_uring: avoid pointless cred reference count bump
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (20 preceding siblings ...)
2024-11-24 13:44 ` [PATCH 21/26] smb: " Christian Brauner
@ 2024-11-24 13:44 ` Christian Brauner
2024-11-24 13:44 ` [PATCH 23/26] acct: avoid pointless " Christian Brauner
` (6 subsequent siblings)
28 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:44 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
No need for the extra reference count bump.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
io_uring/io_uring.c | 4 ++--
io_uring/sqpoll.c | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/io_uring/io_uring.c b/io_uring/io_uring.c
index ad4d8e94a8665cf5f3e9ea0fd9bc6c03a03cc48f..8012933998837ddcef45c14f1dfe543947a9eaec 100644
--- a/io_uring/io_uring.c
+++ b/io_uring/io_uring.c
@@ -1704,7 +1704,7 @@ static int io_issue_sqe(struct io_kiocb *req, unsigned int issue_flags)
return -EBADF;
if (unlikely((req->flags & REQ_F_CREDS) && req->creds != current_cred()))
- creds = override_creds(get_new_cred(req->creds));
+ creds = override_creds(req->creds);
if (!def->audit_skip)
audit_uring_entry(req->opcode);
@@ -1715,7 +1715,7 @@ static int io_issue_sqe(struct io_kiocb *req, unsigned int issue_flags)
audit_uring_exit(!ret, ret);
if (creds)
- put_cred(revert_creds(creds));
+ revert_creds(creds);
if (ret == IOU_OK) {
if (issue_flags & IO_URING_F_COMPLETE_DEFER)
diff --git a/io_uring/sqpoll.c b/io_uring/sqpoll.c
index 1ca96347433695de1eb0e3bec7c6da4299e9ceb0..6df5e649c413e39e36db6cde2a8c6745e533bea9 100644
--- a/io_uring/sqpoll.c
+++ b/io_uring/sqpoll.c
@@ -174,7 +174,7 @@ static int __io_sq_thread(struct io_ring_ctx *ctx, bool cap_entries)
const struct cred *creds = NULL;
if (ctx->sq_creds != current_cred())
- creds = override_creds(get_new_cred(ctx->sq_creds));
+ creds = override_creds(ctx->sq_creds);
mutex_lock(&ctx->uring_lock);
if (!wq_list_empty(&ctx->iopoll_list))
@@ -192,7 +192,7 @@ static int __io_sq_thread(struct io_ring_ctx *ctx, bool cap_entries)
if (to_submit && wq_has_sleeper(&ctx->sqo_sq_wait))
wake_up(&ctx->sqo_sq_wait);
if (creds)
- put_cred(revert_creds(creds));
+ revert_creds(creds);
}
return ret;
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* [PATCH 23/26] acct: avoid pointless reference count bump
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (21 preceding siblings ...)
2024-11-24 13:44 ` [PATCH 22/26] io_uring: " Christian Brauner
@ 2024-11-24 13:44 ` Christian Brauner
2024-11-24 13:44 ` [PATCH 24/26] cgroup: avoid pointless cred " Christian Brauner
` (5 subsequent siblings)
28 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:44 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
No need for the extra reference count bump.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
kernel/acct.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/kernel/acct.c b/kernel/acct.c
index ea8c94887b5853b10e7a7e632f7b0bc4d52ab10b..179848ad33e978a557ce695a0d6020aa169177c6 100644
--- a/kernel/acct.c
+++ b/kernel/acct.c
@@ -501,7 +501,7 @@ static void do_acct_process(struct bsd_acct_struct *acct)
flim = rlimit(RLIMIT_FSIZE);
current->signal->rlim[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY;
/* Perform file operations on behalf of whoever enabled accounting */
- orig_cred = override_creds(get_new_cred(file->f_cred));
+ orig_cred = override_creds(file->f_cred);
/*
* First check to see if there is enough free_space to continue
@@ -541,7 +541,7 @@ static void do_acct_process(struct bsd_acct_struct *acct)
}
out:
current->signal->rlim[RLIMIT_FSIZE].rlim_cur = flim;
- put_cred(revert_creds(orig_cred));
+ revert_creds(orig_cred);
}
/**
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* [PATCH 24/26] cgroup: avoid pointless cred reference count bump
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (22 preceding siblings ...)
2024-11-24 13:44 ` [PATCH 23/26] acct: avoid pointless " Christian Brauner
@ 2024-11-24 13:44 ` Christian Brauner
2024-11-24 13:44 ` [PATCH 25/26] trace: " Christian Brauner
` (4 subsequent siblings)
28 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:44 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
No need for the extra reference count bump.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
kernel/cgroup/cgroup.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
index 1a94e8b154beeed45d69056917f3dd9fc6d950fa..d9061bd55436b502e065b477a903ed682d722c2e 100644
--- a/kernel/cgroup/cgroup.c
+++ b/kernel/cgroup/cgroup.c
@@ -5216,11 +5216,11 @@ static ssize_t __cgroup_procs_write(struct kernfs_open_file *of, char *buf,
* permissions using the credentials from file open to protect against
* inherited fd attacks.
*/
- saved_cred = override_creds(get_new_cred(of->file->f_cred));
+ saved_cred = override_creds(of->file->f_cred);
ret = cgroup_attach_permissions(src_cgrp, dst_cgrp,
of->file->f_path.dentry->d_sb,
threadgroup, ctx->ns);
- put_cred(revert_creds(saved_cred));
+ revert_creds(saved_cred);
if (ret)
goto out_finish;
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* [PATCH 25/26] trace: avoid pointless cred reference count bump
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (23 preceding siblings ...)
2024-11-24 13:44 ` [PATCH 24/26] cgroup: avoid pointless cred " Christian Brauner
@ 2024-11-24 13:44 ` Christian Brauner
2024-11-24 13:44 ` [PATCH 26/26] dns_resolver: " Christian Brauner
` (3 subsequent siblings)
28 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:44 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
No need for the extra reference count bump.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
kernel/trace/trace_events_user.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/kernel/trace/trace_events_user.c b/kernel/trace/trace_events_user.c
index c54ae15f425c2c1dad3f8c776027beca2f00a0a5..1ec83a4f19ac038a8580391c291653ab822ce664 100644
--- a/kernel/trace/trace_events_user.c
+++ b/kernel/trace/trace_events_user.c
@@ -1469,7 +1469,7 @@ static int user_event_set_call_visible(struct user_event *user, bool visible)
*/
cred->fsuid = GLOBAL_ROOT_UID;
- old_cred = override_creds(get_new_cred(cred));
+ old_cred = override_creds(cred);
if (visible)
ret = trace_add_event_call(&user->call);
@@ -1477,7 +1477,6 @@ static int user_event_set_call_visible(struct user_event *user, bool visible)
ret = trace_remove_event_call(&user->call);
put_cred(revert_creds(old_cred));
- put_cred(cred);
return ret;
}
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* [PATCH 26/26] dns_resolver: avoid pointless cred reference count bump
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (24 preceding siblings ...)
2024-11-24 13:44 ` [PATCH 25/26] trace: " Christian Brauner
@ 2024-11-24 13:44 ` Christian Brauner
2024-11-24 17:00 ` [PATCH 00/26] cred: rework {override,revert}_creds() Amir Goldstein
` (2 subsequent siblings)
28 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-24 13:44 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Amir Goldstein, Miklos Szeredi, linux-kernel,
linux-fsdevel
No need for the extra reference count bump.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
net/dns_resolver/dns_query.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net/dns_resolver/dns_query.c b/net/dns_resolver/dns_query.c
index 0b0789fe2194151102d5234aca3fc2dae9a1ed69..82b084cc1cc6349bb532d5ada555b0bcbb1cdbea 100644
--- a/net/dns_resolver/dns_query.c
+++ b/net/dns_resolver/dns_query.c
@@ -124,9 +124,9 @@ int dns_query(struct net *net,
/* make the upcall, using special credentials to prevent the use of
* add_key() to preinstall malicious redirections
*/
- saved_cred = override_creds(get_new_cred(dns_resolver_cache));
+ saved_cred = override_creds(dns_resolver_cache);
rkey = request_key_net(&key_type_dns_resolver, desc, net, options);
- put_cred(revert_creds(saved_cred));
+ revert_creds(saved_cred);
kfree(desc);
if (IS_ERR(rkey)) {
ret = PTR_ERR(rkey);
--
2.45.2
^ permalink raw reply related [flat|nested] 53+ messages in thread* Re: [PATCH 00/26] cred: rework {override,revert}_creds()
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (25 preceding siblings ...)
2024-11-24 13:44 ` [PATCH 26/26] dns_resolver: " Christian Brauner
@ 2024-11-24 17:00 ` Amir Goldstein
2024-11-24 18:00 ` Linus Torvalds
2024-11-25 13:51 ` Jeff Layton
28 siblings, 0 replies; 53+ messages in thread
From: Amir Goldstein @ 2024-11-24 17:00 UTC (permalink / raw)
To: Christian Brauner
Cc: Linus Torvalds, Miklos Szeredi, linux-kernel, linux-fsdevel
On Sun, Nov 24, 2024 at 2:44 PM Christian Brauner <brauner@kernel.org> wrote:
>
> For the v6.13 cycle we switched overlayfs to a variant of
> override_creds() that doesn't take an extra reference. To this end I
> suggested introducing {override,revert}_creds_light() which overlayfs
> could use.
>
> This seems to work rather well. As Linus correctly points out that we
> should look into unifying both and simply make {override,revert}_creds()
> do what {override,revert}_creds_light() currently does. Caller's that
> really need the extra reference count can take it manually.
>
> This series does all that. Afaict, most callers can be directly
> converted over and can avoid the extra reference count completely.
>
> Lightly tested.
FWIW, your work.cred branch passes the overlayfs tests.
Thanks,
Amir.
>
> ---
> Christian Brauner (26):
> tree-wide: s/override_creds()/override_creds_light(get_new_cred())/g
> cred: return old creds from revert_creds_light()
> tree-wide: s/revert_creds()/put_cred(revert_creds_light())/g
> cred: remove old {override,revert}_creds() helpers
> tree-wide: s/override_creds_light()/override_creds()/g
> tree-wide: s/revert_creds_light()/revert_creds()/g
> firmware: avoid pointless reference count bump
> sev-dev: avoid pointless cred reference count bump
> target_core_configfs: avoid pointless cred reference count bump
> aio: avoid pointless cred reference count bump
> binfmt_misc: avoid pointless cred reference count bump
> coredump: avoid pointless cred reference count bump
> nfs/localio: avoid pointless cred reference count bumps
> nfs/nfs4idmap: avoid pointless reference count bump
> nfs/nfs4recover: avoid pointless cred reference count bump
> nfsfh: avoid pointless cred reference count bump
> open: avoid pointless cred reference count bump
> ovl: avoid pointless cred reference count bump
> cifs: avoid pointless cred reference count bump
> cifs: avoid pointless cred reference count bump
> smb: avoid pointless cred reference count bump
> io_uring: avoid pointless cred reference count bump
> acct: avoid pointless reference count bump
> cgroup: avoid pointless cred reference count bump
> trace: avoid pointless cred reference count bump
> dns_resolver: avoid pointless cred reference count bump
>
> drivers/base/firmware_loader/main.c | 3 +--
> drivers/crypto/ccp/sev-dev.c | 2 +-
> drivers/target/target_core_configfs.c | 3 +--
> fs/aio.c | 3 +--
> fs/backing-file.c | 20 +++++++-------
> fs/cachefiles/internal.h | 4 +--
> fs/nfsd/auth.c | 4 +--
> fs/nfsd/filecache.c | 2 +-
> fs/nfsd/nfs4recover.c | 3 +--
> fs/nfsd/nfsfh.c | 1 -
> fs/open.c | 10 ++-----
> fs/overlayfs/copy_up.c | 6 ++---
> fs/overlayfs/dir.c | 4 +--
> fs/overlayfs/util.c | 4 +--
> fs/smb/server/smb_common.c | 4 +--
> include/linux/cred.h | 14 ++++------
> kernel/cred.c | 50 -----------------------------------
> kernel/trace/trace_events_user.c | 3 +--
> 18 files changed, 35 insertions(+), 105 deletions(-)
> ---
> base-commit: 228a1157fb9fec47eb135b51c0202b574e079ebf
> change-id: 20241124-work-cred-349b65450082
>
^ permalink raw reply [flat|nested] 53+ messages in thread* Re: [PATCH 00/26] cred: rework {override,revert}_creds()
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (26 preceding siblings ...)
2024-11-24 17:00 ` [PATCH 00/26] cred: rework {override,revert}_creds() Amir Goldstein
@ 2024-11-24 18:00 ` Linus Torvalds
2024-11-25 11:46 ` Christian Brauner
2024-11-25 12:55 ` Amir Goldstein
2024-11-25 13:51 ` Jeff Layton
28 siblings, 2 replies; 53+ messages in thread
From: Linus Torvalds @ 2024-11-24 18:00 UTC (permalink / raw)
To: Christian Brauner
Cc: Amir Goldstein, Miklos Szeredi, linux-kernel, linux-fsdevel
On Sun, 24 Nov 2024 at 05:44, Christian Brauner <brauner@kernel.org> wrote:
>
> This series does all that. Afaict, most callers can be directly
> converted over and can avoid the extra reference count completely.
>
> Lightly tested.
Thanks, this looks good to me. I only had two reactions:
(a) I was surprised that using get_new_cred() apparently "just worked".
I was expecting us to have cases where the cred was marked 'const',
because I had this memory of us actively marking things const to make
sure people didn't play games with modifying the creds in-place (and
then casting away the const just for ref updates).
But apparently that's never the case for override_creds() users, so
your patch actually ended up even simpler than I expected in that you
didn't end up needing any new helper for just incrementing the
refcount on a const cred.
(b) a (slight) reaction was to wish for a short "why" on the
pointless reference bumps
partly to show that it was thought about, but also partly to
discourage people from doing it entirely mindlessly in other cases.
I mean, sometimes the reference bumps were just obviously pointless
because they ended up being right next to each other after being
exposed, like the get/put pattern in access_override_creds().
But in some other cases, like the aio_write case, I think it would
have been good to just say
"The refcount is held by iocb->fsync.creds that cannot change over
the operation"
or similar. Or - very similarly - the binfmt_misc uses "file->f_cred",
and again, file->f_cred is set at open time and never changed, so we
can rely on it staying around for the file lifetime.
I actually don't know if there were any exceptions to this (ie cases
where the source of the override cred could actually go away from
under us during the operation) where you didn't end up removing the
refcount games as a result. You did have a couple of cases where you
actually explained why the bump wasn't necessary, but there were a
couple where I would have wished for that "the reference count is held
by X, which is stable over the whole sequence" kind of notes.
But not a big deal. Even in this form, I think this is a clear and
good improvement.
Thanks,
Linus
^ permalink raw reply [flat|nested] 53+ messages in thread* Re: [PATCH 00/26] cred: rework {override,revert}_creds()
2024-11-24 18:00 ` Linus Torvalds
@ 2024-11-25 11:46 ` Christian Brauner
2024-11-25 12:55 ` Amir Goldstein
1 sibling, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-25 11:46 UTC (permalink / raw)
To: Linus Torvalds
Cc: Amir Goldstein, Miklos Szeredi, linux-kernel, linux-fsdevel
On Sun, Nov 24, 2024 at 10:00:24AM -0800, Linus Torvalds wrote:
> On Sun, 24 Nov 2024 at 05:44, Christian Brauner <brauner@kernel.org> wrote:
> >
> > This series does all that. Afaict, most callers can be directly
> > converted over and can avoid the extra reference count completely.
> >
> > Lightly tested.
>
> Thanks, this looks good to me. I only had two reactions:
>
> (a) I was surprised that using get_new_cred() apparently "just worked".
There's only one case and that's io_uring where we can just cast because
we only need it temporarily during the conversion part of the patch
series. Later we don't take any reference count anymore in io_uring.
> (b) a (slight) reaction was to wish for a short "why" on the
> pointless reference bumps
Yeah, sorry for some of the patches I just quickly jotted down the same
line in the commit message. I updated all those commit messages with
actual explanations why that's safe.
> But not a big deal. Even in this form, I think this is a clear and
> good improvement.
Cool.
^ permalink raw reply [flat|nested] 53+ messages in thread* Re: [PATCH 00/26] cred: rework {override,revert}_creds()
2024-11-24 18:00 ` Linus Torvalds
2024-11-25 11:46 ` Christian Brauner
@ 2024-11-25 12:55 ` Amir Goldstein
2024-11-25 14:13 ` Christian Brauner
1 sibling, 1 reply; 53+ messages in thread
From: Amir Goldstein @ 2024-11-25 12:55 UTC (permalink / raw)
To: Linus Torvalds
Cc: Christian Brauner, Miklos Szeredi, linux-kernel, linux-fsdevel
On Sun, Nov 24, 2024 at 7:00 PM Linus Torvalds
<torvalds@linux-foundation.org> wrote:
>
> On Sun, 24 Nov 2024 at 05:44, Christian Brauner <brauner@kernel.org> wrote:
> >
> > This series does all that. Afaict, most callers can be directly
> > converted over and can avoid the extra reference count completely.
> >
> > Lightly tested.
>
> Thanks, this looks good to me. I only had two reactions:
>
> (a) I was surprised that using get_new_cred() apparently "just worked".
>
> I was expecting us to have cases where the cred was marked 'const',
> because I had this memory of us actively marking things const to make
> sure people didn't play games with modifying the creds in-place (and
> then casting away the const just for ref updates).
>
> But apparently that's never the case for override_creds() users, so
> your patch actually ended up even simpler than I expected in that you
> didn't end up needing any new helper for just incrementing the
> refcount on a const cred.
>
> (b) a (slight) reaction was to wish for a short "why" on the
> pointless reference bumps
>
> partly to show that it was thought about, but also partly to
> discourage people from doing it entirely mindlessly in other cases.
>
> I mean, sometimes the reference bumps were just obviously pointless
> because they ended up being right next to each other after being
> exposed, like the get/put pattern in access_override_creds().
>
> But in some other cases, like the aio_write case, I think it would
> have been good to just say
>
> "The refcount is held by iocb->fsync.creds that cannot change over
> the operation"
>
> or similar. Or - very similarly - the binfmt_misc uses "file->f_cred",
> and again, file->f_cred is set at open time and never changed, so we
> can rely on it staying around for the file lifetime.
>
> I actually don't know if there were any exceptions to this (ie cases
> where the source of the override cred could actually go away from
> under us during the operation) where you didn't end up removing the
> refcount games as a result.
I was asking myself the same question.
I see that cachefiles_{begin,end}_secure() bump the refcount, but they
mostly follow a very similar pattern to the cases that do not bump the refcount,
so I wonder if you left this out because they were hidden in those
inline helpers
or because of the non-trivial case of cachefiles_determine_cache_security()
which replaces the 'master' cache_creds?
Other that that, I stared at the creds code in nfsd_file_acquire_local() and
nfsd_setuser() more than I would like to admit, with lines like:
/* discard any old override before preparing the new set */
put_cred(revert_creds(get_cred(current_real_cred())));
And my only conclusion was this code is complicated enough,
so it'd better not use borrowed creds..
Thanks,
Amir.
^ permalink raw reply [flat|nested] 53+ messages in thread* Re: [PATCH 00/26] cred: rework {override,revert}_creds()
2024-11-25 12:55 ` Amir Goldstein
@ 2024-11-25 14:13 ` Christian Brauner
0 siblings, 0 replies; 53+ messages in thread
From: Christian Brauner @ 2024-11-25 14:13 UTC (permalink / raw)
To: Amir Goldstein
Cc: Linus Torvalds, Miklos Szeredi, linux-kernel, linux-fsdevel
On Mon, Nov 25, 2024 at 01:55:25PM +0100, Amir Goldstein wrote:
> On Sun, Nov 24, 2024 at 7:00 PM Linus Torvalds
> <torvalds@linux-foundation.org> wrote:
> >
> > On Sun, 24 Nov 2024 at 05:44, Christian Brauner <brauner@kernel.org> wrote:
> > >
> > > This series does all that. Afaict, most callers can be directly
> > > converted over and can avoid the extra reference count completely.
> > >
> > > Lightly tested.
> >
> > Thanks, this looks good to me. I only had two reactions:
> >
> > (a) I was surprised that using get_new_cred() apparently "just worked".
> >
> > I was expecting us to have cases where the cred was marked 'const',
> > because I had this memory of us actively marking things const to make
> > sure people didn't play games with modifying the creds in-place (and
> > then casting away the const just for ref updates).
> >
> > But apparently that's never the case for override_creds() users, so
> > your patch actually ended up even simpler than I expected in that you
> > didn't end up needing any new helper for just incrementing the
> > refcount on a const cred.
> >
> > (b) a (slight) reaction was to wish for a short "why" on the
> > pointless reference bumps
> >
> > partly to show that it was thought about, but also partly to
> > discourage people from doing it entirely mindlessly in other cases.
> >
> > I mean, sometimes the reference bumps were just obviously pointless
> > because they ended up being right next to each other after being
> > exposed, like the get/put pattern in access_override_creds().
> >
> > But in some other cases, like the aio_write case, I think it would
> > have been good to just say
> >
> > "The refcount is held by iocb->fsync.creds that cannot change over
> > the operation"
> >
> > or similar. Or - very similarly - the binfmt_misc uses "file->f_cred",
> > and again, file->f_cred is set at open time and never changed, so we
> > can rely on it staying around for the file lifetime.
> >
> > I actually don't know if there were any exceptions to this (ie cases
> > where the source of the override cred could actually go away from
> > under us during the operation) where you didn't end up removing the
> > refcount games as a result.
>
> I was asking myself the same question.
>
> I see that cachefiles_{begin,end}_secure() bump the refcount, but they
> mostly follow a very similar pattern to the cases that do not bump the refcount,
> so I wonder if you left this out because they were hidden in those
> inline helpers
> or because of the non-trivial case of cachefiles_determine_cache_security()
> which replaces the 'master' cache_creds?
>
> Other that that, I stared at the creds code in nfsd_file_acquire_local() and
> nfsd_setuser() more than I would like to admit, with lines like:
>
> /* discard any old override before preparing the new set */
> put_cred(revert_creds(get_cred(current_real_cred())));
>
> And my only conclusion was this code is complicated enough,
> so it'd better not use borrowed creds..
I actually ported cachefilesd and and nfsd in v2. I simply missed them.
^ permalink raw reply [flat|nested] 53+ messages in thread
* Re: [PATCH 00/26] cred: rework {override,revert}_creds()
2024-11-24 13:43 ` [PATCH 00/26] cred: rework {override,revert}_creds() Christian Brauner
` (27 preceding siblings ...)
2024-11-24 18:00 ` Linus Torvalds
@ 2024-11-25 13:51 ` Jeff Layton
28 siblings, 0 replies; 53+ messages in thread
From: Jeff Layton @ 2024-11-25 13:51 UTC (permalink / raw)
To: Christian Brauner, Linus Torvalds
Cc: Amir Goldstein, Miklos Szeredi, linux-kernel, linux-fsdevel
On Sun, 2024-11-24 at 14:43 +0100, Christian Brauner wrote:
> For the v6.13 cycle we switched overlayfs to a variant of
> override_creds() that doesn't take an extra reference. To this end I
> suggested introducing {override,revert}_creds_light() which overlayfs
> could use.
>
> This seems to work rather well. As Linus correctly points out that we
> should look into unifying both and simply make {override,revert}_creds()
> do what {override,revert}_creds_light() currently does. Caller's that
> really need the extra reference count can take it manually.
>
> This series does all that. Afaict, most callers can be directly
> converted over and can avoid the extra reference count completely.
>
> Lightly tested.
>
> ---
> Christian Brauner (26):
> tree-wide: s/override_creds()/override_creds_light(get_new_cred())/g
> cred: return old creds from revert_creds_light()
> tree-wide: s/revert_creds()/put_cred(revert_creds_light())/g
> cred: remove old {override,revert}_creds() helpers
> tree-wide: s/override_creds_light()/override_creds()/g
> tree-wide: s/revert_creds_light()/revert_creds()/g
> firmware: avoid pointless reference count bump
> sev-dev: avoid pointless cred reference count bump
> target_core_configfs: avoid pointless cred reference count bump
> aio: avoid pointless cred reference count bump
> binfmt_misc: avoid pointless cred reference count bump
> coredump: avoid pointless cred reference count bump
> nfs/localio: avoid pointless cred reference count bumps
> nfs/nfs4idmap: avoid pointless reference count bump
> nfs/nfs4recover: avoid pointless cred reference count bump
> nfsfh: avoid pointless cred reference count bump
> open: avoid pointless cred reference count bump
> ovl: avoid pointless cred reference count bump
> cifs: avoid pointless cred reference count bump
> cifs: avoid pointless cred reference count bump
> smb: avoid pointless cred reference count bump
> io_uring: avoid pointless cred reference count bump
> acct: avoid pointless reference count bump
> cgroup: avoid pointless cred reference count bump
> trace: avoid pointless cred reference count bump
> dns_resolver: avoid pointless cred reference count bump
>
> drivers/base/firmware_loader/main.c | 3 +--
> drivers/crypto/ccp/sev-dev.c | 2 +-
> drivers/target/target_core_configfs.c | 3 +--
> fs/aio.c | 3 +--
> fs/backing-file.c | 20 +++++++-------
> fs/cachefiles/internal.h | 4 +--
> fs/nfsd/auth.c | 4 +--
> fs/nfsd/filecache.c | 2 +-
> fs/nfsd/nfs4recover.c | 3 +--
> fs/nfsd/nfsfh.c | 1 -
> fs/open.c | 10 ++-----
> fs/overlayfs/copy_up.c | 6 ++---
> fs/overlayfs/dir.c | 4 +--
> fs/overlayfs/util.c | 4 +--
> fs/smb/server/smb_common.c | 4 +--
> include/linux/cred.h | 14 ++++------
> kernel/cred.c | 50 -----------------------------------
> kernel/trace/trace_events_user.c | 3 +--
> 18 files changed, 35 insertions(+), 105 deletions(-)
> ---
> base-commit: 228a1157fb9fec47eb135b51c0202b574e079ebf
> change-id: 20241124-work-cred-349b65450082
>
>
Nice work. Looks like a fairly straightforward changeover and the new
API seems more intuitive. You can add:
Reviewed-by: Jeff Layton <jlayton@kernel.org>
^ permalink raw reply [flat|nested] 53+ messages in thread