From 0a670e151a71434765de69590944e18c08ee08cf Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Mon, 25 Nov 2024 15:09:57 +0100 Subject: tree-wide: s/override_creds()/override_creds_light(get_new_cred())/g Convert all callers from override_creds() to override_creds_light(get_new_cred()) in preparation of making override_creds() not take a separate reference at all. Link: https://lore.kernel.org/r/20241125-work-cred-v2-1-68b9d38bb5b2@kernel.org Reviewed-by: Jeff Layton Reviewed-by: Jens Axboe Signed-off-by: Christian Brauner --- kernel/acct.c | 2 +- kernel/cgroup/cgroup.c | 2 +- kernel/trace/trace_events_user.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'kernel') diff --git a/kernel/acct.c b/kernel/acct.c index 179848ad33e9..8f18eb02dd41 100644 --- a/kernel/acct.c +++ b/kernel/acct.c @@ -501,7 +501,7 @@ static void do_acct_process(struct bsd_acct_struct *acct) flim = rlimit(RLIMIT_FSIZE); current->signal->rlim[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY; /* Perform file operations on behalf of whoever enabled accounting */ - orig_cred = override_creds(file->f_cred); + orig_cred = override_creds_light(get_new_cred(file->f_cred)); /* * First check to see if there is enough free_space to continue diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c index d9061bd55436..97329b4fe502 100644 --- a/kernel/cgroup/cgroup.c +++ b/kernel/cgroup/cgroup.c @@ -5216,7 +5216,7 @@ static ssize_t __cgroup_procs_write(struct kernfs_open_file *of, char *buf, * permissions using the credentials from file open to protect against * inherited fd attacks. */ - saved_cred = override_creds(of->file->f_cred); + saved_cred = override_creds_light(get_new_cred(of->file->f_cred)); ret = cgroup_attach_permissions(src_cgrp, dst_cgrp, of->file->f_path.dentry->d_sb, threadgroup, ctx->ns); diff --git a/kernel/trace/trace_events_user.c b/kernel/trace/trace_events_user.c index 17bcad8f79de..4dd7c45d227e 100644 --- a/kernel/trace/trace_events_user.c +++ b/kernel/trace/trace_events_user.c @@ -1469,7 +1469,7 @@ static int user_event_set_call_visible(struct user_event *user, bool visible) */ cred->fsuid = GLOBAL_ROOT_UID; - old_cred = override_creds(cred); + old_cred = override_creds_light(get_new_cred(cred)); if (visible) ret = trace_add_event_call(&user->call); -- cgit v1.2.3 From f905e00904cc5899c89897b93bebfcf6656f608e Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Mon, 25 Nov 2024 15:09:59 +0100 Subject: tree-wide: s/revert_creds()/put_cred(revert_creds_light())/g Convert all calls to revert_creds() over to explicitly dropping reference counts in preparation for converting revert_creds() to revert_creds_light() semantics. Link: https://lore.kernel.org/r/20241125-work-cred-v2-3-68b9d38bb5b2@kernel.org Reviewed-by: Jeff Layton Reviewed-by: Jens Axboe Signed-off-by: Christian Brauner --- kernel/acct.c | 2 +- kernel/cgroup/cgroup.c | 2 +- kernel/trace/trace_events_user.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'kernel') diff --git a/kernel/acct.c b/kernel/acct.c index 8f18eb02dd41..4e28aa9e1ef2 100644 --- a/kernel/acct.c +++ b/kernel/acct.c @@ -541,7 +541,7 @@ static void do_acct_process(struct bsd_acct_struct *acct) } out: current->signal->rlim[RLIMIT_FSIZE].rlim_cur = flim; - revert_creds(orig_cred); + put_cred(revert_creds_light(orig_cred)); } /** diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c index 97329b4fe502..68b816955c9c 100644 --- a/kernel/cgroup/cgroup.c +++ b/kernel/cgroup/cgroup.c @@ -5220,7 +5220,7 @@ static ssize_t __cgroup_procs_write(struct kernfs_open_file *of, char *buf, ret = cgroup_attach_permissions(src_cgrp, dst_cgrp, of->file->f_path.dentry->d_sb, threadgroup, ctx->ns); - revert_creds(saved_cred); + put_cred(revert_creds_light(saved_cred)); if (ret) goto out_finish; diff --git a/kernel/trace/trace_events_user.c b/kernel/trace/trace_events_user.c index 4dd7c45d227e..2fdadb2e8547 100644 --- a/kernel/trace/trace_events_user.c +++ b/kernel/trace/trace_events_user.c @@ -1476,7 +1476,7 @@ static int user_event_set_call_visible(struct user_event *user, bool visible) else ret = trace_remove_event_call(&user->call); - revert_creds(old_cred); + put_cred(revert_creds_light(old_cred)); put_cred(cred); return ret; -- cgit v1.2.3 From a51a1d6bcaa345cc88e738cad468083c4e13aa3b Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Mon, 25 Nov 2024 15:10:00 +0100 Subject: cred: remove old {override,revert}_creds() helpers They are now unused. Link: https://lore.kernel.org/r/20241125-work-cred-v2-4-68b9d38bb5b2@kernel.org Reviewed-by: Jeff Layton Reviewed-by: Jens Axboe Signed-off-by: Christian Brauner --- kernel/cred.c | 50 -------------------------------------------------- 1 file changed, 50 deletions(-) (limited to 'kernel') diff --git a/kernel/cred.c b/kernel/cred.c index da7da250f7c8..9676965c0981 100644 --- a/kernel/cred.c +++ b/kernel/cred.c @@ -476,56 +476,6 @@ void abort_creds(struct cred *new) } EXPORT_SYMBOL(abort_creds); -/** - * override_creds - Override the current process's subjective credentials - * @new: The credentials to be assigned - * - * Install a set of temporary override subjective credentials on the current - * process, returning the old set for later reversion. - */ -const struct cred *override_creds(const struct cred *new) -{ - const struct cred *old; - - kdebug("override_creds(%p{%ld})", new, - atomic_long_read(&new->usage)); - - /* - * NOTE! This uses 'get_new_cred()' rather than 'get_cred()'. - * - * That means that we do not clear the 'non_rcu' flag, since - * we are only installing the cred into the thread-synchronous - * '->cred' pointer, not the '->real_cred' pointer that is - * visible to other threads under RCU. - */ - get_new_cred((struct cred *)new); - old = override_creds_light(new); - - kdebug("override_creds() = %p{%ld}", old, - atomic_long_read(&old->usage)); - return old; -} -EXPORT_SYMBOL(override_creds); - -/** - * revert_creds - Revert a temporary subjective credentials override - * @old: The credentials to be restored - * - * Revert a temporary set of override subjective credentials to an old set, - * discarding the override set. - */ -void revert_creds(const struct cred *old) -{ - const struct cred *override = current->cred; - - kdebug("revert_creds(%p{%ld})", old, - atomic_long_read(&old->usage)); - - revert_creds_light(old); - put_cred(override); -} -EXPORT_SYMBOL(revert_creds); - /** * cred_fscmp - Compare two credentials with respect to filesystem access. * @a: The first credential -- cgit v1.2.3 From 6771e004b40962402d0e973fc7d2e0e61364fdfb Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Mon, 25 Nov 2024 15:10:01 +0100 Subject: tree-wide: s/override_creds_light()/override_creds()/g Rename all calls to override_creds_light() back to overrid_creds(). Link: https://lore.kernel.org/r/20241125-work-cred-v2-5-68b9d38bb5b2@kernel.org Reviewed-by: Jeff Layton Reviewed-by: Jens Axboe Signed-off-by: Christian Brauner --- kernel/acct.c | 2 +- kernel/cgroup/cgroup.c | 2 +- kernel/trace/trace_events_user.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'kernel') diff --git a/kernel/acct.c b/kernel/acct.c index 4e28aa9e1ef2..a51a3b483fd9 100644 --- a/kernel/acct.c +++ b/kernel/acct.c @@ -501,7 +501,7 @@ static void do_acct_process(struct bsd_acct_struct *acct) flim = rlimit(RLIMIT_FSIZE); current->signal->rlim[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY; /* Perform file operations on behalf of whoever enabled accounting */ - orig_cred = override_creds_light(get_new_cred(file->f_cred)); + orig_cred = override_creds(get_new_cred(file->f_cred)); /* * First check to see if there is enough free_space to continue diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c index 68b816955c9c..2d618b577e52 100644 --- a/kernel/cgroup/cgroup.c +++ b/kernel/cgroup/cgroup.c @@ -5216,7 +5216,7 @@ static ssize_t __cgroup_procs_write(struct kernfs_open_file *of, char *buf, * permissions using the credentials from file open to protect against * inherited fd attacks. */ - saved_cred = override_creds_light(get_new_cred(of->file->f_cred)); + saved_cred = override_creds(get_new_cred(of->file->f_cred)); ret = cgroup_attach_permissions(src_cgrp, dst_cgrp, of->file->f_path.dentry->d_sb, threadgroup, ctx->ns); diff --git a/kernel/trace/trace_events_user.c b/kernel/trace/trace_events_user.c index 2fdadb2e8547..857124d81f12 100644 --- a/kernel/trace/trace_events_user.c +++ b/kernel/trace/trace_events_user.c @@ -1469,7 +1469,7 @@ static int user_event_set_call_visible(struct user_event *user, bool visible) */ cred->fsuid = GLOBAL_ROOT_UID; - old_cred = override_creds_light(get_new_cred(cred)); + old_cred = override_creds(get_new_cred(cred)); if (visible) ret = trace_add_event_call(&user->call); -- cgit v1.2.3 From 51c0bcf0973a3836adfc46f30f876f412478e376 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Mon, 25 Nov 2024 15:10:02 +0100 Subject: tree-wide: s/revert_creds_light()/revert_creds()/g Rename all calls to revert_creds_light() back to revert_creds(). Link: https://lore.kernel.org/r/20241125-work-cred-v2-6-68b9d38bb5b2@kernel.org Reviewed-by: Jeff Layton Reviewed-by: Jens Axboe Signed-off-by: Christian Brauner --- kernel/acct.c | 2 +- kernel/cgroup/cgroup.c | 2 +- kernel/trace/trace_events_user.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'kernel') diff --git a/kernel/acct.c b/kernel/acct.c index a51a3b483fd9..ea8c94887b58 100644 --- a/kernel/acct.c +++ b/kernel/acct.c @@ -541,7 +541,7 @@ static void do_acct_process(struct bsd_acct_struct *acct) } out: current->signal->rlim[RLIMIT_FSIZE].rlim_cur = flim; - put_cred(revert_creds_light(orig_cred)); + put_cred(revert_creds(orig_cred)); } /** diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c index 2d618b577e52..1a94e8b154be 100644 --- a/kernel/cgroup/cgroup.c +++ b/kernel/cgroup/cgroup.c @@ -5220,7 +5220,7 @@ static ssize_t __cgroup_procs_write(struct kernfs_open_file *of, char *buf, ret = cgroup_attach_permissions(src_cgrp, dst_cgrp, of->file->f_path.dentry->d_sb, threadgroup, ctx->ns); - put_cred(revert_creds_light(saved_cred)); + put_cred(revert_creds(saved_cred)); if (ret) goto out_finish; diff --git a/kernel/trace/trace_events_user.c b/kernel/trace/trace_events_user.c index 857124d81f12..c54ae15f425c 100644 --- a/kernel/trace/trace_events_user.c +++ b/kernel/trace/trace_events_user.c @@ -1476,7 +1476,7 @@ static int user_event_set_call_visible(struct user_event *user, bool visible) else ret = trace_remove_event_call(&user->call); - put_cred(revert_creds_light(old_cred)); + put_cred(revert_creds(old_cred)); put_cred(cred); return ret; -- cgit v1.2.3 From 6256d2377ed8fef96087803051d8b9dba68d8904 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Mon, 25 Nov 2024 15:10:19 +0100 Subject: acct: avoid pointless reference count bump file->f_cred already holds a reference count that is stable during the operation. Link: https://lore.kernel.org/r/20241125-work-cred-v2-23-68b9d38bb5b2@kernel.org Reviewed-by: Jeff Layton Reviewed-by: Jens Axboe Signed-off-by: Christian Brauner --- kernel/acct.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'kernel') diff --git a/kernel/acct.c b/kernel/acct.c index ea8c94887b58..179848ad33e9 100644 --- a/kernel/acct.c +++ b/kernel/acct.c @@ -501,7 +501,7 @@ static void do_acct_process(struct bsd_acct_struct *acct) flim = rlimit(RLIMIT_FSIZE); current->signal->rlim[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY; /* Perform file operations on behalf of whoever enabled accounting */ - orig_cred = override_creds(get_new_cred(file->f_cred)); + orig_cred = override_creds(file->f_cred); /* * First check to see if there is enough free_space to continue @@ -541,7 +541,7 @@ static void do_acct_process(struct bsd_acct_struct *acct) } out: current->signal->rlim[RLIMIT_FSIZE].rlim_cur = flim; - put_cred(revert_creds(orig_cred)); + revert_creds(orig_cred); } /** -- cgit v1.2.3 From 34ab26fb6b2a70ae6b22fc3880bc6d8b68579564 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Mon, 25 Nov 2024 15:10:20 +0100 Subject: cgroup: avoid pointless cred reference count bump of->file->f_cred already holds a reference count that is stable during the operation. Link: https://lore.kernel.org/r/20241125-work-cred-v2-24-68b9d38bb5b2@kernel.org Reviewed-by: Jeff Layton Reviewed-by: Jens Axboe Signed-off-by: Christian Brauner --- kernel/cgroup/cgroup.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'kernel') diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c index 1a94e8b154be..d9061bd55436 100644 --- a/kernel/cgroup/cgroup.c +++ b/kernel/cgroup/cgroup.c @@ -5216,11 +5216,11 @@ static ssize_t __cgroup_procs_write(struct kernfs_open_file *of, char *buf, * permissions using the credentials from file open to protect against * inherited fd attacks. */ - saved_cred = override_creds(get_new_cred(of->file->f_cred)); + saved_cred = override_creds(of->file->f_cred); ret = cgroup_attach_permissions(src_cgrp, dst_cgrp, of->file->f_path.dentry->d_sb, threadgroup, ctx->ns); - put_cred(revert_creds(saved_cred)); + revert_creds(saved_cred); if (ret) goto out_finish; -- cgit v1.2.3 From aeca632b3160b654769d6224e264fff9f03f4a9b Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Mon, 25 Nov 2024 15:10:21 +0100 Subject: trace: avoid pointless cred reference count bump The creds are allocated via prepare_creds() which has already taken a reference. Link: https://lore.kernel.org/r/20241125-work-cred-v2-25-68b9d38bb5b2@kernel.org Reviewed-by: Jeff Layton Reviewed-by: Jens Axboe Signed-off-by: Christian Brauner --- kernel/trace/trace_events_user.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'kernel') diff --git a/kernel/trace/trace_events_user.c b/kernel/trace/trace_events_user.c index c54ae15f425c..17bcad8f79de 100644 --- a/kernel/trace/trace_events_user.c +++ b/kernel/trace/trace_events_user.c @@ -1469,14 +1469,14 @@ static int user_event_set_call_visible(struct user_event *user, bool visible) */ cred->fsuid = GLOBAL_ROOT_UID; - old_cred = override_creds(get_new_cred(cred)); + old_cred = override_creds(cred); if (visible) ret = trace_add_event_call(&user->call); else ret = trace_remove_event_call(&user->call); - put_cred(revert_creds(old_cred)); + revert_creds(old_cred); put_cred(cred); return ret; -- cgit v1.2.3