From: "Eric W. Biederman" <ebiederm@xmission.com>
To: linux-kernel@vger.kernel.org
Cc: linux-fsdevel@vger.kernel.org, criu@openvz.org,
bpf@vger.kernel.org,
"Linus Torvalds" <torvalds@linux-foundation.org>,
"Alexander Viro" <viro@zeniv.linux.org.uk>,
"Christian Brauner" <christian.brauner@ubuntu.com>,
"Oleg Nesterov" <oleg@redhat.com>,
"Cyrill Gorcunov" <gorcunov@gmail.com>,
"Jann Horn" <jann@thejh.net>, "Kees Cook" <keescook@chromium.org>,
"Daniel P. Berrangé" <berrange@redhat.com>,
"Jeff Layton" <jlayton@redhat.com>,
"Miklos Szeredi" <miklos@szeredi.hu>,
"Matthew Wilcox" <willy@debian.org>,
"J. Bruce Fields" <bfields@fieldses.org>,
"Matthew Wilcox" <matthew@wil.cx>,
"Trond Myklebust" <trond.myklebust@fys.uio.no>,
"Chris Wright" <chrisw@redhat.com>,
"Alexei Starovoitov" <ast@kernel.org>,
"Daniel Borkmann" <daniel@iogearbox.net>,
"Martin KaFai Lau" <kafai@fb.com>,
"Song Liu" <songliubraving@fb.com>, "Yonghong Song" <yhs@fb.com>,
"Andrii Nakryiko" <andriin@fb.com>,
"John Fastabend" <john.fastabend@gmail.com>,
"KP Singh" <kpsingh@chromium.org>,
"Eric W. Biederman" <ebiederm@xmission.com>
Subject: [PATCH 02/17] exec: Simplify unshare_files
Date: Mon, 17 Aug 2020 17:04:10 -0500 [thread overview]
Message-ID: <20200817220425.9389-2-ebiederm@xmission.com> (raw)
In-Reply-To: <87ft8l6ic3.fsf@x220.int.ebiederm.org>
Now that exec no longer needs to return the unshared files to their
previous value there is no reason to return displaced.
Instead when unshare_fd creates a copy of the file table, call
put_files_struct before returning from unshare_files.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
---
fs/coredump.c | 5 +----
fs/exec.c | 5 +----
include/linux/fdtable.h | 2 +-
kernel/fork.c | 12 ++++++------
4 files changed, 9 insertions(+), 15 deletions(-)
diff --git a/fs/coredump.c b/fs/coredump.c
index 76e7c10edfc0..568d6e391082 100644
--- a/fs/coredump.c
+++ b/fs/coredump.c
@@ -585,7 +585,6 @@ void do_coredump(const kernel_siginfo_t *siginfo)
int ispipe;
size_t *argv = NULL;
int argc = 0;
- struct files_struct *displaced;
/* require nonrelative corefile path and be extra careful */
bool need_suid_safe = false;
bool core_dumped = false;
@@ -791,11 +790,9 @@ void do_coredump(const kernel_siginfo_t *siginfo)
}
/* get us an unshared descriptor table; almost always a no-op */
- retval = unshare_files(&displaced);
+ retval = unshare_files();
if (retval)
goto close_fail;
- if (displaced)
- put_files_struct(displaced);
if (!dump_interrupted()) {
/*
* umh disabled with CONFIG_STATIC_USERMODEHELPER_PATH="" would
diff --git a/fs/exec.c b/fs/exec.c
index 17c007bba712..9b723d2560d1 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1354,7 +1354,6 @@ void __set_task_comm(struct task_struct *tsk, const char *buf, bool exec)
int begin_new_exec(struct linux_binprm * bprm)
{
struct task_struct *me = current;
- struct files_struct *displaced;
int retval;
/* Once we are committed compute the creds */
@@ -1375,11 +1374,9 @@ int begin_new_exec(struct linux_binprm * bprm)
goto out;
/* Ensure the files table is not shared. */
- retval = unshare_files(&displaced);
+ retval = unshare_files();
if (retval)
goto out;
- if (displaced)
- put_files_struct(displaced);
/*
* Must be called _before_ exec_mmap() as bprm->mm is
diff --git a/include/linux/fdtable.h b/include/linux/fdtable.h
index a32bf47c593e..f46a084b60b2 100644
--- a/include/linux/fdtable.h
+++ b/include/linux/fdtable.h
@@ -109,7 +109,7 @@ struct task_struct;
struct files_struct *get_files_struct(struct task_struct *);
void put_files_struct(struct files_struct *fs);
void reset_files_struct(struct files_struct *);
-int unshare_files(struct files_struct **);
+int unshare_files(void);
struct files_struct *dup_fd(struct files_struct *, unsigned, int *) __latent_entropy;
void do_close_on_exec(struct files_struct *);
int iterate_fd(struct files_struct *, unsigned,
diff --git a/kernel/fork.c b/kernel/fork.c
index 4d32190861bd..3049a41076f3 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -2995,21 +2995,21 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags)
* the exec layer of the kernel.
*/
-int unshare_files(struct files_struct **displaced)
+int unshare_files(void)
{
struct task_struct *task = current;
- struct files_struct *copy = NULL;
+ struct files_struct *old, *copy = NULL;
int error;
error = unshare_fd(CLONE_FILES, NR_OPEN_MAX, ©);
- if (error || !copy) {
- *displaced = NULL;
+ if (error || !copy)
return error;
- }
- *displaced = task->files;
+
+ old = task->files;
task_lock(task);
task->files = copy;
task_unlock(task);
+ put_files_struct(old);
return 0;
}
--
2.25.0
next prev parent reply other threads:[~2020-08-17 22:09 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-17 22:03 exec: Move unshare_files and guarantee files_struct.count is correct Eric W. Biederman
2020-08-17 22:04 ` [PATCH 01/17] exec: Move unshare_files to fix posix file locking during exec Eric W. Biederman
2020-08-18 10:04 ` Christian Brauner
2020-08-17 22:04 ` Eric W. Biederman [this message]
2020-08-18 10:08 ` [PATCH 02/17] exec: Simplify unshare_files Christian Brauner
2020-08-17 22:04 ` [PATCH 03/17] exec: Remove reset_files_struct Eric W. Biederman
2020-08-18 10:09 ` Christian Brauner
2020-08-17 22:04 ` [PATCH 04/17] kcmp: In kcmp_epoll_target use fget_task Eric W. Biederman
2020-08-20 21:45 ` Cyrill Gorcunov
2020-08-17 22:04 ` [PATCH 05/17] bpf: In bpf_task_fd_query " Eric W. Biederman
2020-08-17 22:04 ` [PATCH 06/17] file: Implement fcheck_task Eric W. Biederman
2020-08-18 10:37 ` Christian Brauner
2020-08-17 22:04 ` [PATCH 07/17] proc/fd: In tid_fd_mode use fcheck_task Eric W. Biederman
2020-08-18 10:36 ` Christian Brauner
2020-08-17 22:04 ` [PATCH 08/17] proc/fd: In proc_fd_link " Eric W. Biederman
2020-08-18 10:36 ` Christian Brauner
2020-08-17 22:04 ` [PATCH 09/17] file: Implement fnext_task Eric W. Biederman
2020-08-17 23:54 ` Linus Torvalds
[not found] ` <875z9g7oln.fsf@x220.int.ebiederm.org>
2020-08-18 1:17 ` Linus Torvalds
2020-08-18 11:05 ` Christian Brauner
[not found] ` <87pn7m22kn.fsf@x220.int.ebiederm.org>
2020-08-19 15:54 ` Alexei Starovoitov
[not found] ` <871rk0t45v.fsf@x220.int.ebiederm.org>
2020-08-21 16:17 ` Alexei Starovoitov
2020-08-19 18:32 ` Linus Torvalds
2020-08-20 21:50 ` Cyrill Gorcunov
2020-08-17 22:04 ` [PATCH 10/17] proc/fd: In proc_readfd_common use fnext_task Eric W. Biederman
2020-08-18 2:22 ` Al Viro
[not found] ` <87sgck4o23.fsf@x220.int.ebiederm.org>
2020-08-18 4:59 ` Alexei Starovoitov
2020-08-17 22:04 ` [PATCH 11/17] bpf/task_iter: In task_file_seq_get_next " Eric W. Biederman
2020-08-18 5:39 ` kernel test robot
2020-08-18 5:39 ` kernel test robot
2020-08-18 12:54 ` Eric W. Biederman
2020-08-18 12:54 ` Eric W. Biederman
2020-08-17 22:04 ` [PATCH 12/17] proc/fd: In fdinfo seq_show don't use get_files_struct Eric W. Biederman
2020-08-18 0:08 ` Linus Torvalds
[not found] ` <87v9hg69ph.fsf@x220.int.ebiederm.org>
2020-08-18 1:21 ` Linus Torvalds
2020-08-18 10:43 ` Christian Brauner
2020-08-17 22:04 ` [PATCH 13/17] file: Remove get_files_struct Eric W. Biederman
2020-08-18 10:39 ` Christian Brauner
2020-08-17 22:04 ` [PATCH 14/17] file: Merge __fd_install into fd_install Eric W. Biederman
2020-08-18 10:15 ` Christian Brauner
2020-08-17 22:04 ` [PATCH 15/17] file: In f_dupfd read RLIMIT_NOFILE once Eric W. Biederman
2020-08-18 10:12 ` Christian Brauner
2020-08-17 22:04 ` [PATCH 16/17] file: Merge __alloc_fd into alloc_fd Eric W. Biederman
2020-08-18 10:17 ` Christian Brauner
2020-08-17 22:04 ` [PATCH 17/17] file: Rename __close_fd to close_fd and remove the files parameter Eric W. Biederman
2020-08-18 10:19 ` Christian Brauner
2020-08-18 11:20 ` Christoph Hellwig
2020-08-18 12:48 ` Eric W. Biederman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200817220425.9389-2-ebiederm@xmission.com \
--to=ebiederm@xmission.com \
--cc=andriin@fb.com \
--cc=ast@kernel.org \
--cc=berrange@redhat.com \
--cc=bfields@fieldses.org \
--cc=bpf@vger.kernel.org \
--cc=christian.brauner@ubuntu.com \
--cc=chrisw@redhat.com \
--cc=criu@openvz.org \
--cc=daniel@iogearbox.net \
--cc=gorcunov@gmail.com \
--cc=jann@thejh.net \
--cc=jlayton@redhat.com \
--cc=john.fastabend@gmail.com \
--cc=kafai@fb.com \
--cc=keescook@chromium.org \
--cc=kpsingh@chromium.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=matthew@wil.cx \
--cc=miklos@szeredi.hu \
--cc=oleg@redhat.com \
--cc=songliubraving@fb.com \
--cc=torvalds@linux-foundation.org \
--cc=trond.myklebust@fys.uio.no \
--cc=viro@zeniv.linux.org.uk \
--cc=willy@debian.org \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.