[v2,00/29] cred: rework {override,revert}_creds()

Message ID	20241125-work-cred-v2-0-68b9d38bb5b2@kernel.org (mailing list archive)
Headers	show Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8969A192B7F; Mon, 25 Nov 2024 14:10:21 +0000 (UTC) From: Christian Brauner <brauner@kernel.org> Subject: [PATCH v2 00/29] cred: rework {override,revert}_creds() Date: Mon, 25 Nov 2024 15:09:56 +0100 Message-Id: <20241125-work-cred-v2-0-68b9d38bb5b2@kernel.org> Precedence: bulk MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit To: Linus Torvalds <torvalds@linux-foundation.org> Cc: Amir Goldstein <amir73il@gmail.com>, Miklos Szeredi <miklos@szeredi.hu>, Al Viro <viro@zeniv.linux.org.uk>, Jens Axboe <axboe@kernel.dk>, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, Christian Brauner <brauner@kernel.org>
Series	cred: rework {override,revert}_creds() \| expand [v2,00/29] cred: rework {override,revert}_creds() [v2,01/29] tree-wide: s/override_creds()/override_creds_light(get_new_cred())/g [v2,02/29] cred: return old creds from revert_creds_light() [v2,03/29] tree-wide: s/revert_creds()/put_cred(revert_creds_light())/g [v2,04/29] cred: remove old {override,revert}_creds() helpers [v2,05/29] tree-wide: s/override_creds_light()/override_creds()/g [v2,06/29] tree-wide: s/revert_creds_light()/revert_creds()/g [v2,07/29] firmware: avoid pointless reference count bump [v2,08/29] sev-dev: avoid pointless cred reference count bump [v2,09/29] target_core_configfs: avoid pointless cred reference count bump [v2,10/29] aio: avoid pointless cred reference count bump [v2,11/29] binfmt_misc: avoid pointless cred reference count bump [v2,12/29] coredump: avoid pointless cred reference count bump [v2,13/29] nfs/localio: avoid pointless cred reference count bumps [v2,14/29] nfs/nfs4idmap: avoid pointless reference count bump [v2,15/29] nfs/nfs4recover: avoid pointless cred reference count bump [v2,16/29] nfsfh: avoid pointless cred reference count bump [v2,17/29] open: avoid pointless cred reference count bump [v2,18/29] ovl: avoid pointless cred reference count bump [v2,19/29] cifs: avoid pointless cred reference count bump [v2,20/29] cifs: avoid pointless cred reference count bump [v2,21/29] smb: avoid pointless cred reference count bump [v2,22/29] io_uring: avoid pointless cred reference count bump [v2,23/29] acct: avoid pointless reference count bump [v2,24/29] cgroup: avoid pointless cred reference count bump [v2,25/29] trace: avoid pointless cred reference count bump [v2,26/29] dns_resolver: avoid pointless cred reference count bump [v2,27/29] cachefiles: avoid pointless cred reference count bump [v2,28/29] nfsd: avoid pointless cred reference count bump [v2,29/29] cred: remove unused get_new_cred()

Message ID

20241125-work-cred-v2-0-68b9d38bb5b2@kernel.org (mailing list archive)

Headers

From: Christian Brauner <brauner@kernel.org>
Subject: [PATCH v2 00/29] cred: rework {override,revert}_creds()
Date: Mon, 25 Nov 2024 15:09:56 +0100
Message-Id: <20241125-work-cred-v2-0-68b9d38bb5b2@kernel.org>
Precedence: bulk
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Amir Goldstein <amir73il@gmail.com>, Miklos Szeredi <miklos@szeredi.hu>,
 Al Viro <viro@zeniv.linux.org.uk>, Jens Axboe <axboe@kernel.dk>,
 linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
 Christian Brauner <brauner@kernel.org>

Series

cred: rework {override,revert}_creds() | expand

Message

Christian Brauner Nov. 25, 2024, 2:09 p.m. UTC

For the v6.13 cycle we switched overlayfs to a variant of
override_creds() that doesn't take an extra reference. To this end I
suggested introducing {override,revert}_creds_light() which overlayfs
could use.

This seems to work rather well. This series follow Linus advice and
unifies the separate helpers and simply makes {override,revert}_creds()
do what {override,revert}_creds_light() currently does. Caller's that
really need the extra reference count can take it manually.

---
Changes in v2:
- Remove confusion around dangling pointer.
- Use the revert_creds(old) + put_cred(new) pattern instead of
  put_cred(revert_creds(old)).
- Fill in missing justifications in various commit message why not using
  a separate reference count is safe.
- Make get_new_cred() argument const to easily use it during the
  conversion.
- Get rid of get_new_cred() completely at the end of the series.
- Link to v1: https://lore.kernel.org/r/20241124-work-cred-v1-0-f352241c3970@kernel.org

---
Christian Brauner (29):
      tree-wide: s/override_creds()/override_creds_light(get_new_cred())/g
      cred: return old creds from revert_creds_light()
      tree-wide: s/revert_creds()/put_cred(revert_creds_light())/g
      cred: remove old {override,revert}_creds() helpers
      tree-wide: s/override_creds_light()/override_creds()/g
      tree-wide: s/revert_creds_light()/revert_creds()/g
      firmware: avoid pointless reference count bump
      sev-dev: avoid pointless cred reference count bump
      target_core_configfs: avoid pointless cred reference count bump
      aio: avoid pointless cred reference count bump
      binfmt_misc: avoid pointless cred reference count bump
      coredump: avoid pointless cred reference count bump
      nfs/localio: avoid pointless cred reference count bumps
      nfs/nfs4idmap: avoid pointless reference count bump
      nfs/nfs4recover: avoid pointless cred reference count bump
      nfsfh: avoid pointless cred reference count bump
      open: avoid pointless cred reference count bump
      ovl: avoid pointless cred reference count bump
      cifs: avoid pointless cred reference count bump
      cifs: avoid pointless cred reference count bump
      smb: avoid pointless cred reference count bump
      io_uring: avoid pointless cred reference count bump
      acct: avoid pointless reference count bump
      cgroup: avoid pointless cred reference count bump
      trace: avoid pointless cred reference count bump
      dns_resolver: avoid pointless cred reference count bump
      cachefiles: avoid pointless cred reference count bump
      nfsd: avoid pointless cred reference count bump
      cred: remove unused get_new_cred()

 Documentation/security/credentials.rst |  5 ----
 drivers/crypto/ccp/sev-dev.c           |  2 +-
 fs/backing-file.c                      | 20 +++++++-------
 fs/nfsd/auth.c                         |  3 +-
 fs/nfsd/filecache.c                    |  2 +-
 fs/nfsd/nfs4recover.c                  |  3 +-
 fs/nfsd/nfsfh.c                        |  1 -
 fs/open.c                              | 11 ++------
 fs/overlayfs/dir.c                     |  4 +--
 fs/overlayfs/util.c                    |  4 +--
 fs/smb/server/smb_common.c             | 10 ++-----
 include/linux/cred.h                   | 26 ++++--------------
 kernel/cred.c                          | 50 ----------------------------------
 13 files changed, 27 insertions(+), 114 deletions(-)
---
base-commit: e7675238b9bf4db0b872d5dbcd53efa31914c98f
change-id: 20241124-work-cred-349b65450082

Comments

Chuck Lever Nov. 25, 2024, 3:37 p.m. UTC | #1

On Mon, Nov 25, 2024 at 03:09:56PM +0100, Christian Brauner wrote:
> For the v6.13 cycle we switched overlayfs to a variant of
> override_creds() that doesn't take an extra reference. To this end I
> suggested introducing {override,revert}_creds_light() which overlayfs
> could use.
> 
> This seems to work rather well. This series follow Linus advice and
> unifies the separate helpers and simply makes {override,revert}_creds()
> do what {override,revert}_creds_light() currently does. Caller's that
> really need the extra reference count can take it manually.
> 
> ---
> Changes in v2:
> - Remove confusion around dangling pointer.
> - Use the revert_creds(old) + put_cred(new) pattern instead of
>   put_cred(revert_creds(old)).
> - Fill in missing justifications in various commit message why not using
>   a separate reference count is safe.
> - Make get_new_cred() argument const to easily use it during the
>   conversion.
> - Get rid of get_new_cred() completely at the end of the series.
> - Link to v1: https://lore.kernel.org/r/20241124-work-cred-v1-0-f352241c3970@kernel.org
> 
> ---
> Christian Brauner (29):
>       tree-wide: s/override_creds()/override_creds_light(get_new_cred())/g
>       cred: return old creds from revert_creds_light()
>       tree-wide: s/revert_creds()/put_cred(revert_creds_light())/g
>       cred: remove old {override,revert}_creds() helpers
>       tree-wide: s/override_creds_light()/override_creds()/g
>       tree-wide: s/revert_creds_light()/revert_creds()/g
>       firmware: avoid pointless reference count bump
>       sev-dev: avoid pointless cred reference count bump
>       target_core_configfs: avoid pointless cred reference count bump
>       aio: avoid pointless cred reference count bump
>       binfmt_misc: avoid pointless cred reference count bump
>       coredump: avoid pointless cred reference count bump
>       nfs/localio: avoid pointless cred reference count bumps
>       nfs/nfs4idmap: avoid pointless reference count bump
>       nfs/nfs4recover: avoid pointless cred reference count bump
>       nfsfh: avoid pointless cred reference count bump
>       open: avoid pointless cred reference count bump
>       ovl: avoid pointless cred reference count bump
>       cifs: avoid pointless cred reference count bump
>       cifs: avoid pointless cred reference count bump
>       smb: avoid pointless cred reference count bump
>       io_uring: avoid pointless cred reference count bump
>       acct: avoid pointless reference count bump
>       cgroup: avoid pointless cred reference count bump
>       trace: avoid pointless cred reference count bump
>       dns_resolver: avoid pointless cred reference count bump
>       cachefiles: avoid pointless cred reference count bump
>       nfsd: avoid pointless cred reference count bump
>       cred: remove unused get_new_cred()
> 
>  Documentation/security/credentials.rst |  5 ----
>  drivers/crypto/ccp/sev-dev.c           |  2 +-
>  fs/backing-file.c                      | 20 +++++++-------
>  fs/nfsd/auth.c                         |  3 +-
>  fs/nfsd/filecache.c                    |  2 +-
>  fs/nfsd/nfs4recover.c                  |  3 +-
>  fs/nfsd/nfsfh.c                        |  1 -
>  fs/open.c                              | 11 ++------
>  fs/overlayfs/dir.c                     |  4 +--
>  fs/overlayfs/util.c                    |  4 +--
>  fs/smb/server/smb_common.c             | 10 ++-----
>  include/linux/cred.h                   | 26 ++++--------------
>  kernel/cred.c                          | 50 ----------------------------------
>  13 files changed, 27 insertions(+), 114 deletions(-)
> ---
> base-commit: e7675238b9bf4db0b872d5dbcd53efa31914c98f
> change-id: 20241124-work-cred-349b65450082
> 
> 

For the patches that touch fs/nfsd/*:

Acked-by: Chuck Lever <chuck.lever@oracle.com>

Linus Torvalds Nov. 25, 2024, 4:53 p.m. UTC | #2

On Mon, 25 Nov 2024 at 06:10, Christian Brauner <brauner@kernel.org> wrote:
>
> Changes in v2:

Thanks, everything looks really good to me, this is much better than
our old refcount thing.

          Linus