From patchwork Wed Jun 3 01:10:42 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sargun Dhillon X-Patchwork-Id: 11584779 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BBD31912 for ; Wed, 3 Jun 2020 01:14:08 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 9EFC5206E9 for ; Wed, 3 Jun 2020 01:14:08 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=sargun.me header.i=@sargun.me header.b="KcuhYU82" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727860AbgFCBN4 (ORCPT ); Tue, 2 Jun 2020 21:13:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46052 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728376AbgFCBNk (ORCPT ); Tue, 2 Jun 2020 21:13:40 -0400 Received: from mail-pf1-x442.google.com (mail-pf1-x442.google.com [IPv6:2607:f8b0:4864:20::442]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BB4CBC08C5C2 for ; Tue, 2 Jun 2020 18:13:40 -0700 (PDT) Received: by mail-pf1-x442.google.com with SMTP id a127so397666pfa.12 for ; Tue, 02 Jun 2020 18:13:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sargun.me; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=nhWgywlp7hGFzT3uDr0Y1hpZYhM+popoEVRUKB4VQWc=; b=KcuhYU82+vDQQx/DeVCMpJeN14+0ym8WxhWxeXEkaQ+3yezTYF4Ee5fw/subrNMumN KyeAfCGCmRn0kJMIhZMcogDXCSfT+sBBqmi7wdOtjgBK8yInPiCqMLFgrVCWXL2KYFXQ wAigHdmOLJYq7IXym1xyUJRMKY8oH/Rez9kpo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=nhWgywlp7hGFzT3uDr0Y1hpZYhM+popoEVRUKB4VQWc=; b=kosrYZWw7nuzD97487Fasbhu/5CU5xFSz4jkm7F/l+e7VT6dsUUHGUE3V4YfGb1JmT CZ4ts1hUCeyYCeCNbCWRnvJuPuKpkbG5/gHpgmYNihr/APnNbwBLvuczi0MqcRYcTNRj VfrnDy8ToZO4IZm2Zm128Rn1ki8y9Py+MYNo4w3eyTTX2V5VF3QjElU5ODvzn5OzOi0+ RdVc8o3HMjvG8nl3HrZD1RZgF/Byixsvj9V5Cs1dJtiBT8eaTnOPlxlWX0rTh7Irg1ha GPiDljCpG78RUp1/ifUEAVVgiUH1mnOVVHJeDPMzlcm8lQgmSkuK9kO0kGANakWPAYcQ 6Arw== X-Gm-Message-State: AOAM5315ezmT41Ni2m4Ax7sZ08nutHPWW3ZBfr+Wvfrrx8Dq40VBiHgz foru/D0b6pVj9TXmI6AiQygjPA== X-Google-Smtp-Source: ABdhPJziu0Ir+oIrvYqeFGcbFb1EEVntTRUVR8VaEiMPDVEUmaVr/EmBGAHwManIvwfanKgve0+dwg== X-Received: by 2002:a17:90a:7bcb:: with SMTP id d11mr2287916pjl.209.1591146820050; Tue, 02 Jun 2020 18:13:40 -0700 (PDT) Received: from ubuntu.netflix.com (203.20.25.136.in-addr.arpa. [136.25.20.203]) by smtp.gmail.com with ESMTPSA id a12sm263222pjw.35.2020.06.02.18.13.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Jun 2020 18:13:39 -0700 (PDT) From: Sargun Dhillon To: Kees Cook , linux-kernel@vger.kernel.org Cc: Sargun Dhillon , Tycho Andersen , Matt Denton , Jann Horn , Chris Palmer , Aleksa Sarai , Robert Sesek , Christian Brauner , containers@lists.linux-foundation.org, Giuseppe Scrivano , Greg Kroah-Hartman , Al Viro , Daniel Wagner , "David S . Miller" , John Fastabend , Tejun Heo , stable@vger.kernel.org, cgroups@vger.kernel.org, linux-fsdevel@vger.kernel.org Subject: [PATCH v3 2/4] pid: Use file_receive helper to copy FDs Date: Tue, 2 Jun 2020 18:10:42 -0700 Message-Id: <20200603011044.7972-3-sargun@sargun.me> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200603011044.7972-1-sargun@sargun.me> References: <20200603011044.7972-1-sargun@sargun.me> MIME-Version: 1.0 Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org The code to copy file descriptors was duplicated in pidfd_getfd. Rather than continue to duplicate it, this hoists the code out of kernel/pid.c and uses the newly added file_receive helper. Earlier, when this was implemented there was some back-and-forth about how the semantics should work around copying around file descriptors [1], and it was decided that the default behaviour should be to not modify cgroup data. As a matter of least surprise, this approach follows the default semantics as presented by SCM_RIGHTS. In the future, a flag can be added to avoid manipulating the cgroup data on copy. [1]: https://lore.kernel.org/lkml/20200107175927.4558-1-sargun@sargun.me/ Signed-off-by: Sargun Dhillon Suggested-by: Kees Cook Cc: Al Viro Cc: Christian Brauner Cc: Daniel Wagner Cc: David S. Miller Cc: Jann Horn Cc: John Fastabend Cc: Tejun Heo Cc: Tycho Andersen Cc: stable@vger.kernel.org Cc: cgroups@vger.kernel.org Cc: linux-fsdevel@vger.kernel.org Cc: linux-kernel@vger.kernel.org --- kernel/pid.c | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/kernel/pid.c b/kernel/pid.c index c835b844aca7..1642cf940aa1 100644 --- a/kernel/pid.c +++ b/kernel/pid.c @@ -606,7 +606,7 @@ static int pidfd_getfd(struct pid *pid, int fd) { struct task_struct *task; struct file *file; - int ret; + int ret, err; task = get_pid_task(pid, PIDTYPE_PID); if (!task) @@ -617,18 +617,16 @@ static int pidfd_getfd(struct pid *pid, int fd) if (IS_ERR(file)) return PTR_ERR(file); - ret = security_file_receive(file); - if (ret) { - fput(file); - return ret; - } - ret = get_unused_fd_flags(O_CLOEXEC); - if (ret < 0) - fput(file); - else - fd_install(ret, file); + if (ret >= 0) { + err = file_receive(ret, file); + if (err) { + put_unused_fd(ret); + ret = err; + } + } + fput(file); return ret; }