From patchwork Thu Jun 15 14:47:09 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Howells X-Patchwork-Id: 9788969 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id D2C45602CB for ; Thu, 15 Jun 2017 14:47:21 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C523227165 for ; Thu, 15 Jun 2017 14:47:21 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id B97CB28659; Thu, 15 Jun 2017 14:47:21 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9805A283CF for ; Thu, 15 Jun 2017 14:47:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752498AbdFOOrT convert rfc822-to-8bit (ORCPT ); Thu, 15 Jun 2017 10:47:19 -0400 Received: from mx1.redhat.com ([209.132.183.28]:20115 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752416AbdFOOrS (ORCPT ); Thu, 15 Jun 2017 10:47:18 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C5BB1C04B93D; Thu, 15 Jun 2017 14:47:17 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com C5BB1C04B93D Authentication-Results: ext-mx07.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx07.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=dhowells@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com C5BB1C04B93D Received: from warthog.procyon.org.uk (ovpn-120-53.rdu2.redhat.com [10.10.120.53]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6FB0182AF3; Thu, 15 Jun 2017 14:47:14 +0000 (UTC) Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 3798903 From: David Howells In-Reply-To: <20170615100713.GH31671@ZenIV.linux.org.uk> References: <20170615100713.GH31671@ZenIV.linux.org.uk> <149745330648.10897.9605870130502083184.stgit@warthog.procyon.org.uk> <149745354300.10897.4615400686590211820.stgit@warthog.procyon.org.uk> To: Al Viro Cc: dhowells@redhat.com, mszeredi@redhat.com, linux-nfs@vger.kernel.org, jlayton@redhat.com, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, linux-fsdevel@vger.kernel.org Subject: Re: [PATCH 25/27] ipc: Convert mqueue fs to fs_context [ver #5] MIME-Version: 1.0 Content-ID: <18686.1497538029.1@warthog.procyon.org.uk> Date: Thu, 15 Jun 2017 15:47:09 +0100 Message-ID: <18687.1497538029@warthog.procyon.org.uk> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Thu, 15 Jun 2017 14:47:18 +0000 (UTC) Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Al Viro wrote: > > + if (ctx->ipc_ns != ns) { > > How could they possibly be equal? You are setting that ns up here, right? > How could it be in any process' nsproxy? Fair point. > Ugh, again... Is there any reason for dynamic allocation of that thing in > this particular case? AFAICS, these contortions are all due to going through > vfs_new_fs_context()/put_fs_context(). And it's not as if they had been > refcounted... I can statically initialise it as below, but whilst I don't need to call vfs_new_fs_context() and put_fs_context(), I do have to call the security hooks (Smack makes no distinction for internal filesystems) to set up the security context and clean it up, and I do have to have the error handling for in case kern_mount_data_fc() fails. So it actually makes both the source and the object file bigger. Now, I could hide some of this inside a pair of inline functions, but it doesn't help that much. What might be better is to provide a function that wraps the vfs_get_tree() and kern_mount_data_fc() calls and the cleanup. David --- -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/ipc/mqueue.c b/ipc/mqueue.c index f2e1d1d69961..a18a5f6763f9 100644 --- a/ipc/mqueue.c +++ b/ipc/mqueue.c @@ -1431,8 +1431,15 @@ static struct file_system_type mqueue_fs_type = { int mq_init_ns(struct ipc_namespace *ns) { - struct mqueue_fs_context *ctx; - struct fs_context *fc; + struct mqueue_fs_context ctx = { + .fc.ops = &mqueue_fs_context_ops, + .fc.fs_type = &mqueue_fs_type, + .fc.cred = current_cred(), + .fc.user_ns = current_user_ns(), + .fc.purpose = FS_CONTEXT_FOR_NEW, + .ipc_ns = ns, + }; + struct super_block *sb; struct vfsmount *mnt; int ret; @@ -1443,29 +1450,32 @@ int mq_init_ns(struct ipc_namespace *ns) ns->mq_msg_default = DFLT_MSG; ns->mq_msgsize_default = DFLT_MSGSIZE; - fc = vfs_new_fs_context(&mqueue_fs_type, NULL, 0, FS_CONTEXT_FOR_NEW); - if (IS_ERR(fc)) - return PTR_ERR(fc); - - ctx = container_of(fc, struct mqueue_fs_context, fc); - put_ipc_ns(ctx->ipc_ns); - ctx->ipc_ns = get_ipc_ns(ns); + ret = security_fs_context_alloc(&ctx.fc, NULL); + if (ret < 0) + return ret; - ret = vfs_get_tree(fc); + ret = vfs_get_tree(&ctx.fc); if (ret < 0) goto out_fc; - mnt = kern_mount_data_fc(fc); + mnt = kern_mount_data_fc(&ctx.fc); if (IS_ERR(mnt)) { ret = PTR_ERR(mnt); - goto out_fc; + goto out_root; } ns->mq_mnt = mnt; ret = 0; out_fc: - put_fs_context(fc); + security_fs_context_free(&ctx.fc); return ret; + +out_root: + sb = ctx.fc.root->d_sb; + dput(ctx.fc.root); + ctx.fc.root = NULL; + deactivate_super(sb); + goto out_fc; } void mq_clear_sbinfo(struct ipc_namespace *ns)