From patchwork Sat Dec 2 21:22:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 13477077 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="gr2teot2" Received: from mail-oi1-x22c.google.com (mail-oi1-x22c.google.com [IPv6:2607:f8b0:4864:20::22c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E1E51184 for ; Sat, 2 Dec 2023 13:22:22 -0800 (PST) Received: by mail-oi1-x22c.google.com with SMTP id 5614622812f47-3b844357f7cso1427326b6e.1 for ; Sat, 02 Dec 2023 13:22:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1701552142; x=1702156942; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Gj+Y/6VXeJ+r0pgecRkRsTt5zcHlqOxutguYUyMKTVU=; b=gr2teot24exISStimGuA6uwZHfe8C8GO9of9Yown0wbJwWfmsXN0HEm+HMYnJHXR0K 9BPA7IobVYUOiNHw64fjIRcAzthG9Yf1rAUaizoN6bbILac2nvdeQFcPYTv/SDRcrsMc aFZviUgx0jG0xlgyeAFQpuaji9Z8HASRtWgFY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701552142; x=1702156942; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Gj+Y/6VXeJ+r0pgecRkRsTt5zcHlqOxutguYUyMKTVU=; b=kLV/PsN1RwlRhNd2ekIVVIrwq2Yr+4wtgys80C5fWkLZUVJE071icYCpLOM69L6n1X dZHC3srqVHddD1Xwv61P+3LqgIp5dfdJcEQMPfI/FyEh3hXE3kWMrhNuZk9W/tYvUAUE +7jUmkvxGULMOgFcsIw2ER1Ps/KOMpOd2r5HKBEhOus3FpcMb3vC09jR74gjGFwGaFPK i6fu7oeZCyadLNpe71Sv8z7t3KgNExi4lILKrcQh7SRFkEgo9z32QngU1n6Tgt7MWhVn 2g8vYu7xeDOLQu4YKl9faUjl6qY+5an8bZtalnYhT4t26w4RyA114q5TtqEzteB2/kQr 3lUg== X-Gm-Message-State: AOJu0YwGr9/66+8HHANYhadkjgXvmYzNVm6TCmbpiePLusMlKi9SlJnr cNyn1nruq3h1Ctw8Fgt1rCqVWX4bfBmDC5rMYvo= X-Google-Smtp-Source: AGHT+IHI/l9YXsb8W4D5DKnvxPxPdidKCGMOauTa2UvDzy+vvVxKcKISva6dGT2AXfYPWma8tUjI+A== X-Received: by 2002:a05:6808:309c:b0:3b8:b063:6b8d with SMTP id bl28-20020a056808309c00b003b8b0636b8dmr1923224oib.60.1701552142290; Sat, 02 Dec 2023 13:22:22 -0800 (PST) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id p10-20020a17090a930a00b002867594de40sm1351802pjo.14.2023.12.02.13.22.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 02 Dec 2023 13:22:18 -0800 (PST) From: Kees Cook To: "Guilherme G. Piccoli" Cc: Kees Cook , Tony Luck , linux-hardening@vger.kernel.org, Christian Brauner , "Peter Zijlstra (Intel)" , Al Viro , linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org Subject: [PATCH 1/5] pstore: inode: Convert kfree() usage to __free(kfree) Date: Sat, 2 Dec 2023 13:22:11 -0800 Message-Id: <20231202212217.243710-1-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231202211535.work.571-kees@kernel.org> References: <20231202211535.work.571-kees@kernel.org> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1508; i=keescook@chromium.org; h=from:subject; bh=FqMfSJ9tnf+E4NKsMDABD4Hv9XWcLEDAeeuD1HVeW1g=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBla6AGUcAUjxMoJ6U4X0vLxi+fYt1AWVqAhC5g3 8R9qQmTZrCJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCZWugBgAKCRCJcvTf3G3A JqoTD/sEQ48wmQkFhwAOp4TsKfq+vZmWkT5yfGDyxOQ2ucZIBmBzGRljVmzMiuznpXr3hR6RMn6 CI5L7iPa+hQEPuuIdH4ULzOkZKlNGhNWGY6qT/NysWagTanA2+tPygJoTDa3shFPV8Qg/ktXOmA EzaYBnYM32d95qHxY+O7UzeQQHZ+L8mW0w+7Pi4LnpbaEdoxc66d/yrcVqkNxC51p/VeozU/deM rk5C2MNd7/VwWxOqHlp1SIiA899X4IXHIaMopuLi/lfj5TGjWQYSw89mtkk3p/zmCoxe0za6uqJ 5EkmLzOEZ5XC2P4LS/bWhBwNEzOv4Jy7tDzYhbi37IkEM5XnLTEoVRCAB66Swzv/2WOGDhqh3rK IWicrRHiv496Kk7nhiqTyyIQ7vTvoRxCEcarCa+abBlzBe1hcVZa3QWkzGBJyXCYxo8Eqh+vspr 9GNiGEtp4IHwd4bDA7xIm+m36TXHvQTk31FKlch+AdsiZpHPZwxRZ7uslC2pmtV8uCcqoa+MEOQ HeLGQpB9Lheyc3q0B2RPlcqX4RCXu1MzGSJV446zBw7SUb5C/OD4rMGYlzWCHvuMwBVo9ScPTLY Yvnc9q7XkjLRd9JF0+Bf3QSnvRXDIn8bk1Sv2zb2M11q84weUwdkEaxXXSh3/8kBccf3Vc0s6fO bwrQdBKoi0BSe6w== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Mostly as an example to myself, replace a simple allocation pattern with the automatic kfree cleanup features now exposed by cleanup.h. Cc: "Guilherme G. Piccoli" Cc: Tony Luck Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/inode.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/fs/pstore/inode.c b/fs/pstore/inode.c index d41c20d1b5e8..20f3452c8196 100644 --- a/fs/pstore/inode.c +++ b/fs/pstore/inode.c @@ -23,6 +23,7 @@ #include #include #include +#include #include "internal.h" @@ -64,7 +65,7 @@ static void free_pstore_private(struct pstore_private *private) static void *pstore_ftrace_seq_start(struct seq_file *s, loff_t *pos) { struct pstore_private *ps = s->private; - struct pstore_ftrace_seq_data *data; + struct pstore_ftrace_seq_data *data __free(kfree) = NULL; data = kzalloc(sizeof(*data), GFP_KERNEL); if (!data) @@ -72,13 +73,10 @@ static void *pstore_ftrace_seq_start(struct seq_file *s, loff_t *pos) data->off = ps->total_size % REC_SIZE; data->off += *pos * REC_SIZE; - if (data->off + REC_SIZE > ps->total_size) { - kfree(data); + if (data->off + REC_SIZE > ps->total_size) return NULL; - } - - return data; + return_ptr(data); } static void pstore_ftrace_seq_stop(struct seq_file *s, void *v) From patchwork Sat Dec 2 21:22:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 13477078 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="e3jNmR61" Received: from mail-pf1-x42f.google.com (mail-pf1-x42f.google.com [IPv6:2607:f8b0:4864:20::42f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 185D518A for ; Sat, 2 Dec 2023 13:22:24 -0800 (PST) Received: by mail-pf1-x42f.google.com with SMTP id d2e1a72fcca58-6cb55001124so3332908b3a.0 for ; Sat, 02 Dec 2023 13:22:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1701552143; x=1702156943; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=K2E08Wp0PAEeNbIbiRL8xBMi7hvEIIZj0Of8hDuuB3w=; b=e3jNmR613paODAYSh88L9xEM1dImp1Y1d4fMXxu7hLE96OH4/DxiuFv5TFirICroY0 9IEtMZEoSQvevDOT1SxS0njT9bMRpIYNJczQL34VJUKG7O+VnAIYKEFcWC5l5n/tDAt0 1I4i22JWnCJ+Uq/U9Czv8sTDNmpFIJ9m9OGoE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701552143; x=1702156943; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=K2E08Wp0PAEeNbIbiRL8xBMi7hvEIIZj0Of8hDuuB3w=; b=mhSyIPeGp0vADrD678yol6fpO1zkbnFwd8Xh3ohsSGmWdMbjf28iO3FB4Gm2LZFxun TjH1JELwiQEwAMAljv8iQ1WKJFRMABnpjZK1CoXueu7afpDCYCQVOCPZ5Cr7hMdYnslR 9vc2R4DkRMyC/DgQctc3WOBQesIroXvuzLJTQxffPfImn9GwNMbnCctTGxgwQmnjRdHE VLtarvsxAjvMQ/VR1tUbkyMbicq/umCaKWNnhOxdi+inCM0Y71ezwDsLu3uWmgf+ZjFv t8G44Rm5JRIInlHycIA03i9JwQJ2uQbEn8OKXgqyFOGVpWtoWQzkpht2yD9LNl5U6AXd WY7w== X-Gm-Message-State: AOJu0YykHa3mXdwubf3QMTLdXKz5NccLCdlc8HQH5C8P+VTTEF8p9Xhb k78E+bypBuCnB41MnYLG+0segw== X-Google-Smtp-Source: AGHT+IEWeGIVqNPJWbRT9NWl7jrkJIsQKREylxAfpFjmc/wXrAXG7QNSQDRnz8gq/R7XqyavdXpj+Q== X-Received: by 2002:a05:6a20:8427:b0:18a:e4ed:cc41 with SMTP id c39-20020a056a20842700b0018ae4edcc41mr2235604pzd.23.1701552143416; Sat, 02 Dec 2023 13:22:23 -0800 (PST) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id h18-20020a056a00219200b006cdd82337bcsm398007pfi.207.2023.12.02.13.22.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 02 Dec 2023 13:22:18 -0800 (PST) From: Kees Cook To: "Guilherme G. Piccoli" Cc: Kees Cook , Tony Luck , linux-hardening@vger.kernel.org, Christian Brauner , "Peter Zijlstra (Intel)" , Al Viro , linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org Subject: [PATCH 2/5] pstore: inode: Convert mutex usage to guard(mutex) Date: Sat, 2 Dec 2023 13:22:12 -0800 Message-Id: <20231202212217.243710-2-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231202211535.work.571-kees@kernel.org> References: <20231202211535.work.571-kees@kernel.org> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=4977; i=keescook@chromium.org; h=from:subject; bh=I6QANnpHLWcA4i3gT5wmHz8vdSJtJ/8W9NRntgr7o9Q=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBla6AGe1kl5grDFz02MlwEMZbNkkvJk+E/REGw8 MmUW++dTRaJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCZWugBgAKCRCJcvTf3G3A JnVZD/0UHs7QQfhB4ny79i1LX6AIB3t/4fS9e8+i2EAXHtqKM/YB5Q/5MNIUITrQoyUbCa0qP6Z VKlNoZ/6xCOgH8io2/ZSdrrJ2NpdxAaf5+F4NjBdgTBwZr77g1gzTf2/JdDVcCK9WGk/3Nu8NW8 vEd16nBhaCwVS3t6PhXUgZQNJ/03uiXrSrcVrv6tiLZ5SR722H9vozHpZay7NyLQS4W+obF3i7H xMmN5s8bZVPDrfY0lhPdVrlP5ECSYWdS4ZpfRGf2TzWzOFehtrsIJ9t+SYHxxVqtMMsJl6wobW5 RRQKp0uvQbN1/5U6JmTIiOpthVu8tWgnBgVVG7O3JLsDo8AyFFfqCTZYIUB0k4HAO9wff0kmA1P KOuPovXn43Wl0jimp/DlMzDSUOmj6a9B2PwoWD8ILBmLB2VTky/Lc0AFlqTE2ggkpdhm2vFtGfB GSc8k285KXlWH2rJkCP+R9m6mbnWk8imsHwdrJ6EEhbI/pGs+7QDqTg/5SXEcYNyWHIsbX+QWJS 0Pwm0uUDlv5M3Qe82I7evHxp7ApQb9xzv69YXLfcKD6JQJFO21yMBZFoIJdtBeS1LZkeuJuobZa L0FF1MDhDNL8HlysbWdEFBIfpKoW5rjPXAA9ISnU03BWvMbcQjlu7gadJaOvb4eBfRpa4p/Xm7y LKT/rW6jE9s3J9w== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Replace open-coded mutex handling with cleanup.h guard(mutex) and scoped_guard(mutex, ...). Cc: "Guilherme G. Piccoli" Cc: Tony Luck Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/inode.c | 76 +++++++++++++++++++---------------------------- 1 file changed, 31 insertions(+), 45 deletions(-) diff --git a/fs/pstore/inode.c b/fs/pstore/inode.c index 20f3452c8196..0d89e0014b6f 100644 --- a/fs/pstore/inode.c +++ b/fs/pstore/inode.c @@ -180,25 +180,21 @@ static int pstore_unlink(struct inode *dir, struct dentry *dentry) { struct pstore_private *p = d_inode(dentry)->i_private; struct pstore_record *record = p->record; - int rc = 0; if (!record->psi->erase) return -EPERM; /* Make sure we can't race while removing this file. */ - mutex_lock(&records_list_lock); - if (!list_empty(&p->list)) - list_del_init(&p->list); - else - rc = -ENOENT; - p->dentry = NULL; - mutex_unlock(&records_list_lock); - if (rc) - return rc; - - mutex_lock(&record->psi->read_mutex); - record->psi->erase(record); - mutex_unlock(&record->psi->read_mutex); + scoped_guard(mutex, &records_list_lock) { + if (!list_empty(&p->list)) + list_del_init(&p->list); + else + return -ENOENT; + p->dentry = NULL; + } + + scoped_guard(mutex, &record->psi->read_mutex) + record->psi->erase(record); return simple_unlink(dir, dentry); } @@ -290,19 +286,16 @@ static struct dentry *psinfo_lock_root(void) { struct dentry *root; - mutex_lock(&pstore_sb_lock); + guard(mutex)(&pstore_sb_lock); /* * Having no backend is fine -- no records appear. * Not being mounted is fine -- nothing to do. */ - if (!psinfo || !pstore_sb) { - mutex_unlock(&pstore_sb_lock); + if (!psinfo || !pstore_sb) return NULL; - } root = pstore_sb->s_root; inode_lock(d_inode(root)); - mutex_unlock(&pstore_sb_lock); return root; } @@ -317,19 +310,19 @@ int pstore_put_backend_records(struct pstore_info *psi) if (!root) return 0; - mutex_lock(&records_list_lock); - list_for_each_entry_safe(pos, tmp, &records_list, list) { - if (pos->record->psi == psi) { - list_del_init(&pos->list); - rc = simple_unlink(d_inode(root), pos->dentry); - if (WARN_ON(rc)) - break; - d_drop(pos->dentry); - dput(pos->dentry); - pos->dentry = NULL; + scoped_guard(mutex, &records_list_lock) { + list_for_each_entry_safe(pos, tmp, &records_list, list) { + if (pos->record->psi == psi) { + list_del_init(&pos->list); + rc = simple_unlink(d_inode(root), pos->dentry); + if (WARN_ON(rc)) + break; + d_drop(pos->dentry); + dput(pos->dentry); + pos->dentry = NULL; + } } } - mutex_unlock(&records_list_lock); inode_unlock(d_inode(root)); @@ -353,20 +346,20 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record) if (WARN_ON(!inode_is_locked(d_inode(root)))) return -EINVAL; - rc = -EEXIST; + guard(mutex)(&records_list_lock); + /* Skip records that are already present in the filesystem. */ - mutex_lock(&records_list_lock); list_for_each_entry(pos, &records_list, list) { if (pos->record->type == record->type && pos->record->id == record->id && pos->record->psi == record->psi) - goto fail; + return -EEXIST; } rc = -ENOMEM; inode = pstore_get_inode(root->d_sb); if (!inode) - goto fail; + return -ENOMEM; inode->i_mode = S_IFREG | 0444; inode->i_fop = &pstore_file_operations; scnprintf(name, sizeof(name), "%s-%s-%llu%s", @@ -394,7 +387,6 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record) d_add(dentry, inode); list_add(&private->list, &records_list); - mutex_unlock(&records_list_lock); return 0; @@ -402,8 +394,6 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record) free_pstore_private(private); fail_inode: iput(inode); -fail: - mutex_unlock(&records_list_lock); return rc; } @@ -449,9 +439,8 @@ static int pstore_fill_super(struct super_block *sb, void *data, int silent) if (!sb->s_root) return -ENOMEM; - mutex_lock(&pstore_sb_lock); - pstore_sb = sb; - mutex_unlock(&pstore_sb_lock); + scoped_guard(mutex, &pstore_sb_lock) + pstore_sb = sb; pstore_get_records(0); @@ -466,17 +455,14 @@ static struct dentry *pstore_mount(struct file_system_type *fs_type, static void pstore_kill_sb(struct super_block *sb) { - mutex_lock(&pstore_sb_lock); + guard(mutex)(&pstore_sb_lock); WARN_ON(pstore_sb && pstore_sb != sb); kill_litter_super(sb); pstore_sb = NULL; - mutex_lock(&records_list_lock); + guard(mutex)(&records_list_lock); INIT_LIST_HEAD(&records_list); - mutex_unlock(&records_list_lock); - - mutex_unlock(&pstore_sb_lock); } static struct file_system_type pstore_fs_type = { From patchwork Sat Dec 2 21:22:13 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 13477076 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="YA5NcrkM" Received: from mail-io1-xd36.google.com (mail-io1-xd36.google.com [IPv6:2607:f8b0:4864:20::d36]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E33C9134 for ; Sat, 2 Dec 2023 13:22:21 -0800 (PST) Received: by mail-io1-xd36.google.com with SMTP id ca18e2360f4ac-7b34c5d7ecdso124256539f.0 for ; Sat, 02 Dec 2023 13:22:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1701552141; x=1702156941; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=aLvxvckvyomlZOIIg4Wjwswvgj0BL428CVO+nAzlFtE=; b=YA5NcrkM5udEWaHHh2G+rmz62ChxvRvmbuIaxK6S0HmU0dsnoYprOaEiaJ+Bbj/pE0 X8/WCK0HfL43CDLXxWRUeqCFrVa9Xk5RwQEO79zs3ktain0CD+LqjL6cCUM3uEcRVFcX ADZbHiYgQnmAcZWmNncFbgqi6QMwCHkKl+XgY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701552141; x=1702156941; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=aLvxvckvyomlZOIIg4Wjwswvgj0BL428CVO+nAzlFtE=; b=Fct4B7Lrle/vkkk4MgERonMpE+m67oBS9oTL7mI0xCabo2g1l7bBtQ/gxRjM4448p4 OP8YT61wGidtFu0riPK05Uje10JCKvSGPVmUqWVL/SAmgZO/6azsDGPcpSTt8z25ob7p GuVBeF2SwL0lCuJn37qV5lv1lX2ca7q2q5hIWODL2N8h5pQtQMmOhle067Sr6EH7X5EH BpusOxonjbpfAPy3NL2pkUb+BcIImT9dGyMuQXGXes9mHTIl7/DARLmSFrc0Wqx6wIZF NZehjuugsw98uA1n+u8jPZvaWiKhdKjsoVx/osbm/sJuzp/eHbEQEzaGjks51rL8QY6c oMIA== X-Gm-Message-State: AOJu0Yzed8C9af9rBCNibo+UYqEbJiIA1s8BZ/9oJERd3wfhpiwicLB/ 20MKwyPlZqaVvvo7sQv5bphpXQ== X-Google-Smtp-Source: AGHT+IGtRLKSAKTdisrEu2j2CjbfWn28z6XUA+T3NZsmq5+CR4/UtQweJAgLKCPRmDEaHRBtmwe+zA== X-Received: by 2002:a5d:894b:0:b0:7b3:9256:628f with SMTP id b11-20020a5d894b000000b007b39256628fmr2310006iot.15.1701552141318; Sat, 02 Dec 2023 13:22:21 -0800 (PST) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id j6-20020a170902c3c600b001cfd049528esm348997plj.110.2023.12.02.13.22.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 02 Dec 2023 13:22:18 -0800 (PST) From: Kees Cook To: "Guilherme G. Piccoli" Cc: Kees Cook , Christian Brauner , Peter Zijlstra , Alexander Viro , linux-fsdevel@vger.kernel.org, Tony Luck , linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: [PATCH 3/5] fs: Add DEFINE_FREE for struct inode Date: Sat, 2 Dec 2023 13:22:13 -0800 Message-Id: <20231202212217.243710-3-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231202211535.work.571-kees@kernel.org> References: <20231202211535.work.571-kees@kernel.org> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=835; i=keescook@chromium.org; h=from:subject; bh=Vr7BZE93w9hrA2pgUGte2wnKY/rdltDnNWxbve4aQVs=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBla6AGSav5RcGFsYqI8ZI6gPChQFnsbC+3nI/Sq AQMSCvSeJuJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCZWugBgAKCRCJcvTf3G3A Ji1PD/97nsFeEYnRWCY5ijYm3HvFHnw2xsSeLfCgNERlEsvkDTZnVu32g862lrZ6hmNnj1/2WLY q5BTXJyqzwbbUg83+V4Z7IWpauoICvmh5nWCVw+d1swRjKLklznh+kH+lxKH782U5N+1W/bPv70 NdRhJBCPVOIeyBMGaFNtfbgw7Q7/MKTOSU/62VCry3sVE9fgDWP9DnB0W9/AVEf5mttk4aI+XJP Jf0b1606ZtWwo4iih+TPjLRID9WD2cRTVsaeRdH6h2sVpbIWtLfBMYm7MUT4xvIE/X34XC1XbGH /mFyNY6PyZyWNI/tRahhMjKTPtLuV+I51o3tpDU6ScYTIbUYyvn1SktT2ZE2PeBRIK7UUg8Kekf uMNNH7+hll0EcFYUEBOQ4ErCJ6guTCAIxc+68VotsoujHUSgriM/jZWU+UdawDQmyw5w2Zxt2fH io2IkOg0NktS5Lz/oNbESXSgqAIcAsWZYdpz8f5sULzKfDAWY9NZCkKawVLDlwQ3EVVq3ugJ4nO /+MhL408XJIGHI6nAbKY8QyfaPWyUeqbflROQiQEI6UVXEYbPuKogAFFyNGXqSlpZfzWjwQM12w tqybXEWAcWdB/zgRVWCl3j9u393bvwCn78YpxLSABa2mDjF9niWPVYIK3247bi3TGEcoqVKm7/q lL7bpxiJe0Uvk7A== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Allow __free(iput) markings for easier cleanup on inode allocations. Cc: Christian Brauner Cc: Peter Zijlstra (Intel) Cc: Alexander Viro Cc: linux-fsdevel@vger.kernel.org Signed-off-by: Kees Cook --- include/linux/fs.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/linux/fs.h b/include/linux/fs.h index 98b7a7a8c42e..7c3eed3dd1bf 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -2459,6 +2459,8 @@ extern int current_umask(void); extern void ihold(struct inode * inode); extern void iput(struct inode *); +DEFINE_FREE(iput, struct inode *, if (_T) iput(_T)) + int inode_update_timestamps(struct inode *inode, int flags); int generic_update_time(struct inode *, int); From patchwork Sat Dec 2 21:22:14 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 13477074 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="elr09MWO" Received: from mail-pl1-x632.google.com (mail-pl1-x632.google.com [IPv6:2607:f8b0:4864:20::632]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 48775124 for ; Sat, 2 Dec 2023 13:22:20 -0800 (PST) Received: by mail-pl1-x632.google.com with SMTP id d9443c01a7336-1d065be370aso12826405ad.3 for ; Sat, 02 Dec 2023 13:22:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1701552140; x=1702156940; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=2dZKi9NMCd2PNGrGsX8s5UPrOfKzB/ri42Q6YHImLKk=; b=elr09MWOGl290voBUBoq7u39jrDe/xO30ixZh0QZYZAORAFEjs89UMRw2WMEGRbvFa /98vrGb1rWz/B/I6YM2/FuEfvvidMrgNoP4f2KPMTvvENFaKwQMrorysQEYSvoY0b//W QpTvfB8ega9RBGbfdj4sdCZ1fQ/Pc6afycvvs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701552140; x=1702156940; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=2dZKi9NMCd2PNGrGsX8s5UPrOfKzB/ri42Q6YHImLKk=; b=Wnznjg0B7rcae381kfxRxv32aZ2dfjzlRg4gO7Txy6D8C8RsgTRAuIyw5BFACUMpa3 SC+5NyMccMKn6XxmYS2cFvUJwIEOQPjZnqf9SRVrxpNHYHA7ATKHYZDZ3gzjPYn0Mk6w hpDlvvtV4bVGNaavL/hutde2TCUoxJl81isgfR+RxDmAqwA8aydkyqDswa6L4zwil2B9 LUMgP9TuhGJwAE5U4zOkN9oD7uq+kz8uw2lvaS5amTlCZR2dHKbCVnsKjvVo2BmT38JY cBCtTA9Z4R5H+86XI/JWEoiEsdguYFXuc4mnNRiHJ6rlSp4WUutKQ8+aI7wuaMmSRC3G arhg== X-Gm-Message-State: AOJu0YxGEfOt8vzEqa5f850kKC5lzNOgXotHK+K+At9s7StohQQHMj4Y Ff/PTlbsyUZuf6vSQLO1Bnem/A== X-Google-Smtp-Source: AGHT+IHQYZH3IlFcYH3VAbROSWfHbY4Lp+ss4pOueqIveJc3aQKHWsO1MW/WUU32lw84L7HJ6zBcSw== X-Received: by 2002:a17:902:e844:b0:1cf:c3fb:a982 with SMTP id t4-20020a170902e84400b001cfc3fba982mr1644556plg.63.1701552139834; Sat, 02 Dec 2023 13:22:19 -0800 (PST) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id iz2-20020a170902ef8200b001b9e9edbf43sm261943plb.171.2023.12.02.13.22.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 02 Dec 2023 13:22:18 -0800 (PST) From: Kees Cook To: "Guilherme G. Piccoli" Cc: Kees Cook , Tony Luck , linux-hardening@vger.kernel.org, Christian Brauner , "Peter Zijlstra (Intel)" , Al Viro , linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org Subject: [PATCH 4/5] pstore: inode: Use __free(iput) for inode allocations Date: Sat, 2 Dec 2023 13:22:14 -0800 Message-Id: <20231202212217.243710-4-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231202211535.work.571-kees@kernel.org> References: <20231202211535.work.571-kees@kernel.org> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1577; i=keescook@chromium.org; h=from:subject; bh=LrFJJwbwaP3diV7F4yBd+rDDPSuUzm8XAAzIy+IkY44=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBla6AGPooNcpMsUpMnk7AZ7HA4049QAKPudX3SC 5es+XxUF3uJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCZWugBgAKCRCJcvTf3G3A Jq24D/0dySbOgDPtHzuco4GLjV8/iYcSa9kl2NxlYzcrytw4fgSpsF8oNM8CLBO/GXJ5Daol0AC Bt8jiWEvGaGCBkZQNHWCIGJGMAtRJyDYsJZSo5rR3SBjHlROGmwejZSlN2jXViiCOqlVt5YpuWR eHbR+BGWN+kRXzxEcpstmju+PVhbOto4kr1BCnJiVPxQA6zonvrcinQGGOXfW4FQrX2/+F0bQLc 53nLZwcp0uDrnn8GDTUT7qZtSGqmQeUZwEtg4evOEM00CZXSJC6DCqntTn2k7+hCKznMz5IiJtE hrTtOUNTs2+FivyzNehv/RqK29xEV9jqkmeo9TLdLQ7N4mTEAb+uV4yKv21mg501odxycBHoamE e0BCS6k6HsaMHaIDM6SrTWfFPgi6o2ns4Uf3FUsQ3/6OTUEnqH+dtWaCnqjZMmJEBMlrg0HtjmQ trCoUfAwQWB9c+MtiAHDLQGqn4uw4bmmTaR1tTY+raBeV5lT60xOjJxBrNpM7zQ5SLLC+FQuOEd zQkKLeHJij3Bufk0646mwUGtWowKcPno5w9lNbO0WEv1cVhI3EoEew402Iu8IJQwWujM/0iBI1v J0eRgwkEoAE8Ed/6YEelW+hrgLvz3ABThVaktG2XO7jnh2Pki7SBtdv7e/MojC5x3QYA33h3xzw or4Uvecyt9Mh/aA== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Simplify error path for failures where "inode" needs to be freed. Cc: "Guilherme G. Piccoli" Cc: Tony Luck Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/inode.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/fs/pstore/inode.c b/fs/pstore/inode.c index 0d89e0014b6f..20a88e34ea7c 100644 --- a/fs/pstore/inode.c +++ b/fs/pstore/inode.c @@ -337,7 +337,7 @@ int pstore_put_backend_records(struct pstore_info *psi) int pstore_mkfile(struct dentry *root, struct pstore_record *record) { struct dentry *dentry; - struct inode *inode; + struct inode *inode __free(iput) = NULL; int rc = 0; char name[PSTORE_NAMELEN]; struct pstore_private *private, *pos; @@ -369,7 +369,7 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record) private = kzalloc(sizeof(*private), GFP_KERNEL); if (!private) - goto fail_inode; + return -ENOMEM; dentry = d_alloc_name(root, name); if (!dentry) @@ -384,7 +384,7 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record) inode_set_mtime_to_ts(inode, inode_set_ctime_to_ts(inode, record->time)); - d_add(dentry, inode); + d_add(dentry, no_free_ptr(inode)); list_add(&private->list, &records_list); @@ -392,8 +392,6 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record) fail_private: free_pstore_private(private); -fail_inode: - iput(inode); return rc; } From patchwork Sat Dec 2 21:22:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 13477079 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="HqKQgTMB" Received: from mail-pl1-x62d.google.com (mail-pl1-x62d.google.com [IPv6:2607:f8b0:4864:20::62d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2E9D813A for ; Sat, 2 Dec 2023 13:22:25 -0800 (PST) Received: by mail-pl1-x62d.google.com with SMTP id d9443c01a7336-1d01c45ffebso15723075ad.1 for ; Sat, 02 Dec 2023 13:22:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1701552144; x=1702156944; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=kr8v5ioi9yhGCNoI15AUxdx1ZJerS/H1pXIO2zt31RE=; b=HqKQgTMBVxs/PT2XUTy4QRahXlfSOpb+2P7T6oLQzKCBFsyL7sId4K0GghvgK21Uv5 H5hmnBcZgSJAEkhxmg+UmVxXMrgpE0bVBwDomQhPXq2/gEX0wmzoCY5h0EdL4M5urKgz uNQvfiQYtnror4SJNB7CNjTQ9HpIyDwmvJ07A= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701552144; x=1702156944; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=kr8v5ioi9yhGCNoI15AUxdx1ZJerS/H1pXIO2zt31RE=; b=DD0xczOVhG6yKUKoEAfkeUkfIYzkq5cptDqw3snf8W5suo/tCvAN8kXRnpomz8G86Z 9MRlKnikY28yL+Kc1z4Qjj8SF4snwfAghe7eoGcUl6QjNdwep5iqVEq/HyYZI21gsqTo dFpakIdWqmlSeh+JBkw8XCbHeGQQ2OY40u4uvvjD+kyNP650QnBGqcJ6CSEB5i7qjFhz RZaQBKfson9LgciLcMYZz11edjUTJMYqnkJ+aW63c04aKMCXnUK/cRBFFRxf9doMgQZn x0eiNE06EqyOB7JfI/0undEJcuMcazK4d4JLjPCH57shLvnQrvz6k5xD/Xa5GnTao2xo MAeA== X-Gm-Message-State: AOJu0YwkNo3G4FnqfIwCIZrLr37m+qvnhHNrSxBaphLvG0zYfV5iTLi/ VnyHcX7k8u/7uxiiODwQfF8zNg== X-Google-Smtp-Source: AGHT+IG017mNZBo0bndQaUaGGGrBkKnojaT6BI2kua61y2eLW7fMhSCLv7G5Ou/R8iC3O1oe/Lf23A== X-Received: by 2002:a17:903:22c5:b0:1d0:6ffd:e2c7 with SMTP id y5-20020a17090322c500b001d06ffde2c7mr2044102plg.97.1701552144686; Sat, 02 Dec 2023 13:22:24 -0800 (PST) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id m10-20020a170902db0a00b001cfb971edf2sm5607037plx.13.2023.12.02.13.22.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 02 Dec 2023 13:22:23 -0800 (PST) From: Kees Cook To: "Guilherme G. Piccoli" Cc: Kees Cook , Tony Luck , linux-hardening@vger.kernel.org, Christian Brauner , "Peter Zijlstra (Intel)" , Al Viro , linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org Subject: [PATCH 5/5] pstore: inode: Use cleanup.h for struct pstore_private Date: Sat, 2 Dec 2023 13:22:15 -0800 Message-Id: <20231202212217.243710-5-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231202211535.work.571-kees@kernel.org> References: <20231202211535.work.571-kees@kernel.org> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1987; i=keescook@chromium.org; h=from:subject; bh=2VOJhxKhawry4zB5INkZO9i8H3FTFJSHkB6X8kUlVPU=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBla6AGDW8hXonEKigawraWf7F2wiPHsStg+E08f Sxgn4os0kCJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCZWugBgAKCRCJcvTf3G3A JhTDEACNiMPD3b67gn9zNW4/ju9hFrGMsJjSQ7KEHIZH8TvkblvRnwZFbrVAPlbHrhqyzPnosiv RrgJmNPJReV/CWU6tQkLFnyPFYc9GKeS0lBBFOcMLGu/XDM9G/Sjv+ZeYTyfyOW6IeluJIuMPBf EJyjm2w/tlZMPldQNw5gwettLVjEjThBz1y/LgIQwtWWgiUzfLyYeApXA1LCey9bZ2OkCUchwgW 0BKcL2Puv1CtHOHwZ/FQ/MyqA2ADGyA4mrpGl7d4toQk4uECTTsv+qOtu/6wKASvbYy4QIJmLWE xkeWVRWohYcqWeUg9DoahE3IcWnA0ry6NNlMLpUtEmhx+U7CqpYXT5ejREJ3h1deBf8Gwivt1de UoDxTsF8u5rZwsrK6livq2nG+q45XPK+SCG6CzZ+bCU4FxSdppDD9d7KyQr1p2YWc8KqZvCSIdK UCZepXh6abHECZC7ZgiPujvwxB3UBFpStBlAeWso5EUm800a0CUyB6/poJiZyAUd6O7/Hh2GOds jnhPwrkBxp+1gXEEjY4QOy+zay5bdrkNrVQ6ZsF5UwBRGPUx0o+WG6TKpWWoILlQ4mJ1YeZMgj3 6c0WQUcvUTwxxJtuLLMynSwKn6uBKeMJRkc+EY51mYXZ4kw+4CricAYkzOAVyvaeCuKucDZCiFH Ngx7gfISAw/fzgA== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Simplify error path when "private" needs to be freed. Cc: "Guilherme G. Piccoli" Cc: Tony Luck Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/inode.c | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/fs/pstore/inode.c b/fs/pstore/inode.c index 20a88e34ea7c..7d49f0c70dff 100644 --- a/fs/pstore/inode.c +++ b/fs/pstore/inode.c @@ -61,6 +61,7 @@ static void free_pstore_private(struct pstore_private *private) } kfree(private); } +DEFINE_FREE(pstore_private, struct pstore_private *, free_pstore_private(_T)); static void *pstore_ftrace_seq_start(struct seq_file *s, loff_t *pos) { @@ -338,9 +339,8 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record) { struct dentry *dentry; struct inode *inode __free(iput) = NULL; - int rc = 0; char name[PSTORE_NAMELEN]; - struct pstore_private *private, *pos; + struct pstore_private *private __free(pstore_private) = NULL, *pos; size_t size = record->size + record->ecc_notice_size; if (WARN_ON(!inode_is_locked(d_inode(root)))) @@ -356,7 +356,6 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record) return -EEXIST; } - rc = -ENOMEM; inode = pstore_get_inode(root->d_sb); if (!inode) return -ENOMEM; @@ -373,7 +372,7 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record) dentry = d_alloc_name(root, name); if (!dentry) - goto fail_private; + return -ENOMEM; private->dentry = dentry; private->record = record; @@ -386,13 +385,9 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record) d_add(dentry, no_free_ptr(inode)); - list_add(&private->list, &records_list); + list_add(&(no_free_ptr(private))->list, &records_list); return 0; - -fail_private: - free_pstore_private(private); - return rc; } /*