From patchwork Tue Dec 5 18:26:14 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 13480602 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="D20vB1XU" Received: from mail-pl1-x62b.google.com (mail-pl1-x62b.google.com [IPv6:2607:f8b0:4864:20::62b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1A03618C for ; Tue, 5 Dec 2023 10:26:28 -0800 (PST) Received: by mail-pl1-x62b.google.com with SMTP id d9443c01a7336-1d048d38881so27749105ad.2 for ; Tue, 05 Dec 2023 10:26:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1701800787; x=1702405587; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Gj+Y/6VXeJ+r0pgecRkRsTt5zcHlqOxutguYUyMKTVU=; b=D20vB1XU6llsWmRtYeRb+7tHyyu03VkhL4zTEBRbYPx3qnUQ6kXjgv1j5jPc4T0PK8 6HVDbi73p0GTLNlU79dknLYL8pZ3aeo31e2k7XyQowrU4MfkkHrJq0zJ4DPpkF6Gn/5j GniI1EAPn4ZeArqCsLQUBpCelH8gXtnw0IGEk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701800787; x=1702405587; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Gj+Y/6VXeJ+r0pgecRkRsTt5zcHlqOxutguYUyMKTVU=; b=tLJ0BpLG1uTDp7YAUA84xi4CxwbALn18k8pdRm5fkd2M+EF0YGG/cnBCfoM6SF1/YB DYmhMZOVOtEBYBl8Fv3M5tx79evzCiGCNQNVtc0pjef7o5wbhbKGMeo0fOLLdOcDUFzS f1aAaOq4Gm1I2cfBo/kFdKP6OPOwf9TeIBmt0Md4JKVqt1OIE/B6NDeScl2KG21geiB+ I1R9LecOnk8vsSX73P+qwTxzpuBwwJK1EVWiRLqci7aOQtGDoEBFdEqGbwOxj7mEuQ1b 7z6BabTOz14ksc63YgnMCnsunWXJmuazyaCaJhaCdEGYpi50Grh9jt55ZNO7uYY1pqDa km8w== X-Gm-Message-State: AOJu0YxhV1LwlEBgXdgzJoR7l61EOG5MNzf+d1D8RQe2QibCC9V6Q/r2 Nip+FaWr4FyCWqb1TluFiza+6w== X-Google-Smtp-Source: AGHT+IH2Uowmzrvs0/hFAJeLe2bBRPGCrI+wFvyd3EPO+VDeMZnOhPy9LvBZ3OyihXLzXpiRCc2yuQ== X-Received: by 2002:a17:903:22d1:b0:1d0:83bc:5649 with SMTP id y17-20020a17090322d100b001d083bc5649mr3507541plg.33.1701800787406; Tue, 05 Dec 2023 10:26:27 -0800 (PST) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id q1-20020a17090311c100b001cfc9c926b7sm6932210plh.75.2023.12.05.10.26.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 05 Dec 2023 10:26:23 -0800 (PST) From: Kees Cook To: "Guilherme G. Piccoli" Cc: Kees Cook , Tony Luck , linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v2 1/4] pstore: inode: Convert kfree() usage to __free(kfree) Date: Tue, 5 Dec 2023 10:26:14 -0800 Message-Id: <20231205182622.1329923-1-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231205175449.work.110-kees@kernel.org> References: <20231205175449.work.110-kees@kernel.org> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1508; i=keescook@chromium.org; h=from:subject; bh=FqMfSJ9tnf+E4NKsMDABD4Hv9XWcLEDAeeuD1HVeW1g=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBlb2tIUcAUjxMoJ6U4X0vLxi+fYt1AWVqAhC5g3 8R9qQmTZrCJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCZW9rSAAKCRCJcvTf3G3A JjghD/wIsxOIyOzMtLfhNlUVRahUTySDQm9IoANjLGPQpTM0t1M8cwKeOjqfoL6alstZ4SNMEtX aJRZ28bbOztu6npnVmPlUtnUB4WVY2Bz7k4tpXjWx33VDzP5Z0HTcofBhJHGnv6441jMZIoBxdq kJOTFjwX9aMXL04GktAdix5olQ9MlRXUPPfBVITMabidz3zl4uWgxPYLOJvTdVdHHX+6iFdvyAQ u2csi5n6tzxerwZgHQDP7ETWPo61URuwGJcVZBxrCZ9VC+NrvOwx7aawthLBtWuF43TkpD2tguH ZgLJp7jma2D7WzIsJLrYSWrTlABHt1mACNT/u4FPIYsY/VA/Xk9j36ks1rKr+SqGRA4cWfIEYbw Ak40uD77bKYKRhdToOqk2W9Zt9cAR/QGCniYHsGveA958RkKZbkvm8zRmlrdnnhDeq2Pryyrcwe ExJAhOk1Y3nGeKC82pXbWX7lBazYlywHADTscKEz5hedwrJp0URz8E9ZWnfvXzh+lOGzE4zGm3a 4usnTUGodSc8P2ax00DqkMuGzVUfZScxELHGfdki5KoeeigEQNKF0DAE54BJTMEIYnq8Ul1EoJH Ajo4h7C54I3kOS5qQ6clsgyIDejsoQQWoMRRW1JkkuTcDVRO2xHlIBrPN/bJIronulIZcSob3xZ ZlAj3lFpzoj3VkA== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Mostly as an example to myself, replace a simple allocation pattern with the automatic kfree cleanup features now exposed by cleanup.h. Cc: "Guilherme G. Piccoli" Cc: Tony Luck Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/inode.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/fs/pstore/inode.c b/fs/pstore/inode.c index d41c20d1b5e8..20f3452c8196 100644 --- a/fs/pstore/inode.c +++ b/fs/pstore/inode.c @@ -23,6 +23,7 @@ #include #include #include +#include #include "internal.h" @@ -64,7 +65,7 @@ static void free_pstore_private(struct pstore_private *private) static void *pstore_ftrace_seq_start(struct seq_file *s, loff_t *pos) { struct pstore_private *ps = s->private; - struct pstore_ftrace_seq_data *data; + struct pstore_ftrace_seq_data *data __free(kfree) = NULL; data = kzalloc(sizeof(*data), GFP_KERNEL); if (!data) @@ -72,13 +73,10 @@ static void *pstore_ftrace_seq_start(struct seq_file *s, loff_t *pos) data->off = ps->total_size % REC_SIZE; data->off += *pos * REC_SIZE; - if (data->off + REC_SIZE > ps->total_size) { - kfree(data); + if (data->off + REC_SIZE > ps->total_size) return NULL; - } - - return data; + return_ptr(data); } static void pstore_ftrace_seq_stop(struct seq_file *s, void *v) From patchwork Tue Dec 5 18:26:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 13480600 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="B/U60tt/" Received: from mail-pf1-x42c.google.com (mail-pf1-x42c.google.com [IPv6:2607:f8b0:4864:20::42c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6FB4C194 for ; Tue, 5 Dec 2023 10:26:26 -0800 (PST) Received: by mail-pf1-x42c.google.com with SMTP id d2e1a72fcca58-6cda22140f2so5804208b3a.1 for ; Tue, 05 Dec 2023 10:26:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1701800786; x=1702405586; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=K2E08Wp0PAEeNbIbiRL8xBMi7hvEIIZj0Of8hDuuB3w=; b=B/U60tt/8REQw9XhxcDwioJ3Fg+SGR2WrCeiqqRSocRsEryNO4pGoRDT+i4QvdiAC4 lAIYLhXtC1XUpY2Ivhj5/KvsQlfcKlw0uGQTbj2moXHIeHldzfpGw8RdzkYsPmQNR2nK 7fWC1lOHmICJbeFYC0k75lm2mR6PYVzj3QFLc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701800786; x=1702405586; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=K2E08Wp0PAEeNbIbiRL8xBMi7hvEIIZj0Of8hDuuB3w=; b=Hoj3agLgucdoOYiatWKu0FvnTJOFVPTSpdrZY4P9tnXsm+jtdwxMseH8g/ftu2LEs3 hYgczoHz4YlN79Ccm7LcuL1zMJi7rk9u+KLtyCxXGkGcNcUBF/hwNbEPTe50PhV5Saak tcSu4+e3mbDUIRbYnKGecZVa0fT0WYCg1HE3BXmk0XoPNfnvRtoeMF0ny6ylUxauMR4k hCCXsF8Tt7J2AjsPU5t9hVHbBew/oU0eX770z+/I9ENfJ5q3U9MwD8IDe7ygrKWbkdTz VtqjhFdG5auRh7/i0taxxyne7pTV8bhUtVGM5eYJlqg7LRY0f7CDQSqlIOXFesgP/28x YnDw== X-Gm-Message-State: AOJu0YzYiXm4HsjxRPs952tpfXZOQ/1O/FnwD7R6I9fR1JAAIWNkgt1k OK7yFgPW2gKS3qYAqymZMx28GQ== X-Google-Smtp-Source: AGHT+IHwsBUiT0eRYB1uJVGZDpNAY4QIFF7fFgrQ+gfLSHfbU5MuEZ2MN3xlKq+NFD9Bs+d11RXqog== X-Received: by 2002:a05:6a20:728f:b0:181:fe7f:836b with SMTP id o15-20020a056a20728f00b00181fe7f836bmr7808665pzk.7.1701800785686; Tue, 05 Dec 2023 10:26:25 -0800 (PST) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id o8-20020a056a001b4800b006ce61c9495bsm2857794pfv.10.2023.12.05.10.26.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 05 Dec 2023 10:26:23 -0800 (PST) From: Kees Cook To: "Guilherme G. Piccoli" Cc: Kees Cook , Tony Luck , linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v2 2/4] pstore: inode: Convert mutex usage to guard(mutex) Date: Tue, 5 Dec 2023 10:26:15 -0800 Message-Id: <20231205182622.1329923-2-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231205175449.work.110-kees@kernel.org> References: <20231205175449.work.110-kees@kernel.org> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=4977; i=keescook@chromium.org; h=from:subject; bh=I6QANnpHLWcA4i3gT5wmHz8vdSJtJ/8W9NRntgr7o9Q=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBlb2tIe1kl5grDFz02MlwEMZbNkkvJk+E/REGw8 MmUW++dTRaJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCZW9rSAAKCRCJcvTf3G3A Jmx2D/9XIlu1kzssi07t3R/cbO8iB66RuThDH+nLtM6/s6fMGgOWGONfOGbTkqwrLphjr+32aNB otF24YUoS8xAA000Jnya2p8FwsV1eKg0bMoqQ5sn47H2it78TefQ8EbTd3gR4+Yhhw25J2Ix6ub I8h0h4Mfpb3B9P8TeCiQag9KMlV3tpqWGAOQBlwAEYkflyVWrFjnIuam/UqP+h+88OHtWUWVUny NORS6oduZg5xUxQgxvgZxMo4Aeo2plpQv5gBy1PQjSXO3W8Cap3X24HWCRz0m/BIhakgICpIj4p ltf6+OFM1mB4bTVbXbvRlERMha+Wu/AXJIkf0kgRoLRWaiw03eEo2iJZJQ0EMYG71/LjFSox04c A/xoV2HbfeyzdlqGqE+p/syA632cT8xUDhnEE0EwkKj/qSC3tn8T4bL1WW8WlwX6ypxz9TfiUhq +TuySHA6QE9o2tphXgm3dRwK46Ko+8089EBZ9Fd7v5wG0nXbmvtW5MEMApAxy04tdv2WzsO4pDv ukclQZChgMYdM/qi/wQReVSu4APZwi2cy93CJvD1UnCTdwch0f9lMyLVKS5lSbZsoudmhaldAB6 SUgKhqJT2OElDDpwL3KKHmrRQO3wLpyzRLFz7uaTxmxjErQda2bLWUTZH1SAeI2vDsE9YyzTdek GdMZSGqYO0v+Krw== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Replace open-coded mutex handling with cleanup.h guard(mutex) and scoped_guard(mutex, ...). Cc: "Guilherme G. Piccoli" Cc: Tony Luck Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/inode.c | 76 +++++++++++++++++++---------------------------- 1 file changed, 31 insertions(+), 45 deletions(-) diff --git a/fs/pstore/inode.c b/fs/pstore/inode.c index 20f3452c8196..0d89e0014b6f 100644 --- a/fs/pstore/inode.c +++ b/fs/pstore/inode.c @@ -180,25 +180,21 @@ static int pstore_unlink(struct inode *dir, struct dentry *dentry) { struct pstore_private *p = d_inode(dentry)->i_private; struct pstore_record *record = p->record; - int rc = 0; if (!record->psi->erase) return -EPERM; /* Make sure we can't race while removing this file. */ - mutex_lock(&records_list_lock); - if (!list_empty(&p->list)) - list_del_init(&p->list); - else - rc = -ENOENT; - p->dentry = NULL; - mutex_unlock(&records_list_lock); - if (rc) - return rc; - - mutex_lock(&record->psi->read_mutex); - record->psi->erase(record); - mutex_unlock(&record->psi->read_mutex); + scoped_guard(mutex, &records_list_lock) { + if (!list_empty(&p->list)) + list_del_init(&p->list); + else + return -ENOENT; + p->dentry = NULL; + } + + scoped_guard(mutex, &record->psi->read_mutex) + record->psi->erase(record); return simple_unlink(dir, dentry); } @@ -290,19 +286,16 @@ static struct dentry *psinfo_lock_root(void) { struct dentry *root; - mutex_lock(&pstore_sb_lock); + guard(mutex)(&pstore_sb_lock); /* * Having no backend is fine -- no records appear. * Not being mounted is fine -- nothing to do. */ - if (!psinfo || !pstore_sb) { - mutex_unlock(&pstore_sb_lock); + if (!psinfo || !pstore_sb) return NULL; - } root = pstore_sb->s_root; inode_lock(d_inode(root)); - mutex_unlock(&pstore_sb_lock); return root; } @@ -317,19 +310,19 @@ int pstore_put_backend_records(struct pstore_info *psi) if (!root) return 0; - mutex_lock(&records_list_lock); - list_for_each_entry_safe(pos, tmp, &records_list, list) { - if (pos->record->psi == psi) { - list_del_init(&pos->list); - rc = simple_unlink(d_inode(root), pos->dentry); - if (WARN_ON(rc)) - break; - d_drop(pos->dentry); - dput(pos->dentry); - pos->dentry = NULL; + scoped_guard(mutex, &records_list_lock) { + list_for_each_entry_safe(pos, tmp, &records_list, list) { + if (pos->record->psi == psi) { + list_del_init(&pos->list); + rc = simple_unlink(d_inode(root), pos->dentry); + if (WARN_ON(rc)) + break; + d_drop(pos->dentry); + dput(pos->dentry); + pos->dentry = NULL; + } } } - mutex_unlock(&records_list_lock); inode_unlock(d_inode(root)); @@ -353,20 +346,20 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record) if (WARN_ON(!inode_is_locked(d_inode(root)))) return -EINVAL; - rc = -EEXIST; + guard(mutex)(&records_list_lock); + /* Skip records that are already present in the filesystem. */ - mutex_lock(&records_list_lock); list_for_each_entry(pos, &records_list, list) { if (pos->record->type == record->type && pos->record->id == record->id && pos->record->psi == record->psi) - goto fail; + return -EEXIST; } rc = -ENOMEM; inode = pstore_get_inode(root->d_sb); if (!inode) - goto fail; + return -ENOMEM; inode->i_mode = S_IFREG | 0444; inode->i_fop = &pstore_file_operations; scnprintf(name, sizeof(name), "%s-%s-%llu%s", @@ -394,7 +387,6 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record) d_add(dentry, inode); list_add(&private->list, &records_list); - mutex_unlock(&records_list_lock); return 0; @@ -402,8 +394,6 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record) free_pstore_private(private); fail_inode: iput(inode); -fail: - mutex_unlock(&records_list_lock); return rc; } @@ -449,9 +439,8 @@ static int pstore_fill_super(struct super_block *sb, void *data, int silent) if (!sb->s_root) return -ENOMEM; - mutex_lock(&pstore_sb_lock); - pstore_sb = sb; - mutex_unlock(&pstore_sb_lock); + scoped_guard(mutex, &pstore_sb_lock) + pstore_sb = sb; pstore_get_records(0); @@ -466,17 +455,14 @@ static struct dentry *pstore_mount(struct file_system_type *fs_type, static void pstore_kill_sb(struct super_block *sb) { - mutex_lock(&pstore_sb_lock); + guard(mutex)(&pstore_sb_lock); WARN_ON(pstore_sb && pstore_sb != sb); kill_litter_super(sb); pstore_sb = NULL; - mutex_lock(&records_list_lock); + guard(mutex)(&records_list_lock); INIT_LIST_HEAD(&records_list); - mutex_unlock(&records_list_lock); - - mutex_unlock(&pstore_sb_lock); } static struct file_system_type pstore_fs_type = { From patchwork Tue Dec 5 18:26:16 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 13480601 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="ccmrnqGe" Received: from mail-pf1-x42e.google.com (mail-pf1-x42e.google.com [IPv6:2607:f8b0:4864:20::42e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 071621A2 for ; Tue, 5 Dec 2023 10:26:27 -0800 (PST) Received: by mail-pf1-x42e.google.com with SMTP id d2e1a72fcca58-6ce32821a53so1859271b3a.0 for ; Tue, 05 Dec 2023 10:26:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1701800786; x=1702405586; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=SNgNutvDkhDCEpZkCHrbvZX51uthcX9S/dgTvap+CHg=; b=ccmrnqGefy2wA4FqGJld45wKa0jMfAiCyuWW7J+hf7Stk2fV9V9a9HMtxYo563I6cS pava/cdOQB7qiYHw63yAQcv8FsjY8JPGV3IDo0joc+SoqZPHwSCNBeq2qFS+/bwteaGl cPD7iO5KuQffZRaJVLz1+gPgkAe8/SPB0NQbM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701800786; x=1702405586; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=SNgNutvDkhDCEpZkCHrbvZX51uthcX9S/dgTvap+CHg=; b=VkjoEXV7ZiHd992JTln2VPrluug078nSxQDr1OYnW7cmQJejPUKejxSZ8A/6xhCxVF V2OhvK1Mhe7+NccILi2e+SrR2aPaC0hH49lOuVQwgCJAxdI9Fk0q6+jYMqI9OqJ4Z+3U fOSB9Afiymf1jfmHZ7juX1KM/zYB75MUU+VDJH4KD379HdIKfApek6n/4nFON4cOfkRo qWGjvQJxPWTsLvo2w6JFUpD9i0MkxocZDx/8Wcqio8/2D42Ram37trYm6T7mYjlNU2J0 CAdrmToG7NiEuhQC1cq5icqTt6ND1ZM8KuT9eYqahx3zIPh6fs6tHikKsO8WA1/ctTPN /bWw== X-Gm-Message-State: AOJu0YyJVqKAHT8Bcw99O15n3V50PuIn1TefZ8mybNr03UgneN69Xm3O CcPs4qbAvKUNUkgOcn0B31ccEw== X-Google-Smtp-Source: AGHT+IF64v3HUro+IAdNmJfhP5zEfUQ8LFp8hTAQAP04jfRuB28nLOYmpuhI2SgaFhVm6Uz6d08KGQ== X-Received: by 2002:a05:6a00:4c8a:b0:6ce:5904:6e56 with SMTP id eb10-20020a056a004c8a00b006ce59046e56mr1845130pfb.57.1701800784800; Tue, 05 Dec 2023 10:26:24 -0800 (PST) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id gx9-20020a056a001e0900b006cdc6b9f0ecsm9717290pfb.81.2023.12.05.10.26.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 05 Dec 2023 10:26:23 -0800 (PST) From: Kees Cook To: "Guilherme G. Piccoli" Cc: Kees Cook , Tony Luck , linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v2 3/4] pstore: inode: Use __free(pstore_iput) for inode allocations Date: Tue, 5 Dec 2023 10:26:16 -0800 Message-Id: <20231205182622.1329923-3-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231205175449.work.110-kees@kernel.org> References: <20231205175449.work.110-kees@kernel.org> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1862; i=keescook@chromium.org; h=from:subject; bh=m7xJrXjdtPyXrzBu3Ps5CblAxgEi3qDUjX52ildQ9J4=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBlb2tIyZn9161W1eERCcqbEe/5HMlwbKkyq8hlo PIozsHu7tuJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCZW9rSAAKCRCJcvTf3G3A JrGcEACiwwEJFv3oAhDndCSOgseaVPz8t0wmLNflw7I79+2O05ST07/bnukMu7wcDTs6ld4FbLO 96grfA1IyYXAU9844SLcKwzhoP0ulK+dmxQgUwf1Q5vPFHe7IAJh1SPwHoEe6pjBkkXs/ACBISS ep3FTHlt/AmiJ2L6Gy8ZfTO+paAqhGEboybqlfzW12gLQs/Zl9/bKotOHcyIghbdCKJ8/M0NoXP 91yTm4PES+zC3pxgDS/wfPkKIZzmySj0z9vaLd0uTUNJPfj12LUrU4uxm/CuUlPzKJV36epH+vv zyWOesh1ZbLoae9vCk74CQuICILefP7sUR3gf3ndlJF7vbPDDTXTTDNtXM8uNfgGHkLRMQ10oI0 IxjyzuWGjeVZdaVGclhrjAwQj0TzGBYdwQ9knwPNc70/1YEKggPNeXAERDIVQS+71h1HTU+r5H5 JZMdWhNMipiTLv94qsj1Uy+jwa2qnvzOVsIM0DiQc9n1feg0lCcpF0GR2BTShwVjGM2bkeMP/Xx cAqkN+FocxUzl4UUBI8zt0N7Jx+f5cce+7ZxITiRAvtC/KjwehN0mU/e1X4ujblQm3BewlfjyeG Bh5bfbY01i1lNnCgrcqqI4d8uV3CuikibWhrDgTimswe+0KOSoVTId99LjyyKx1NwF3xtUBslSt AUiwfzzG6TJHoag== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Simplify error path for failures where "inode" needs to be freed. Cc: "Guilherme G. Piccoli" Cc: Tony Luck Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/inode.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/fs/pstore/inode.c b/fs/pstore/inode.c index 0d89e0014b6f..a27764341079 100644 --- a/fs/pstore/inode.c +++ b/fs/pstore/inode.c @@ -35,6 +35,8 @@ static LIST_HEAD(records_list); static DEFINE_MUTEX(pstore_sb_lock); static struct super_block *pstore_sb; +DEFINE_FREE(pstore_iput, struct inode *, if (_T) iput(_T)) + struct pstore_private { struct list_head list; struct dentry *dentry; @@ -337,7 +339,7 @@ int pstore_put_backend_records(struct pstore_info *psi) int pstore_mkfile(struct dentry *root, struct pstore_record *record) { struct dentry *dentry; - struct inode *inode; + struct inode *inode __free(pstore_iput) = NULL; int rc = 0; char name[PSTORE_NAMELEN]; struct pstore_private *private, *pos; @@ -369,7 +371,7 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record) private = kzalloc(sizeof(*private), GFP_KERNEL); if (!private) - goto fail_inode; + return -ENOMEM; dentry = d_alloc_name(root, name); if (!dentry) @@ -384,7 +386,7 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record) inode_set_mtime_to_ts(inode, inode_set_ctime_to_ts(inode, record->time)); - d_add(dentry, inode); + d_add(dentry, no_free_ptr(inode)); list_add(&private->list, &records_list); @@ -392,8 +394,6 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record) fail_private: free_pstore_private(private); -fail_inode: - iput(inode); return rc; } From patchwork Tue Dec 5 18:26:17 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 13480599 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="kYMGpcR6" Received: from mail-pf1-x42e.google.com (mail-pf1-x42e.google.com [IPv6:2607:f8b0:4864:20::42e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B6B9A18F for ; Tue, 5 Dec 2023 10:26:25 -0800 (PST) Received: by mail-pf1-x42e.google.com with SMTP id d2e1a72fcca58-6ce2ff70619so1890831b3a.2 for ; Tue, 05 Dec 2023 10:26:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1701800785; x=1702405585; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=AuxQ4uEqTh0xr8Jo9gHGOWhQKXUz5PFS1McwFiwms38=; b=kYMGpcR6NvWhsyLGXapA1Mxh+WEP5QkZQadGQ9ENlXW0jpWUrqG7i0u4NxkvNP3VfT z8AI2k1ILCkB3Ttcc0QiaMEhHEgnuwfUeJMF64ls5D992zkPbP+w3/a1LZY6zHJ/VPMG PrV0/hs+Jk6obHWe/oHBewcucrmM3fQObsjRg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701800785; x=1702405585; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=AuxQ4uEqTh0xr8Jo9gHGOWhQKXUz5PFS1McwFiwms38=; b=I/ZHiid/87kysc/Kff8K9J+VfvSLuAcb2VPpcUGH7i+0z8mLFqDGMIlKD8iEzHZoGJ keO4xMCVA8YwQiC4UhHkJnYhY76cNfmNKki92QBsx9SG6gZNPMIzEK4wpJ2+kj8U7U9k kvM2xy0eh822AWuF+OIbUBX77IzZTCQ91HavPDDSpd+ZgBIWYvzZ8VSQcd7kkS/sr+Nn AVMEZaz0tm1aBH8X/otONVR2OJNablOMHSVableYgToPQG/d31rH7+9N74e7bL3kqh2+ sM0RWD6VH2Fpiq56bPGVw0eYo1f9YdYor5Jt5pAE88w5OzS2/DMEOVRxwaQmoq6AhRvz Blcg== X-Gm-Message-State: AOJu0YxMcLxAwslo81c6HOFtITJf0QBlw6E0bLriVdzP1NXRMTblgneV Kjg/GObQjDVmViTiNZbAZoMDYcZ1bDDOWkLTvB4= X-Google-Smtp-Source: AGHT+IGmxDHh2M3VVTF5lhwx2Q/UaSFsZ5L0bYmNdOy0AoKESrPPnSc+UEc5cYrQDTdFxPljL770+g== X-Received: by 2002:a05:6a20:c18b:b0:18b:251d:d6fb with SMTP id bg11-20020a056a20c18b00b0018b251dd6fbmr4756254pzb.1.1701800785254; Tue, 05 Dec 2023 10:26:25 -0800 (PST) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id o8-20020a056a001b4800b006ce61c9495bsm2857795pfv.10.2023.12.05.10.26.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 05 Dec 2023 10:26:23 -0800 (PST) From: Kees Cook To: "Guilherme G. Piccoli" Cc: Kees Cook , Tony Luck , linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v2 4/4] pstore: inode: Use cleanup.h for struct pstore_private Date: Tue, 5 Dec 2023 10:26:17 -0800 Message-Id: <20231205182622.1329923-4-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231205175449.work.110-kees@kernel.org> References: <20231205175449.work.110-kees@kernel.org> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1994; i=keescook@chromium.org; h=from:subject; bh=qpvwINQCBBhSlr2YiFBK7IVLldJIfzDFIzXihlbwuNo=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBlb2tJ0NO5bX9t437Te4BZBA88PaTXhLUdX8dYv bPubelLTBqJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCZW9rSQAKCRCJcvTf3G3A Jge5D/9zVFV3uQy+F+nnWJbw8ItnBnX+gIAOgrDiVi/bCgLfIrXvONEkARgQuNpwpm4niCP7p7W KfzyCu/itdtokNnIdASfrJN8sFz7Ht1ILJIKu3ramlpWqTNrPVfoExjsE6d5hWXxBGEcx2WHaER kd1nUPtutrm2suz62fxtYMdC/igGGNh2+zKDeVg0ruBBOav/O+t3KXFrSsCrdk6KjdM6rZnauuC dvzWxDNIgnEUs2aMC82l1dsyTWJDudgR8SEhoeM5ydW2vh7umO0+S708rpSveW1lK/AZNPhuy6T PSXGWAqu66RbBAVs4pwJNAyZNEDU8RgXp370jAjUtx2xmF8okZUHfGpx2a2U2+eYcGA4skT9Yn/ c7poD9On2cU4O5J5WdOKLJrNWx/ryDub/kqHhlFQVKvoEKMG6kFteq08Y5L4CnOWAU0DlZiufu8 rGtC0auMBum0JhHh+qXZ/8XkNQNnStjXfTlMXvyTLZ2trQtn8ralN4T/Phh4TGne2jrWX53KBOF 9gNp8cNByu13rBiav9Jg4/D9ZkCFBeOrnGXmi97pYg6gsz6HuUgCjgOnzaopoI2RIgZ0VnCnnry UH9qCnW+319MQJmQdOW6q/h9svQwPlytdJ3WF948zHbqAjDvtU6wrL9HEDniL+aw3LyAARYTzQt EoIvaWUvLLV5dgg== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Simplify error path when "private" needs to be freed. Cc: "Guilherme G. Piccoli" Cc: Tony Luck Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/inode.c | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/fs/pstore/inode.c b/fs/pstore/inode.c index a27764341079..d0d9bfdad30c 100644 --- a/fs/pstore/inode.c +++ b/fs/pstore/inode.c @@ -63,6 +63,7 @@ static void free_pstore_private(struct pstore_private *private) } kfree(private); } +DEFINE_FREE(pstore_private, struct pstore_private *, free_pstore_private(_T)); static void *pstore_ftrace_seq_start(struct seq_file *s, loff_t *pos) { @@ -340,9 +341,8 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record) { struct dentry *dentry; struct inode *inode __free(pstore_iput) = NULL; - int rc = 0; char name[PSTORE_NAMELEN]; - struct pstore_private *private, *pos; + struct pstore_private *private __free(pstore_private) = NULL, *pos; size_t size = record->size + record->ecc_notice_size; if (WARN_ON(!inode_is_locked(d_inode(root)))) @@ -358,7 +358,6 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record) return -EEXIST; } - rc = -ENOMEM; inode = pstore_get_inode(root->d_sb); if (!inode) return -ENOMEM; @@ -375,7 +374,7 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record) dentry = d_alloc_name(root, name); if (!dentry) - goto fail_private; + return -ENOMEM; private->dentry = dentry; private->record = record; @@ -388,13 +387,9 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record) d_add(dentry, no_free_ptr(inode)); - list_add(&private->list, &records_list); + list_add(&(no_free_ptr(private))->list, &records_list); return 0; - -fail_private: - free_pstore_private(private); - return rc; } /*