| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 Mar 2015 13:37:38 +1100
From: NeilBrown <neilb@...e.de>
To: Al Viro <viro@...IV.linux.org.uk>
Cc: linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH 03/20] VFS: replace {,
total_}link_count in task_struct with pointer to nameidata
task_struct currently contains two ad-hoc members for use by
the VFS: link_count and total_link_count.
These are only interesting to fs/namei.c, so exposing them
explicitly is poor layering.
This patches replaces those with a single pointer to 'struct
nameidata'.
This structure represents the current filename lookup of which
there can only be one per process, and is a natural place to
store link_count and total_link_count.
This will allow the current "nameidata" argument to all
follow_link operations to be removed as current->nameidata
can be used instead.
As there are occasional circumstances where pathname lookup can
recurse, such as through kern_path_locked, we always save and old
current->nameidata (if there is one) when setting a new value, and
make sure any active link_counts are preserved.
follow_mount and follow_automount now get a 'struct nameidata *'
rather than 'int flags' so that they can directly access
link_count and total_link_count, rather than going through 'current'.
Suggested-by: Al Viro <viro@...IV.linux.org.uk>
Signed-off-by: NeilBrown <neilb@...e.de>
---
fs/namei.c | 79 +++++++++++++++++++++++++++++++++----------------
include/linux/sched.h | 2 +
2 files changed, 55 insertions(+), 26 deletions(-)
diff --git a/fs/namei.c b/fs/namei.c
index c83145af4bfc..53bead4f5bdf 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -502,10 +502,29 @@ struct nameidata {
unsigned seq, m_seq;
int last_type;
unsigned depth;
+ int link_count,
+ total_link_count;
struct file *base;
char *saved_names[MAX_NESTED_LINKS + 1];
};
+static struct nameidata *set_nameidata(struct nameidata *p)
+{
+ struct nameidata *old = current->nameidata;
+
+ current->nameidata = p;
+ if (p) {
+ if (!old) {
+ p->link_count = 0;
+ p->total_link_count = 0;
+ } else {
+ p->link_count = old->link_count;
+ p->total_link_count = old->total_link_count;
+ }
+ }
+ return old;
+}
+
/*
* Path walking has 2 modes, rcu-walk and ref-walk (see
* Documentation/filesystems/path-lookup.txt). In situations when we can't
@@ -863,11 +882,11 @@ follow_link(struct path *link, struct nameidata *nd, void **p)
mntget(link->mnt);
error = -ELOOP;
- if (unlikely(current->total_link_count >= 40))
+ if (unlikely(nd->total_link_count >= 40))
goto out_put_nd_path;
cond_resched();
- current->total_link_count++;
+ nd->total_link_count++;
touch_atime(link);
nd_set_link(nd, NULL);
@@ -966,7 +985,7 @@ EXPORT_SYMBOL(follow_up);
* - return -EISDIR to tell follow_managed() to stop and return the path we
* were called with.
*/
-static int follow_automount(struct path *path, unsigned flags,
+static int follow_automount(struct path *path, struct nameidata *nd,
bool *need_mntput)
{
struct vfsmount *mnt;
@@ -986,13 +1005,13 @@ static int follow_automount(struct path *path, unsigned flags,
* as being automount points. These will need the attentions
* of the daemon to instantiate them before they can be used.
*/
- if (!(flags & (LOOKUP_PARENT | LOOKUP_DIRECTORY |
- LOOKUP_OPEN | LOOKUP_CREATE | LOOKUP_AUTOMOUNT)) &&
+ if (!(nd->flags & (LOOKUP_PARENT | LOOKUP_DIRECTORY |
+ LOOKUP_OPEN | LOOKUP_CREATE | LOOKUP_AUTOMOUNT)) &&
path->dentry->d_inode)
return -EISDIR;
- current->total_link_count++;
- if (current->total_link_count >= 40)
+ nd->total_link_count++;
+ if (nd->total_link_count >= 40)
return -ELOOP;
mnt = path->dentry->d_op->d_automount(path);
@@ -1006,7 +1025,7 @@ static int follow_automount(struct path *path, unsigned flags,
* the path being looked up; if it wasn't then the remainder of
* the path is inaccessible and we should say so.
*/
- if (PTR_ERR(mnt) == -EISDIR && (flags & LOOKUP_PARENT))
+ if (PTR_ERR(mnt) == -EISDIR && (nd->flags & LOOKUP_PARENT))
return -EREMOTE;
return PTR_ERR(mnt);
}
@@ -1046,7 +1065,7 @@ static int follow_automount(struct path *path, unsigned flags,
*
* Serialization is taken care of in namespace.c
*/
-static int follow_managed(struct path *path, unsigned flags)
+static int follow_managed(struct path *path, struct nameidata *nd)
{
struct vfsmount *mnt = path->mnt; /* held by caller, must be left alone */
unsigned managed;
@@ -1090,7 +1109,7 @@ static int follow_managed(struct path *path, unsigned flags)
/* Handle an automount point */
if (managed & DCACHE_NEED_AUTOMOUNT) {
- ret = follow_automount(path, flags, &need_mntput);
+ ret = follow_automount(path, nd, &need_mntput);
if (ret < 0)
break;
continue;
@@ -1475,7 +1494,7 @@ unlazy:
path->mnt = mnt;
path->dentry = dentry;
- err = follow_managed(path, nd->flags);
+ err = follow_managed(path, nd);
if (unlikely(err < 0)) {
path_put_conditional(path, nd);
return err;
@@ -1505,7 +1524,7 @@ static int lookup_slow(struct nameidata *nd, struct path *path)
return PTR_ERR(dentry);
path->mnt = nd->path.mnt;
path->dentry = dentry;
- err = follow_managed(path, nd->flags);
+ err = follow_managed(path, nd);
if (unlikely(err < 0)) {
path_put_conditional(path, nd);
return err;
@@ -1621,7 +1640,7 @@ static inline int nested_symlink(struct path *path, struct nameidata *nd)
{
int res;
- if (unlikely(current->link_count >= MAX_NESTED_LINKS)) {
+ if (unlikely(nd->link_count >= MAX_NESTED_LINKS)) {
path_put_conditional(path, nd);
path_put(&nd->path);
return -ELOOP;
@@ -1629,7 +1648,7 @@ static inline int nested_symlink(struct path *path, struct nameidata *nd)
BUG_ON(nd->depth >= MAX_NESTED_LINKS);
nd->depth++;
- current->link_count++;
+ nd->link_count++;
do {
struct path link = *path;
@@ -1642,7 +1661,7 @@ static inline int nested_symlink(struct path *path, struct nameidata *nd)
put_link(nd, &link, cookie);
} while (res > 0);
- current->link_count--;
+ nd->link_count--;
nd->depth--;
return res;
}
@@ -1948,7 +1967,7 @@ static int path_init(int dfd, const char *name, unsigned int flags,
rcu_read_unlock();
return -ECHILD;
done:
- current->total_link_count = 0;
+ nd->total_link_count = 0;
return link_path_walk(name, nd);
}
@@ -2027,7 +2046,10 @@ static int path_lookupat(int dfd, const char *name,
static int filename_lookup(int dfd, struct filename *name,
unsigned int flags, struct nameidata *nd)
{
- int retval = path_lookupat(dfd, name->name, flags | LOOKUP_RCU, nd);
+ int retval;
+ struct nameidata *saved_nd = set_nameidata(nd);
+
+ retval = path_lookupat(dfd, name->name, flags | LOOKUP_RCU, nd);
if (unlikely(retval == -ECHILD))
retval = path_lookupat(dfd, name->name, flags, nd);
if (unlikely(retval == -ESTALE))
@@ -2036,6 +2058,7 @@ static int filename_lookup(int dfd, struct filename *name,
if (likely(!retval))
audit_inode(name, nd->path.dentry, flags & LOOKUP_PARENT);
+ set_nameidata(saved_nd);
return retval;
}
@@ -2343,7 +2366,7 @@ out:
static int
path_mountpoint(int dfd, const char *name, struct path *path, unsigned int flags)
{
- struct nameidata nd;
+ struct nameidata nd, *saved = set_nameidata(&nd);
int err;
err = path_init(dfd, name, flags, &nd);
@@ -2366,6 +2389,7 @@ path_mountpoint(int dfd, const char *name, struct path *path, unsigned int flags
}
out:
path_cleanup(&nd);
+ set_nameidata(saved);
return err;
}
@@ -3028,7 +3052,7 @@ retry_lookup:
if ((open_flag & (O_EXCL | O_CREAT)) == (O_EXCL | O_CREAT))
goto exit_dput;
- error = follow_managed(path, nd->flags);
+ error = follow_managed(path, nd);
if (error < 0)
goto exit_dput;
@@ -3217,12 +3241,14 @@ static struct file *path_openat(int dfd, struct filename *pathname,
struct path path;
int opened = 0;
int error;
+ struct nameidata *saved_nd;
file = get_empty_filp();
if (IS_ERR(file))
return file;
file->f_flags = op->open_flag;
+ saved_nd = set_nameidata(nd);
if (unlikely(file->f_flags & __O_TMPFILE)) {
error = do_tmpfile(dfd, pathname, nd, flags, op, file, &opened);
@@ -3269,6 +3295,7 @@ out:
}
file = ERR_PTR(error);
}
+ set_nameidata(saved_nd);
return file;
}
@@ -4429,18 +4456,20 @@ EXPORT_SYMBOL(readlink_copy);
*/
int generic_readlink(struct dentry *dentry, char __user *buffer, int buflen)
{
- struct nameidata nd;
+ struct nameidata nd, *saved = set_nameidata(&nd);
void *cookie;
int res;
nd.depth = 0;
cookie = dentry->d_inode->i_op->follow_link(dentry, &nd);
if (IS_ERR(cookie))
- return PTR_ERR(cookie);
-
- res = readlink_copy(buffer, buflen, nd_get_link(&nd));
- if (dentry->d_inode->i_op->put_link)
- dentry->d_inode->i_op->put_link(dentry, &nd, cookie);
+ res = PTR_ERR(cookie);
+ else {
+ res = readlink_copy(buffer, buflen, nd_get_link(&nd));
+ if (dentry->d_inode->i_op->put_link)
+ dentry->d_inode->i_op->put_link(dentry, &nd, cookie);
+ }
+ set_nameidata(saved);
return res;
}
EXPORT_SYMBOL(generic_readlink);
diff --git a/include/linux/sched.h b/include/linux/sched.h
index 6d77432e14ff..b88b9eea169a 100644
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@@ -1447,7 +1447,7 @@ struct task_struct {
it with task_lock())
- initialized normally by setup_new_exec */
/* file system info */
- int link_count, total_link_count;
+ struct nameidata *nameidata;
#ifdef CONFIG_SYSVIPC
/* ipc stuff */
struct sysv_sem sysvsem;
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists