| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 2 Jun 2020 18:10:42 -0700
From: Sargun Dhillon <sargun@...gun.me>
To: Kees Cook <keescook@...omium.org>, linux-kernel@...r.kernel.org
Cc: Sargun Dhillon <sargun@...gun.me>, Tycho Andersen <tycho@...ho.ws>,
Matt Denton <mpdenton@...gle.com>,
Jann Horn <jannh@...gle.com>, Chris Palmer <palmer@...gle.com>,
Aleksa Sarai <cyphar@...har.com>,
Robert Sesek <rsesek@...gle.com>,
Christian Brauner <christian.brauner@...ntu.com>,
containers@...ts.linux-foundation.org,
Giuseppe Scrivano <gscrivan@...hat.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Al Viro <viro@...iv.linux.org.uk>,
Daniel Wagner <daniel.wagner@...-carit.de>,
"David S . Miller" <davem@...emloft.net>,
John Fastabend <john.r.fastabend@...el.com>,
Tejun Heo <tj@...nel.org>, stable@...r.kernel.org,
cgroups@...r.kernel.org, linux-fsdevel@...r.kernel.org
Subject: [PATCH v3 2/4] pid: Use file_receive helper to copy FDs
The code to copy file descriptors was duplicated in pidfd_getfd.
Rather than continue to duplicate it, this hoists the code out of
kernel/pid.c and uses the newly added file_receive helper.
Earlier, when this was implemented there was some back-and-forth
about how the semantics should work around copying around file
descriptors [1], and it was decided that the default behaviour
should be to not modify cgroup data. As a matter of least surprise,
this approach follows the default semantics as presented by SCM_RIGHTS.
In the future, a flag can be added to avoid manipulating the cgroup
data on copy.
[1]: https://lore.kernel.org/lkml/20200107175927.4558-1-sargun@sargun.me/
Signed-off-by: Sargun Dhillon <sargun@...gun.me>
Suggested-by: Kees Cook <keescook@...omium.org>
Cc: Al Viro <viro@...iv.linux.org.uk>
Cc: Christian Brauner <christian.brauner@...ntu.com>
Cc: Daniel Wagner <daniel.wagner@...-carit.de>
Cc: David S. Miller <davem@...emloft.net>
Cc: Jann Horn <jannh@...gle.com>
Cc: John Fastabend <john.r.fastabend@...el.com>
Cc: Tejun Heo <tj@...nel.org>
Cc: Tycho Andersen <tycho@...ho.ws>
Cc: stable@...r.kernel.org
Cc: cgroups@...r.kernel.org
Cc: linux-fsdevel@...r.kernel.org
Cc: linux-kernel@...r.kernel.org
---
kernel/pid.c | 20 +++++++++-----------
1 file changed, 9 insertions(+), 11 deletions(-)
diff --git a/kernel/pid.c b/kernel/pid.c
index c835b844aca7..1642cf940aa1 100644
--- a/kernel/pid.c
+++ b/kernel/pid.c
@@ -606,7 +606,7 @@ static int pidfd_getfd(struct pid *pid, int fd)
{
struct task_struct *task;
struct file *file;
- int ret;
+ int ret, err;
task = get_pid_task(pid, PIDTYPE_PID);
if (!task)
@@ -617,18 +617,16 @@ static int pidfd_getfd(struct pid *pid, int fd)
if (IS_ERR(file))
return PTR_ERR(file);
- ret = security_file_receive(file);
- if (ret) {
- fput(file);
- return ret;
- }
-
ret = get_unused_fd_flags(O_CLOEXEC);
- if (ret < 0)
- fput(file);
- else
- fd_install(ret, file);
+ if (ret >= 0) {
+ err = file_receive(ret, file);
+ if (err) {
+ put_unused_fd(ret);
+ ret = err;
+ }
+ }
+ fput(file);
return ret;
}
--
2.25.1
Powered by blists - more mailing lists