| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241107005720.901335-5-vinicius.gomes@intel.com>
Date: Wed, 6 Nov 2024 16:57:20 -0800
From: Vinicius Costa Gomes <vinicius.gomes@...el.com>
To: brauner@...nel.org,
amir73il@...il.com,
hu1.chen@...el.com
Cc: miklos@...redi.hu,
malini.bhandaru@...el.com,
tim.c.chen@...el.com,
mikko.ylinen@...el.com,
linux-unionfs@...r.kernel.org,
linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org,
Vinicius Costa Gomes <vinicius.gomes@...el.com>
Subject: [PATCH v4 4/4] ovl: Optimize override/revert creds
Use override_creds_light() in ovl_override_creds() and
revert_creds_light() in ovl_revert_creds_light().
The _light() functions do not change the 'usage' of the credentials in
question, as they refer to the credentials associated with the
mounter, which have a longer lifetime.
In ovl_setup_cred_for_create(), do not need to modify the mounter
credentials (returned by override_creds()) 'usage' counter. Add a
warning to verify that we are indeed working with the mounter
credentials (stored in the superblock). Failure in this assumption
means that creds may leak.
Suggested-by: Christian Brauner <brauner@...nel.org>
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@...el.com>
---
fs/overlayfs/dir.c | 7 ++++++-
fs/overlayfs/util.c | 4 ++--
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/fs/overlayfs/dir.c b/fs/overlayfs/dir.c
index 09db5eb19242..136a2c7fb9e5 100644
--- a/fs/overlayfs/dir.c
+++ b/fs/overlayfs/dir.c
@@ -571,7 +571,12 @@ static int ovl_setup_cred_for_create(struct dentry *dentry, struct inode *inode,
put_cred(override_cred);
return err;
}
- put_cred(override_creds(override_cred));
+
+ /*
+ * We must be called with creator creds already, otherwise we risk
+ * leaking creds.
+ */
+ WARN_ON_ONCE(override_creds(override_cred) != ovl_creds(dentry->d_sb));
put_cred(override_cred);
return 0;
diff --git a/fs/overlayfs/util.c b/fs/overlayfs/util.c
index 9408046f4f41..3bb107471fb4 100644
--- a/fs/overlayfs/util.c
+++ b/fs/overlayfs/util.c
@@ -65,12 +65,12 @@ const struct cred *ovl_override_creds(struct super_block *sb)
{
struct ovl_fs *ofs = OVL_FS(sb);
- return override_creds(ofs->creator_cred);
+ return override_creds_light(ofs->creator_cred);
}
void ovl_revert_creds(const struct cred *old_cred)
{
- revert_creds(old_cred);
+ revert_creds_light(old_cred);
}
/*
--
2.47.0
Powered by blists - more mailing lists