| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20241125-work-cred-v2-0-68b9d38bb5b2@kernel.org>
Date: Mon, 25 Nov 2024 15:09:56 +0100
From: Christian Brauner <brauner@...nel.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Amir Goldstein <amir73il@...il.com>, Miklos Szeredi <miklos@...redi.hu>,
Al Viro <viro@...iv.linux.org.uk>, Jens Axboe <axboe@...nel.dk>,
linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
Christian Brauner <brauner@...nel.org>
Subject: [PATCH v2 00/29] cred: rework {override,revert}_creds()
For the v6.13 cycle we switched overlayfs to a variant of
override_creds() that doesn't take an extra reference. To this end I
suggested introducing {override,revert}_creds_light() which overlayfs
could use.
This seems to work rather well. This series follow Linus advice and
unifies the separate helpers and simply makes {override,revert}_creds()
do what {override,revert}_creds_light() currently does. Caller's that
really need the extra reference count can take it manually.
---
Changes in v2:
- Remove confusion around dangling pointer.
- Use the revert_creds(old) + put_cred(new) pattern instead of
put_cred(revert_creds(old)).
- Fill in missing justifications in various commit message why not using
a separate reference count is safe.
- Make get_new_cred() argument const to easily use it during the
conversion.
- Get rid of get_new_cred() completely at the end of the series.
- Link to v1: https://lore.kernel.org/r/20241124-work-cred-v1-0-f352241c3970@kernel.org
---
Christian Brauner (29):
tree-wide: s/override_creds()/override_creds_light(get_new_cred())/g
cred: return old creds from revert_creds_light()
tree-wide: s/revert_creds()/put_cred(revert_creds_light())/g
cred: remove old {override,revert}_creds() helpers
tree-wide: s/override_creds_light()/override_creds()/g
tree-wide: s/revert_creds_light()/revert_creds()/g
firmware: avoid pointless reference count bump
sev-dev: avoid pointless cred reference count bump
target_core_configfs: avoid pointless cred reference count bump
aio: avoid pointless cred reference count bump
binfmt_misc: avoid pointless cred reference count bump
coredump: avoid pointless cred reference count bump
nfs/localio: avoid pointless cred reference count bumps
nfs/nfs4idmap: avoid pointless reference count bump
nfs/nfs4recover: avoid pointless cred reference count bump
nfsfh: avoid pointless cred reference count bump
open: avoid pointless cred reference count bump
ovl: avoid pointless cred reference count bump
cifs: avoid pointless cred reference count bump
cifs: avoid pointless cred reference count bump
smb: avoid pointless cred reference count bump
io_uring: avoid pointless cred reference count bump
acct: avoid pointless reference count bump
cgroup: avoid pointless cred reference count bump
trace: avoid pointless cred reference count bump
dns_resolver: avoid pointless cred reference count bump
cachefiles: avoid pointless cred reference count bump
nfsd: avoid pointless cred reference count bump
cred: remove unused get_new_cred()
Documentation/security/credentials.rst | 5 ----
drivers/crypto/ccp/sev-dev.c | 2 +-
fs/backing-file.c | 20 +++++++-------
fs/nfsd/auth.c | 3 +-
fs/nfsd/filecache.c | 2 +-
fs/nfsd/nfs4recover.c | 3 +-
fs/nfsd/nfsfh.c | 1 -
fs/open.c | 11 ++------
fs/overlayfs/dir.c | 4 +--
fs/overlayfs/util.c | 4 +--
fs/smb/server/smb_common.c | 10 ++-----
include/linux/cred.h | 26 ++++--------------
kernel/cred.c | 50 ----------------------------------
13 files changed, 27 insertions(+), 114 deletions(-)
---
base-commit: e7675238b9bf4db0b872d5dbcd53efa31914c98f
change-id: 20241124-work-cred-349b65450082
Powered by blists - more mailing lists