From patchwork Wed Jun 3 01:10:42 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sargun Dhillon X-Patchwork-Id: 224830 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.8 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4C1EBC433E2 for ; Wed, 3 Jun 2020 01:14:09 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 2BEB820835 for ; Wed, 3 Jun 2020 01:14:09 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=sargun.me header.i=@sargun.me header.b="KcuhYU82" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728449AbgFCBNz (ORCPT ); Tue, 2 Jun 2020 21:13:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46050 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728377AbgFCBNk (ORCPT ); Tue, 2 Jun 2020 21:13:40 -0400 Received: from mail-pf1-x442.google.com (mail-pf1-x442.google.com [IPv6:2607:f8b0:4864:20::442]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B411CC08C5C1 for ; Tue, 2 Jun 2020 18:13:40 -0700 (PDT) Received: by mail-pf1-x442.google.com with SMTP id b16so395839pfi.13 for ; Tue, 02 Jun 2020 18:13:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sargun.me; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=nhWgywlp7hGFzT3uDr0Y1hpZYhM+popoEVRUKB4VQWc=; b=KcuhYU82+vDQQx/DeVCMpJeN14+0ym8WxhWxeXEkaQ+3yezTYF4Ee5fw/subrNMumN KyeAfCGCmRn0kJMIhZMcogDXCSfT+sBBqmi7wdOtjgBK8yInPiCqMLFgrVCWXL2KYFXQ wAigHdmOLJYq7IXym1xyUJRMKY8oH/Rez9kpo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=nhWgywlp7hGFzT3uDr0Y1hpZYhM+popoEVRUKB4VQWc=; b=NtHtwCurAVq88liNqFuXjJUn4DwjU2oiSeisCMoXS4rqN7YPHmq0xjao/Ju7QuIM1G GcMgfy2g44lRG6P8F3ZsRKTuibbL90nw6s1VT9yBsVogGSFSCyTzPwBVfIpl+XsD75z3 G8audWHPCMZoKzAu9vD3B9DIagQ6m4RaRMD0kb1PVxFtg0wrokbCec1GVm64UDta1Hf2 cwpzH1UwpnPFTD56C3U2SonGHJA6rs1exzBqO/ijlo+Bp3rQyCix7o9ZFKo4wFLe812K Gkzo+IgkJw0bNXdfsOUAHR82J57iA4GII7HbC7E/byJDMOX7lX1z4oEGYmuAZfiYe1oX C9iw== X-Gm-Message-State: AOAM530QHVtOCasG+8+zGIFjMua3i/UXbcBIUT4ptJAoWd8/+cJg70CQ BQCGLPOJsQqoKUbDyrCxN1tMNQ== X-Google-Smtp-Source: ABdhPJziu0Ir+oIrvYqeFGcbFb1EEVntTRUVR8VaEiMPDVEUmaVr/EmBGAHwManIvwfanKgve0+dwg== X-Received: by 2002:a17:90a:7bcb:: with SMTP id d11mr2287916pjl.209.1591146820050; Tue, 02 Jun 2020 18:13:40 -0700 (PDT) Received: from ubuntu.netflix.com (203.20.25.136.in-addr.arpa. [136.25.20.203]) by smtp.gmail.com with ESMTPSA id a12sm263222pjw.35.2020.06.02.18.13.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Jun 2020 18:13:39 -0700 (PDT) From: Sargun Dhillon To: Kees Cook , linux-kernel@vger.kernel.org Cc: Sargun Dhillon , Tycho Andersen , Matt Denton , Jann Horn , Chris Palmer , Aleksa Sarai , Robert Sesek , Christian Brauner , containers@lists.linux-foundation.org, Giuseppe Scrivano , Greg Kroah-Hartman , Al Viro , Daniel Wagner , "David S . Miller" , John Fastabend , Tejun Heo , stable@vger.kernel.org, cgroups@vger.kernel.org, linux-fsdevel@vger.kernel.org Subject: [PATCH v3 2/4] pid: Use file_receive helper to copy FDs Date: Tue, 2 Jun 2020 18:10:42 -0700 Message-Id: <20200603011044.7972-3-sargun@sargun.me> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200603011044.7972-1-sargun@sargun.me> References: <20200603011044.7972-1-sargun@sargun.me> MIME-Version: 1.0 Sender: stable-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org The code to copy file descriptors was duplicated in pidfd_getfd. Rather than continue to duplicate it, this hoists the code out of kernel/pid.c and uses the newly added file_receive helper. Earlier, when this was implemented there was some back-and-forth about how the semantics should work around copying around file descriptors [1], and it was decided that the default behaviour should be to not modify cgroup data. As a matter of least surprise, this approach follows the default semantics as presented by SCM_RIGHTS. In the future, a flag can be added to avoid manipulating the cgroup data on copy. [1]: https://lore.kernel.org/lkml/20200107175927.4558-1-sargun@sargun.me/ Signed-off-by: Sargun Dhillon Suggested-by: Kees Cook Cc: Al Viro Cc: Christian Brauner Cc: Daniel Wagner Cc: David S. Miller Cc: Jann Horn Cc: John Fastabend Cc: Tejun Heo Cc: Tycho Andersen Cc: stable@vger.kernel.org Cc: cgroups@vger.kernel.org Cc: linux-fsdevel@vger.kernel.org Cc: linux-kernel@vger.kernel.org --- kernel/pid.c | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/kernel/pid.c b/kernel/pid.c index c835b844aca7..1642cf940aa1 100644 --- a/kernel/pid.c +++ b/kernel/pid.c @@ -606,7 +606,7 @@ static int pidfd_getfd(struct pid *pid, int fd) { struct task_struct *task; struct file *file; - int ret; + int ret, err; task = get_pid_task(pid, PIDTYPE_PID); if (!task) @@ -617,18 +617,16 @@ static int pidfd_getfd(struct pid *pid, int fd) if (IS_ERR(file)) return PTR_ERR(file); - ret = security_file_receive(file); - if (ret) { - fput(file); - return ret; - } - ret = get_unused_fd_flags(O_CLOEXEC); - if (ret < 0) - fput(file); - else - fd_install(ret, file); + if (ret >= 0) { + err = file_receive(ret, file); + if (err) { + put_unused_fd(ret); + ret = err; + } + } + fput(file); return ret; }