Received: by 2002:a25:868d:0:0:0:0:0 with SMTP id z13csp519863ybk; Wed, 13 May 2020 06:17:11 -0700 (PDT) X-Google-Smtp-Source: APiQypIsZhpAqV7Rqws7poW6wu4Ck9sWFe1a3iHlSNbGRyCQgzK94MBg8PDbG9HTV3S69niqh6hb X-Received: by 2002:a17:906:310e:: with SMTP id 14mr22796686ejx.177.1589375831395; Wed, 13 May 2020 06:17:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1589375831; cv=none; d=google.com; s=arc-20160816; b=N42imSe18MycL1x6h9LS2zhbPV+lNpgXqETQEX/hfqzZI41VJKsSLztZ1GfPwxoI/Z YymSCyplUfl8MDfzeLxxCk1YBXY7vFq2q/u0p9V/EbZByf8u3nPPkW685BEVh4nIFnpT 0FgymGuN93MA7QTqlfuS/Dd8FxVzo1e7/0VdmTwyFUjN49bwpKL5es52aKi1OgLE0Apu 1f0PnbzYNS3K9kvg1ZfuBM6XEpOZ8o3DPGD0Sv9a57S43q+4t3Umat+dvlIxoOw+k3eD cBwpYJnMKUP16RVR0oLIeGRre4uMY6U+fVuChl3E0BjzyoNPLL63a+lmDg2ZkfMeSGJD RrrA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=uq9dGFS0JVEQgrQR7OlP7twEZ+C/lLS/sMFl5mNJPHU=; b=ItYHO3gX8hztUvfFIT59OGJkffF+2E2PZdigGQWRZGXvU3BG58/3HYhZG9ZJJqCHQW 600mjMx5FkTzBz3MxPyNNoaxTjeUQzWB9/6zkkqK5x55nbF5lcbfGn6RfLmxgGcSqkhj P5Sk9x9/drVG/o951HHezo/af9OcxguN28b4FAk9Fe1sZ8K+2D2zoUoePq+03p3d7t2W eVJYTodS32wvBMYlprH/7oK0HGWMth8kaHtKk0tmlNGaNHa1/MDsgo2I8K8J6wkM+w/t 7IhBpOAKULO4g3VAVk/jbh2PZ225OtudtYXFgLysDbqo2igPNDEtUfFo/RSAX/yRPit0 A1Xg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h12si1508547edn.322.2020.05.13.06.16.47; Wed, 13 May 2020 06:17:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2387529AbgEMNNn (ORCPT + 99 others); Wed, 13 May 2020 09:13:43 -0400 Received: from mail-pg1-f196.google.com ([209.85.215.196]:46917 "EHLO mail-pg1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725925AbgEMNNj (ORCPT ); Wed, 13 May 2020 09:13:39 -0400 Received: by mail-pg1-f196.google.com with SMTP id p21so1908150pgm.13; Wed, 13 May 2020 06:13:37 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=uq9dGFS0JVEQgrQR7OlP7twEZ+C/lLS/sMFl5mNJPHU=; b=Q7ttVilNlu+0UxHRSUg7h2tBi0EnQxJFitrkJkJeV8bATveqhijQRuG7USaliPTZ04 vyEzxvQA4nV1V//9jCcM3ifCH2RkzEK7CgQOdvho1hvN/1qvxFOpwwe3MkKYvd+sxhxu 8AP/cwTn0/4R8vpqykva99/GfhJZO2MGOPmHae/l5n70aViy0nnHJtnxO9aXddbNiuxi PeanzS73DjhbmvlJhBImSGTAEGMYKd+I5E+gJ6RfuyZmX2Nyu+kps4wAb1xv9Nl9EGr5 0rHPwRjLSmj6GtMWWJEtHFcgQi1x/t/Xe1+t31a1yc2lOPrCBediE+eJ4tvQRj8vNF9C 84Tw== X-Gm-Message-State: AGi0PuayJdtyH4SRdDIc+kIMSGyRItjO9wX3XW1FauYwE4YsRzE30494 C7B3gVmKeTj278nfTLVYB0w= X-Received: by 2002:a63:d24a:: with SMTP id t10mr24091301pgi.326.1589375617458; Wed, 13 May 2020 06:13:37 -0700 (PDT) Received: from 42.do-not-panic.com (42.do-not-panic.com. [157.230.128.187]) by smtp.gmail.com with ESMTPSA id d20sm15112860pjs.12.2020.05.13.06.13.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 13 May 2020 06:13:36 -0700 (PDT) Received: by 42.do-not-panic.com (Postfix, from userid 1000) id 4C2B54063E; Wed, 13 May 2020 13:13:35 +0000 (UTC) Date: Wed, 13 May 2020 13:13:35 +0000 From: Luis Chamberlain To: Al Viro , keescook@chromium.org, Scott Branden , Mimi Zohar , linux-security-module@vger.kernel.org, jmorris@namei.org, serge@hallyn.com, ast@kernel.org, daniel@iogearbox.net, kafai@fb.com, songliubraving@fb.com, yhs@fb.com, andriin@fb.com, john.fastabend@gmail.com, kpsingh@chromium.org Cc: Shuah Khan , axboe@kernel.dk, zohar@linux.vnet.ibm.com, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v2 2/2] fs: avoid fdput() after failed fdget() in kernel_read_file_from_fd() Message-ID: <20200513131335.GN11244@42.do-not-panic.com> References: <1159d74f88d100521c568037327ebc8ec7ffc6ef.1589311577.git.skhan@linuxfoundation.org> <20200513054950.GT23230@ZenIV.linux.org.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200513054950.GT23230@ZenIV.linux.org.uk> User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, May 13, 2020 at 06:49:50AM +0100, Al Viro wrote: > On Tue, May 12, 2020 at 01:43:05PM -0600, Shuah Khan wrote: > > diff --git a/fs/exec.c b/fs/exec.c > > index 06b4c550af5d..ea24bdce939d 100644 > > --- a/fs/exec.c > > +++ b/fs/exec.c > > @@ -1021,8 +1021,8 @@ int kernel_read_file_from_fd(int fd, void **buf, loff_t *size, loff_t max_size, > > goto out; > > > > ret = kernel_read_file(f.file, buf, size, max_size, id); > > -out: > > fdput(f); > > +out: > > return ret; > > Incidentally, why is that thing exported? Both kernel_read_file_from_fd() and kernel_read_file() are exported because they have users, however kernel_read_file() only has security stuff as a user. Do we want to get rid of the lsm hook for it? I also have some non-posted patches which tucks away these kernel_read*() exports under a symbol namespace, to avoid wide-spread use / abuse on areas in the kernel, so I'd be happy to take this on if we want to remove it export / lsm hook as part of my series. I did this as there is another series of patches for a new driver which extend these family of functions with a now pread() variant.... Luis