Received: by 2002:a25:868d:0:0:0:0:0 with SMTP id z13csp565871ybk; Wed, 13 May 2020 07:22:25 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx+9q9wTFl5XqPAhl2NODmrYrchRRhrMYfJfS/lTqttIEdjcksqsOkOAJ+WZ5dHEdVgwVGT X-Received: by 2002:a50:8d5e:: with SMTP id t30mr11283668edt.332.1589379745251; Wed, 13 May 2020 07:22:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1589379745; cv=none; d=google.com; s=arc-20160816; b=0eGznhm6MINH0N7JUzaqgGPFSNVwfKH7aCAkK5YiVRSRpYLFN7lh8wge8mnR7uE6ls I7WsiiTqmsVCsqaoU2oq0EiKVQ9rWKzDTRo07IDCD41q4qvBXnZy0w6+b1D1UkhEjWqA A3TNjG5ysgCvKLlBiShentClNsAvhcG+rBtCkP1dn9IBBT2tUfLJMNXuwv1ctrDRCUgm 2QRPICxkfNCkGdedcKFwHd/6lSGPuCTYVIOmvEpdfbubhgygMwzbSaXeA4erBS1t42nk fJNboGq8o1yB0tWzKbB/H76XdBfqg2T3Zvh0NAHO1Cv04Eb7zMhB2gvTBvUSyeO2uy+4 j2yg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=nkQfxuCQpa0SNTTGax3Ss05HS90ehU4JE6SeFcD5Fdk=; b=Hi0SfCFYAvpP2p9RAWfn8aAVx+zRH0JAxJb1kWtr7DL4pzi5x19oDB8uz1fUfXRWIc g68kgup9t3SkNLNhFL2Fl2u/I51QZ1oaV1szRU2uosdZLYPOXZRkYM2U6bOLL50Up3n1 SZaj6gXXrzCwghJHwUC8BQxFuRxGj/unRGWyowvtmXJyPibKh9w5jGjCgfDIMa+tiQjh XR0ddsIFS9CQD9nn2iVN0s7s/zm9JLP45jiQUS5Nq/zWMPDAdAjfHSWJh+mw08DL/qii xO3lyvcepc4hLk/h+p6qxknfG7hbtAv54ajzuoUmXBhPAfdv07aCscf7JNPGweRLJz0b 7Xdw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=uOJGUSp5; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id c101si245926edf.8.2020.05.13.07.22.00; Wed, 13 May 2020 07:22:25 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=uOJGUSp5; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388938AbgEMOTk (ORCPT + 99 others); Wed, 13 May 2020 10:19:40 -0400 Received: from mail.kernel.org ([198.145.29.99]:47374 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1733142AbgEMOTj (ORCPT ); Wed, 13 May 2020 10:19:39 -0400 Received: from mail-ua1-f44.google.com (mail-ua1-f44.google.com [209.85.222.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id F25A220708; Wed, 13 May 2020 14:19:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1589379579; bh=XCp5F/lYiyuFT5h0NEXzypxvSnrMq5SZYIt8WXe6LVw=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=uOJGUSp5I2Fhby38cG8aJB5ujSNOpddNlZHsiqZbn37fuENgE22NYAwW53wpZU6TE MhNxw4iMQFX9TOzBv4/GTYMM6NmU8ZRogVMufoD8nEujm43LPGYyH6WdGhjmZ89W8B Ah8qptaWTjtm601fRZr25nbACz19TyBVIol8MdoE= Received: by mail-ua1-f44.google.com with SMTP id r2so6105393uam.7; Wed, 13 May 2020 07:19:39 -0700 (PDT) X-Gm-Message-State: AGi0PubOpjyrhBhJsp1c1HERHhWm7SsLiUirirkzOMfsBRG9RMVf5DiJ TCXr7YcAJmZUIQtLKENo4bVpw0tkAxMrmfF+dSg= X-Received: by 2002:a9f:2c96:: with SMTP id w22mr21303032uaj.14.1589379578140; Wed, 13 May 2020 07:19:38 -0700 (PDT) MIME-Version: 1.0 References: <1159d74f88d100521c568037327ebc8ec7ffc6ef.1589311577.git.skhan@linuxfoundation.org> <20200513054950.GT23230@ZenIV.linux.org.uk> <20200513131335.GN11244@42.do-not-panic.com> In-Reply-To: <20200513131335.GN11244@42.do-not-panic.com> From: Luis Chamberlain Date: Wed, 13 May 2020 08:19:25 -0600 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v2 2/2] fs: avoid fdput() after failed fdget() in kernel_read_file_from_fd() To: Al Viro , Kees Cook , Scott Branden , Mimi Zohar , linux-security-module , James Morris , "Serge E. Hallyn" , Alexei Starovoitov , Daniel Borkmann , Martin KaFai Lau , Song Liu , Yonghong Song , Andrii Nakryiko , John Fastabend , KP Singh Cc: Shuah Khan , Jens Axboe , Linux FS Devel , "linux-kernel@vger.kernel.org" Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, May 13, 2020 at 7:13 AM Luis Chamberlain wrote: > > On Wed, May 13, 2020 at 06:49:50AM +0100, Al Viro wrote: > > On Tue, May 12, 2020 at 01:43:05PM -0600, Shuah Khan wrote: > > > diff --git a/fs/exec.c b/fs/exec.c > > > index 06b4c550af5d..ea24bdce939d 100644 > > > --- a/fs/exec.c > > > +++ b/fs/exec.c > > > @@ -1021,8 +1021,8 @@ int kernel_read_file_from_fd(int fd, void **buf, loff_t *size, loff_t max_size, > > > goto out; > > > > > > ret = kernel_read_file(f.file, buf, size, max_size, id); > > > -out: > > > fdput(f); > > > +out: > > > return ret; > > > > Incidentally, why is that thing exported? > > Both kernel_read_file_from_fd() and kernel_read_file() are exported > because they have users, however kernel_read_file() only has security > stuff as a user. Do we want to get rid of the lsm hook for it? Alright, yeah just the export needs to be removed. I have a patch series dealing with these callers so will add it to my queue. Luis