Received: by 2002:a25:1104:0:0:0:0:0 with SMTP id 4csp629612ybr; Fri, 22 May 2020 15:17:03 -0700 (PDT) X-Google-Smtp-Source: ABdhPJygJDOd0IdnL1d1uuqAiHI31p9Klan51RzN1YtvVdKgQV6CRQdKQ891K/6hFfhAkyieSizM X-Received: by 2002:a17:906:f1cf:: with SMTP id gx15mr9837757ejb.471.1590185822939; Fri, 22 May 2020 15:17:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1590185822; cv=none; d=google.com; s=arc-20160816; b=Kit5tx1oyvAzSjoIastKIxdXi1dyNtjJDcyg0XXvIrn+so3V2b8FJxKLyAQQ+2o+e/ fcW6FCTcXK0AxMHwaQbCtPev3+KNIVeulWV+x3vMzSzXQOI5kUTgsVkCtRTZ5HsSLGvW LIOcJmH8ZDqpvKqXuML2CsZazGRRFUpzhJ8TjfXjIZKmXbEo515aYZLDoaQDMB/1G+Kw fDjvOfpDneR4k9d+SgYK0vnoyMmCjhIy9I60LMkyYyaeo37tgTfdS3Sq3Sf8jgiY1XLF c5QFVuYnU9TOPxtbwisK4lG+ydolSX1hsBTLeIJz5Gj3tBQlelZIPT4bGez85Lt/JLJw XLCg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :message-id:references:cc:to:from:subject:dkim-signature; bh=S/stJk0STsDchWWcNppinxUmms4bbqR7NgPSokrOceo=; b=09oi7y2GttNJQo/9w6Pl3N7T92qhVV1byAAhkwNy2YilbAnkXiI+0D2l+CGUj9a7DW rklzOWrcHSP7L5vzeCru4mS79nxT6FINtsfAoiwjYYLMoqWgTKOhpgXcImw8n349L1Lz ft94zla1qUT7WRAy3fi5JpIbt1kMpfeNGLP1gd8Ua3E4M2ltnOWfmUWbZDzS/jJswEgc bYEuuramPzuqbVcUIDZo9InUIFKsl6JBToqRwP9qPHoeImZEh1HpD9b46f8IH21XIhiD 0ciCw8juNiH16qC8zi3H4Jhv/j07zn6wvVhWjq6hmNwuKQxfaIR0DOnwqXEAC1QlhQQO BxWg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@broadcom.com header.s=google header.b=PmzMc1A3; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=broadcom.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id pk2si2998536ejb.363.2020.05.22.15.16.40; Fri, 22 May 2020 15:17:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@broadcom.com header.s=google header.b=PmzMc1A3; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=broadcom.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731142AbgEVWPL (ORCPT + 99 others); Fri, 22 May 2020 18:15:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41622 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731117AbgEVWPK (ORCPT ); Fri, 22 May 2020 18:15:10 -0400 Received: from mail-pg1-x541.google.com (mail-pg1-x541.google.com [IPv6:2607:f8b0:4864:20::541]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 45CBFC061A0E for ; Fri, 22 May 2020 15:15:10 -0700 (PDT) Received: by mail-pg1-x541.google.com with SMTP id p21so5632951pgm.13 for ; Fri, 22 May 2020 15:15:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; h=subject:from:to:cc:references:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding:content-language; bh=S/stJk0STsDchWWcNppinxUmms4bbqR7NgPSokrOceo=; b=PmzMc1A3bv0cdDO6gy5pV3cfYwofz+ExRxro+KvdU+1AO9aKDU4k2v3ZbsYFNpXYM3 ujV76XGl4DZh1QfkTopVsN2B3S1yt3GaKfDHFhNpsz7M+qtRhMm0TGgMlYg4uhcoaT78 5rcALuJn/0tGohe2U8KpbkBQAWyAqJssSuTIk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:from:to:cc:references:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=S/stJk0STsDchWWcNppinxUmms4bbqR7NgPSokrOceo=; b=jnoiLXXohX+9nqBzE16VeUYw+683b3gRZxq+y18CkNamaUhm5TBcn9QuiDWOJCA36o JPPrLj5O5ca1Rn6fWgz+8vH183t8pbGY9hn1S4+CQ4mw7l2DN5qrUMVeZ8ggWKUTLeln VF7Te/Dwr5GIoON0OPL0ULoSbw2DjtFmWG2AWXOPySXpYQV6W/Oj0heDVsgm/5tj59Y9 zifkzs/opXEd4HHfc/hchKL4WA5/R0VFrWCeiqEBtAxRvZAEjCubUNIVzD1050Tr6tnS hzFNNASa2IswyADWdUe8f9uQxp7QZwopoVRdP1cIdZU+RejBCjZlJaqg3PuRQtsdbGAk 0Vmw== X-Gm-Message-State: AOAM533ttHy9bP2EHRzGFua2grBYkcxN/h3YvP3IVEGmlHW8AGhwyPTY ZZFqst0MsFGkpKutukDN9KNjk/wWJpE/9VNQro4iHUR3ywsVySFhvJKs3h3trZipPt4WUIKuekD n76McO7QUq5jSItrAZi1qSGMZtOPqIdP6byltu4szjDfCso7LiVaxj2KhnpdNtjLBRTbil7bW3p eR8zlxeYIM X-Received: by 2002:a65:4107:: with SMTP id w7mr11958661pgp.226.1590185709221; Fri, 22 May 2020 15:15:09 -0700 (PDT) Received: from [10.136.13.65] ([192.19.228.250]) by smtp.gmail.com with ESMTPSA id v2sm7516686pje.52.2020.05.22.15.15.01 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 22 May 2020 15:15:08 -0700 (PDT) Subject: Re: [PATCH v2 2/2] fs: avoid fdput() after failed fdget() in kernel_read_file_from_fd() From: Scott Branden To: Luis Chamberlain , Al Viro , Kees Cook , Mimi Zohar , linux-security-module , James Morris , "Serge E. Hallyn" , Alexei Starovoitov , Daniel Borkmann , Martin KaFai Lau , Song Liu , Yonghong Song , Andrii Nakryiko , John Fastabend , KP Singh Cc: Shuah Khan , Jens Axboe , Linux FS Devel , "linux-kernel@vger.kernel.org" References: <1159d74f88d100521c568037327ebc8ec7ffc6ef.1589311577.git.skhan@linuxfoundation.org> <20200513054950.GT23230@ZenIV.linux.org.uk> <20200513131335.GN11244@42.do-not-panic.com> <2d298b41-ab6f-5834-19d2-7d3739470b5f@broadcom.com> Message-ID: <075ae77b-000b-c00f-b425-59105dc2584a@broadcom.com> Date: Fri, 22 May 2020 15:14:59 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0 MIME-Version: 1.0 In-Reply-To: <2d298b41-ab6f-5834-19d2-7d3739470b5f@broadcom.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2020-05-22 2:59 p.m., Scott Branden wrote: > Hi Luis, > > On 2020-05-13 7:19 a.m., Luis Chamberlain wrote: >> On Wed, May 13, 2020 at 7:13 AM Luis Chamberlain >> wrote: >>> On Wed, May 13, 2020 at 06:49:50AM +0100, Al Viro wrote: >>>> On Tue, May 12, 2020 at 01:43:05PM -0600, Shuah Khan wrote: >>>>> diff --git a/fs/exec.c b/fs/exec.c >>>>> index 06b4c550af5d..ea24bdce939d 100644 >>>>> --- a/fs/exec.c >>>>> +++ b/fs/exec.c >>>>> @@ -1021,8 +1021,8 @@ int kernel_read_file_from_fd(int fd, void >>>>> **buf, loff_t *size, loff_t max_size, >>>>>              goto out; >>>>> >>>>>      ret = kernel_read_file(f.file, buf, size, max_size, id); >>>>> -out: >>>>>      fdput(f); >>>>> +out: >>>>>      return ret; >>>> Incidentally, why is that thing exported? >>> Both kernel_read_file_from_fd() and kernel_read_file() are exported >>> because they have users, however kernel_read_file() only has security >>> stuff as a user. Do we want to get rid of the lsm hook for it? >> Alright, yeah just the export needs to be removed. I have a patch >> series dealing with these callers so will add it to my queue. > When will these changes make it into linux-next? > It is difficult for me to complete my patch series without these other > misc. changes in place. Sorry, I see the patch series is still being worked on (missing changelog, comments, etc). Hopefully the patches stabilize so I can apply my changes on top fairly soon. >> >>    Luis > Regards, >  Scott