From 56b31d1c9f1e6a3ad92e7bfe252721e05d92b285 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sat, 18 Aug 2012 00:25:51 -0400 Subject: unexport sock_map_fd(), switch to sock_alloc_file() Both modular callers of sock_map_fd() had been buggy; sctp one leaks descriptor and file if copy_to_user() fails, 9p one shouldn't be exposing file in the descriptor table at all. Switch both to sock_alloc_file(), export it, unexport sock_map_fd() and make it static. Signed-off-by: Al Viro --- include/linux/net.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'include/linux') diff --git a/include/linux/net.h b/include/linux/net.h index 99276c3..c8a9708 100644 --- a/include/linux/net.h +++ b/include/linux/net.h @@ -65,6 +65,7 @@ typedef enum { struct poll_table_struct; struct pipe_inode_info; struct inode; +struct file; struct net; #define SOCK_ASYNC_NOSPACE 0 @@ -246,7 +247,7 @@ extern int sock_sendmsg(struct socket *sock, struct msghdr *msg, size_t len); extern int sock_recvmsg(struct socket *sock, struct msghdr *msg, size_t size, int flags); -extern int sock_map_fd(struct socket *sock, int flags); +extern struct file *sock_alloc_file(struct socket *sock, int flags); extern struct socket *sockfd_lookup(int fd, int *err); extern struct socket *sock_from_file(struct file *file, int *err); #define sockfd_put(sock) fput(sock->file) -- cgit v1.1 From 1a7bd2265fc57f29400d57f66275cc5918e30aa6 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sun, 12 Aug 2012 17:18:05 -0400 Subject: make get_unused_fd_flags() a function ... and get_unused_fd() a macro around it Signed-off-by: Al Viro --- include/linux/file.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include/linux') diff --git a/include/linux/file.h b/include/linux/file.h index a22408b..86795ec 100644 --- a/include/linux/file.h +++ b/include/linux/file.h @@ -33,8 +33,8 @@ extern struct file *fget_raw_light(unsigned int fd, int *fput_needed); extern void set_close_on_exec(unsigned int fd, int flag); extern void put_filp(struct file *); extern int alloc_fd(unsigned start, unsigned flags); -extern int get_unused_fd(void); -#define get_unused_fd_flags(flags) alloc_fd(0, (flags)) +extern int get_unused_fd_flags(unsigned flags); +#define get_unused_fd() get_unused_fd_flags(0) extern void put_unused_fd(unsigned int fd); extern void fd_install(unsigned int fd, struct file *file); -- cgit v1.1 From dcfadfa4ec5a12404a99ad6426871a6b03a62b37 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sun, 12 Aug 2012 17:27:30 -0400 Subject: new helper: __alloc_fd() Essentially, alloc_fd() in a files_struct we own a reference to. Most of the time wanting to use it is a sign of lousy API design (such as android/binder). It's *not* a general-purpose interface; better that than open-coding its guts, but again, playing with other process' descriptor table is a sign of bad design. Signed-off-by: Al Viro --- include/linux/fdtable.h | 3 +++ 1 file changed, 3 insertions(+) (limited to 'include/linux') diff --git a/include/linux/fdtable.h b/include/linux/fdtable.h index 158a41e..b84ca06 100644 --- a/include/linux/fdtable.h +++ b/include/linux/fdtable.h @@ -125,6 +125,9 @@ void reset_files_struct(struct files_struct *); int unshare_files(struct files_struct **); struct files_struct *dup_fd(struct files_struct *, int *); +extern int __alloc_fd(struct files_struct *files, + unsigned start, unsigned end, unsigned flags); + extern struct kmem_cache *files_cachep; #endif /* __LINUX_FDTABLE_H */ -- cgit v1.1 From 7cf4dc3c8dbfdfde163d4636f621cf99a1f63bfb Mon Sep 17 00:00:00 2001 From: Al Viro Date: Wed, 15 Aug 2012 19:56:12 -0400 Subject: move files_struct-related bits from kernel/exit.c to fs/file.c Signed-off-by: Al Viro --- include/linux/fdtable.h | 6 ------ 1 file changed, 6 deletions(-) (limited to 'include/linux') diff --git a/include/linux/fdtable.h b/include/linux/fdtable.h index b84ca06..3855f4f 100644 --- a/include/linux/fdtable.h +++ b/include/linux/fdtable.h @@ -94,14 +94,8 @@ struct vfsmount; struct dentry; extern int expand_files(struct files_struct *, int nr); -extern void free_fdtable_rcu(struct rcu_head *rcu); extern void __init files_defer_init(void); -static inline void free_fdtable(struct fdtable *fdt) -{ - call_rcu(&fdt->rcu, free_fdtable_rcu); -} - static inline struct file * fcheck_files(struct files_struct *files, unsigned int fd) { struct file * file = NULL; -- cgit v1.1 From f869e8a7f753e3fd43d6483e796774776f645edb Mon Sep 17 00:00:00 2001 From: Al Viro Date: Wed, 15 Aug 2012 21:06:33 -0400 Subject: expose a low-level variant of fd_install() for binder Similar situation to that of __alloc_fd(); do not use unless you really have to. You should not touch any descriptor table other than your own; it's a sure sign of a really bad API design. As with __alloc_fd(), you *must* use a first-class reference to struct files_struct; something obtained by get_files_struct(some task) (let alone direct task->files) will not do. It must be either current->files, or obtained by get_files_struct(current) by the owner of that sucker and given to you. Signed-off-by: Al Viro --- include/linux/fdtable.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'include/linux') diff --git a/include/linux/fdtable.h b/include/linux/fdtable.h index 3855f4f..59d4fc7 100644 --- a/include/linux/fdtable.h +++ b/include/linux/fdtable.h @@ -121,6 +121,8 @@ struct files_struct *dup_fd(struct files_struct *, int *); extern int __alloc_fd(struct files_struct *files, unsigned start, unsigned end, unsigned flags); +extern void __fd_install(struct files_struct *files, + unsigned int fd, struct file *file); extern struct kmem_cache *files_cachep; -- cgit v1.1 From 483ce1d4b8c3b82bc9c9a1dd9dbc44f50b3aaf5a Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sun, 19 Aug 2012 12:04:24 -0400 Subject: take descriptor-related part of close() to file.c Signed-off-by: Al Viro --- include/linux/fdtable.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'include/linux') diff --git a/include/linux/fdtable.h b/include/linux/fdtable.h index 59d4fc7..59488f2 100644 --- a/include/linux/fdtable.h +++ b/include/linux/fdtable.h @@ -123,6 +123,8 @@ extern int __alloc_fd(struct files_struct *files, unsigned start, unsigned end, unsigned flags); extern void __fd_install(struct files_struct *files, unsigned int fd, struct file *file); +extern int __close_fd(struct files_struct *files, + unsigned int fd); extern struct kmem_cache *files_cachep; -- cgit v1.1 From 6a6d27de340c89c5323565b49f7851362619925d Mon Sep 17 00:00:00 2001 From: Al Viro Date: Tue, 21 Aug 2012 09:56:33 -0400 Subject: take close-on-exec logics to fs/file.c, clean it up a bit ... and add cond_resched() there, while we are at it. We can get large latencies as is... Signed-off-by: Al Viro --- include/linux/fdtable.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include/linux') diff --git a/include/linux/fdtable.h b/include/linux/fdtable.h index 59488f2..ef4b213 100644 --- a/include/linux/fdtable.h +++ b/include/linux/fdtable.h @@ -118,6 +118,7 @@ void put_files_struct(struct files_struct *fs); void reset_files_struct(struct files_struct *); int unshare_files(struct files_struct **); struct files_struct *dup_fd(struct files_struct *, int *); +void do_close_on_exec(struct files_struct *); extern int __alloc_fd(struct files_struct *files, unsigned start, unsigned end, unsigned flags); -- cgit v1.1 From fe17f22d7fd0e344ef6447238f799bb49f670c6f Mon Sep 17 00:00:00 2001 From: Al Viro Date: Tue, 21 Aug 2012 11:48:11 -0400 Subject: take purely descriptor-related stuff from fcntl.c to file.c Signed-off-by: Al Viro --- include/linux/file.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'include/linux') diff --git a/include/linux/file.h b/include/linux/file.h index 86795ec..da84fa0 100644 --- a/include/linux/file.h +++ b/include/linux/file.h @@ -30,7 +30,9 @@ extern struct file *fget(unsigned int fd); extern struct file *fget_light(unsigned int fd, int *fput_needed); extern struct file *fget_raw(unsigned int fd); extern struct file *fget_raw_light(unsigned int fd, int *fput_needed); +extern int f_dupfd(unsigned int from, struct file *file, unsigned flags); extern void set_close_on_exec(unsigned int fd, int flag); +extern bool get_close_on_exec(unsigned int fd); extern void put_filp(struct file *); extern int alloc_fd(unsigned start, unsigned flags); extern int get_unused_fd_flags(unsigned flags); -- cgit v1.1 From 8280d16172243702ed43432f826ca6130edb4086 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Tue, 21 Aug 2012 12:11:46 -0400 Subject: new helper: replace_fd() analog of dup2(), except that it takes struct file * as source. Signed-off-by: Al Viro --- include/linux/file.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include/linux') diff --git a/include/linux/file.h b/include/linux/file.h index da84fa0..6239591 100644 --- a/include/linux/file.h +++ b/include/linux/file.h @@ -31,6 +31,7 @@ extern struct file *fget_light(unsigned int fd, int *fput_needed); extern struct file *fget_raw(unsigned int fd); extern struct file *fget_raw_light(unsigned int fd, int *fput_needed); extern int f_dupfd(unsigned int from, struct file *file, unsigned flags); +extern int replace_fd(unsigned fd, struct file *file, unsigned flags); extern void set_close_on_exec(unsigned int fd, int flag); extern bool get_close_on_exec(unsigned int fd); extern void put_filp(struct file *); -- cgit v1.1 From b8318b01a8f7f760ae3ecae052ccc7fc123d9508 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Tue, 21 Aug 2012 20:09:42 -0400 Subject: take __{set,clear}_{open_fd,close_on_exec}() into fs/file.c nobody uses those outside anymore. Signed-off-by: Al Viro --- include/linux/fdtable.h | 20 -------------------- 1 file changed, 20 deletions(-) (limited to 'include/linux') diff --git a/include/linux/fdtable.h b/include/linux/fdtable.h index ef4b213..9ff2631 100644 --- a/include/linux/fdtable.h +++ b/include/linux/fdtable.h @@ -30,31 +30,11 @@ struct fdtable { struct fdtable *next; }; -static inline void __set_close_on_exec(int fd, struct fdtable *fdt) -{ - __set_bit(fd, fdt->close_on_exec); -} - -static inline void __clear_close_on_exec(int fd, struct fdtable *fdt) -{ - __clear_bit(fd, fdt->close_on_exec); -} - static inline bool close_on_exec(int fd, const struct fdtable *fdt) { return test_bit(fd, fdt->close_on_exec); } -static inline void __set_open_fd(int fd, struct fdtable *fdt) -{ - __set_bit(fd, fdt->open_fds); -} - -static inline void __clear_open_fd(int fd, struct fdtable *fdt) -{ - __clear_bit(fd, fdt->open_fds); -} - static inline bool fd_is_open(int fd, const struct fdtable *fdt) { return test_bit(fd, fdt->open_fds); -- cgit v1.1 From ad47bd7252bf402fe7dba92f5240b5ed16832ae7 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Tue, 21 Aug 2012 20:11:34 -0400 Subject: make expand_files() and alloc_fd() static no callers outside of fs/file.c left Signed-off-by: Al Viro --- include/linux/fdtable.h | 1 - include/linux/file.h | 1 - 2 files changed, 2 deletions(-) (limited to 'include/linux') diff --git a/include/linux/fdtable.h b/include/linux/fdtable.h index 9ff2631..de2b71c 100644 --- a/include/linux/fdtable.h +++ b/include/linux/fdtable.h @@ -73,7 +73,6 @@ struct file_operations; struct vfsmount; struct dentry; -extern int expand_files(struct files_struct *, int nr); extern void __init files_defer_init(void); static inline struct file * fcheck_files(struct files_struct *files, unsigned int fd) diff --git a/include/linux/file.h b/include/linux/file.h index 6239591..6eee54a 100644 --- a/include/linux/file.h +++ b/include/linux/file.h @@ -35,7 +35,6 @@ extern int replace_fd(unsigned fd, struct file *file, unsigned flags); extern void set_close_on_exec(unsigned int fd, int flag); extern bool get_close_on_exec(unsigned int fd); extern void put_filp(struct file *); -extern int alloc_fd(unsigned start, unsigned flags); extern int get_unused_fd_flags(unsigned flags); #define get_unused_fd() get_unused_fd_flags(0) extern void put_unused_fd(unsigned int fd); -- cgit v1.1 From c3c073f808b22dfae15ef8412b6f7b998644139a Mon Sep 17 00:00:00 2001 From: Al Viro Date: Tue, 21 Aug 2012 22:32:06 -0400 Subject: new helper: iterate_fd() iterates through the opened files in given descriptor table, calling a supplied function; we stop once non-zero is returned. Callback gets struct file *, descriptor number and const void * argument passed to iterator. It is called with files->file_lock held, so it is not allowed to block. tty_io, netprio_cgroup and selinux flush_unauthorized_files() converted to its use. Signed-off-by: Al Viro --- include/linux/fdtable.h | 3 +++ 1 file changed, 3 insertions(+) (limited to 'include/linux') diff --git a/include/linux/fdtable.h b/include/linux/fdtable.h index de2b71c..fb7daca 100644 --- a/include/linux/fdtable.h +++ b/include/linux/fdtable.h @@ -98,6 +98,9 @@ void reset_files_struct(struct files_struct *); int unshare_files(struct files_struct **); struct files_struct *dup_fd(struct files_struct *, int *); void do_close_on_exec(struct files_struct *); +int iterate_fd(struct files_struct *, unsigned, + int (*)(const void *, struct file *, unsigned), + const void *); extern int __alloc_fd(struct files_struct *files, unsigned start, unsigned end, unsigned flags); -- cgit v1.1 From 864bdb3b6cbd9911222543fef1cfe36f88183f44 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Wed, 22 Aug 2012 18:42:10 -0400 Subject: new helper: daemonize_descriptors() descriptor-related parts of daemonize, done right. As the result we simplify the locking rules for ->files - we hold task_lock in *all* cases when we modify ->files. Signed-off-by: Al Viro --- include/linux/fdtable.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include/linux') diff --git a/include/linux/fdtable.h b/include/linux/fdtable.h index fb7daca..45052aa 100644 --- a/include/linux/fdtable.h +++ b/include/linux/fdtable.h @@ -95,6 +95,7 @@ struct task_struct; struct files_struct *get_files_struct(struct task_struct *); void put_files_struct(struct files_struct *fs); void reset_files_struct(struct files_struct *); +void daemonize_descriptors(void); int unshare_files(struct files_struct **); struct files_struct *dup_fd(struct files_struct *, int *); void do_close_on_exec(struct files_struct *); -- cgit v1.1 From cb0942b81249798e15c3f04eee2946ef543e8115 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Mon, 27 Aug 2012 14:48:26 -0400 Subject: make get_file() return its argument simplifies a bunch of callers... Signed-off-by: Al Viro --- include/linux/fs.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'include/linux') diff --git a/include/linux/fs.h b/include/linux/fs.h index aa11047..de1db1c 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1074,7 +1074,11 @@ struct file_handle { unsigned char f_handle[0]; }; -#define get_file(x) atomic_long_inc(&(x)->f_count) +static inline struct file *get_file(struct file *f) +{ + atomic_long_inc(&f->f_count); + return f; +} #define fput_atomic(x) atomic_long_add_unless(&(x)->f_count, -1, 1) #define file_count(x) atomic_long_read(&(x)->f_count) -- cgit v1.1 From a5b470ba06aa3f96999ede5feba178df6bdb134a Mon Sep 17 00:00:00 2001 From: Al Viro Date: Mon, 27 Aug 2012 19:55:01 -0400 Subject: new helpers: fdget()/fdput() Signed-off-bs: Al Viro --- include/linux/file.h | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) (limited to 'include/linux') diff --git a/include/linux/file.h b/include/linux/file.h index 6eee54a..c38bfbf 100644 --- a/include/linux/file.h +++ b/include/linux/file.h @@ -26,8 +26,34 @@ static inline void fput_light(struct file *file, int fput_needed) fput(file); } +struct fd { + struct file *file; + int need_put; +}; + +static inline void fdput(struct fd fd) +{ + if (fd.need_put) + fput(fd.file); +} + extern struct file *fget(unsigned int fd); extern struct file *fget_light(unsigned int fd, int *fput_needed); + +static inline struct fd fdget(unsigned int fd) +{ + int b; + struct file *f = fget_light(fd, &b); + return (struct fd){f,b}; +} + +static inline struct fd fdget_raw(unsigned int fd) +{ + int b; + struct file *f = fget_raw_light(fd, &b); + return (struct fd){f,b}; +} + extern struct file *fget_raw(unsigned int fd); extern struct file *fget_raw_light(unsigned int fd, int *fput_needed); extern int f_dupfd(unsigned int from, struct file *file, unsigned flags); -- cgit v1.1 From 2903ff019b346ab8d36ebbf54853c3aaf6590608 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Tue, 28 Aug 2012 12:52:22 -0400 Subject: switch simple cases of fget_light to fdget Signed-off-by: Al Viro --- include/linux/file.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'include/linux') diff --git a/include/linux/file.h b/include/linux/file.h index c38bfbf..cbacf4f 100644 --- a/include/linux/file.h +++ b/include/linux/file.h @@ -47,6 +47,9 @@ static inline struct fd fdget(unsigned int fd) return (struct fd){f,b}; } +extern struct file *fget_raw(unsigned int fd); +extern struct file *fget_raw_light(unsigned int fd, int *fput_needed); + static inline struct fd fdget_raw(unsigned int fd) { int b; @@ -54,8 +57,6 @@ static inline struct fd fdget_raw(unsigned int fd) return (struct fd){f,b}; } -extern struct file *fget_raw(unsigned int fd); -extern struct file *fget_raw_light(unsigned int fd, int *fput_needed); extern int f_dupfd(unsigned int from, struct file *file, unsigned flags); extern int replace_fd(unsigned fd, struct file *file, unsigned flags); extern void set_close_on_exec(unsigned int fd, int flag); -- cgit v1.1 From 10c28d937e2cca577c2d804106b50dd0562fb062 Mon Sep 17 00:00:00 2001 From: Alex Kelly Date: Wed, 26 Sep 2012 21:52:08 -0400 Subject: coredump: move core dump functionality into its own file This prepares for making core dump functionality optional. The variable "suid_dumpable" and associated functions are left in fs/exec.c because they're used elsewhere, such as in ptrace. Signed-off-by: Alex Kelly Reviewed-by: Josh Triplett Acked-by: Serge Hallyn Acked-by: Kees Cook Signed-off-by: Andrew Morton Signed-off-by: Al Viro --- include/linux/sched.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include/linux') diff --git a/include/linux/sched.h b/include/linux/sched.h index 23bddac..78041f4 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -405,6 +405,7 @@ static inline void arch_pick_mmap_layout(struct mm_struct *mm) {} extern void set_dumpable(struct mm_struct *mm, int value); extern int get_dumpable(struct mm_struct *mm); +extern int __get_dumpable(unsigned long mm_flags); /* get/set_dumpable() values */ #define SUID_DUMPABLE_DISABLED 0 -- cgit v1.1 From 8f9c0119d7ba94c3ad13876acc240d7f12b6d8e1 Mon Sep 17 00:00:00 2001 From: Catalin Marinas Date: Wed, 19 Sep 2012 12:01:52 +0100 Subject: compat: fs: Generic compat_sys_sendfile implementation This function is used by sparc, powerpc and arm64 for compat support. The patch adds a generic implementation which calls do_sendfile() directly and avoids set_fs(). The sparc architecture has wrappers for the sign extensions while powerpc relies on the compiler to do the this. The patch adds wrappers for powerpc to handle the u32->int type conversion. compat_sys_sendfile64() can be replaced by a sys_sendfile() call since compat_loff_t has the same size as off_t on a 64-bit system. On powerpc, the patch also changes the 64-bit sendfile call from sys_sendile64 to sys_sendfile. Signed-off-by: Catalin Marinas Acked-by: David S. Miller Cc: Arnd Bergmann Cc: Benjamin Herrenschmidt Cc: Paul Mackerras Cc: Alexander Viro Cc: Andrew Morton Signed-off-by: Al Viro --- include/linux/compat.h | 3 +++ 1 file changed, 3 insertions(+) (limited to 'include/linux') diff --git a/include/linux/compat.h b/include/linux/compat.h index 09b28b7..fd4e2995 100644 --- a/include/linux/compat.h +++ b/include/linux/compat.h @@ -590,6 +590,9 @@ asmlinkage ssize_t compat_sys_process_vm_writev(compat_pid_t pid, unsigned long liovcnt, const struct compat_iovec __user *rvec, unsigned long riovcnt, unsigned long flags); +asmlinkage long compat_sys_sendfile(int out_fd, int in_fd, + compat_off_t __user *offset, compat_size_t count); + #else #define is_compat_task() (0) -- cgit v1.1 From 2bd2c1941f141ad780135ccc1cd08ca71a24f10a Mon Sep 17 00:00:00 2001 From: Chuck Lever Date: Mon, 24 Sep 2012 14:51:48 -0400 Subject: MAX_LFS_FILESIZE should be a loff_t MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fs/nfs/internal.h: In function ‘nfs_super_set_maxbytes’: fs/nfs/internal.h:547:21: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] Seen with gcc (GCC) 4.6.3 20120306 (Red Hat 4.6.3-2). Commit 42cb56ae made s_maxbytes a loff_t, thus the type of MAX_LFS_FILESIZE should also be a loff_t. Signed-off-by: Chuck Lever Acked-by: Jeff Layton Signed-off-by: Al Viro --- include/linux/fs.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include/linux') diff --git a/include/linux/fs.h b/include/linux/fs.h index de1db1c..ca6d8c8 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1130,9 +1130,9 @@ static inline int file_check_writeable(struct file *filp) /* Page cache limit. The filesystems should put that into their s_maxbytes limits, otherwise bad things can happen in VM. */ #if BITS_PER_LONG==32 -#define MAX_LFS_FILESIZE (((u64)PAGE_CACHE_SIZE << (BITS_PER_LONG-1))-1) +#define MAX_LFS_FILESIZE (((loff_t)PAGE_CACHE_SIZE << (BITS_PER_LONG-1))-1) #elif BITS_PER_LONG==64 -#define MAX_LFS_FILESIZE 0x7fffffffffffffffUL +#define MAX_LFS_FILESIZE ((loff_t)0x7fffffffffffffff) #endif #define FL_POSIX 1 -- cgit v1.1