summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2019-01-05 16:18:59 -0500
committerLinus Torvalds <torvalds@linux-foundation.org>2019-01-05 16:18:59 -0500
commit9b286efeb5eb5aaa2712873fc1f928b2f879dbde (patch)
tree42c5509700421853533443a3e042fe2ac46a0f37
parent47f3f4eb7834ea424b0704bffd0d3e3c8ffbc3a1 (diff)
parente4f2283cc6ffefbe414317a0d89b602811b577ac (diff)
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull trivial vfs updates from Al Viro: "A few cleanups + Neil's namespace_unlock() optimization" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: exec: make prepare_bprm_creds static genheaders: %-<width>s had been there since v6; %-*s - since v7 VFS: use synchronize_rcu_expedited() in namespace_unlock() iov_iter: reduce code duplication
Diffstat
-rw-r--r--fs/exec.c2
-rw-r--r--fs/namespace.c2
-rw-r--r--include/linux/binfmts.h1
-rw-r--r--lib/iov_iter.c54
-rw-r--r--scripts/selinux/genheaders/genheaders.c29
5 files changed, 38 insertions, 50 deletions
diff --git a/fs/exec.c b/fs/exec.c
index 44320d893f1a..fb72d36f7823 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1402,7 +1402,7 @@ EXPORT_SYMBOL(finalize_exec);
1402 * Or, if exec fails before, free_bprm() should release ->cred and 1402 * Or, if exec fails before, free_bprm() should release ->cred and
1403 * and unlock. 1403 * and unlock.
1404 */ 1404 */
1405int prepare_bprm_creds(struct linux_binprm *bprm) 1405static int prepare_bprm_creds(struct linux_binprm *bprm)
1406{ 1406{
1407 if (mutex_lock_interruptible(&current->signal->cred_guard_mutex)) 1407 if (mutex_lock_interruptible(&current->signal->cred_guard_mutex))
1408 return -ERESTARTNOINTR; 1408 return -ERESTARTNOINTR;
diff --git a/fs/namespace.c b/fs/namespace.c
index 97b7c7098c3d..9b0140e7d8da 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1360,7 +1360,7 @@ static void namespace_unlock(void)
1360 if (likely(hlist_empty(&head))) 1360 if (likely(hlist_empty(&head)))
1361 return; 1361 return;
1362 1362
1363 synchronize_rcu(); 1363 synchronize_rcu_expedited();
1364 1364
1365 group_pin_kill(&head); 1365 group_pin_kill(&head);
1366} 1366}
diff --git a/include/linux/binfmts.h b/include/linux/binfmts.h
index 03200a8c0178..688ab0de7810 100644
--- a/include/linux/binfmts.h
+++ b/include/linux/binfmts.h
@@ -139,7 +139,6 @@ extern int transfer_args_to_stack(struct linux_binprm *bprm,
139extern int bprm_change_interp(const char *interp, struct linux_binprm *bprm); 139extern int bprm_change_interp(const char *interp, struct linux_binprm *bprm);
140extern int copy_strings_kernel(int argc, const char *const *argv, 140extern int copy_strings_kernel(int argc, const char *const *argv,
141 struct linux_binprm *bprm); 141 struct linux_binprm *bprm);
142extern int prepare_bprm_creds(struct linux_binprm *bprm);
143extern void install_exec_creds(struct linux_binprm *bprm); 142extern void install_exec_creds(struct linux_binprm *bprm);
144extern void set_binfmt(struct linux_binfmt *new); 143extern void set_binfmt(struct linux_binfmt *new);
145extern ssize_t read_code(struct file *, unsigned long, loff_t, size_t); 144extern ssize_t read_code(struct file *, unsigned long, loff_t, size_t);
diff --git a/lib/iov_iter.c b/lib/iov_iter.c
index c93870987b58..be4bd627caf0 100644
--- a/lib/iov_iter.c
+++ b/lib/iov_iter.c
@@ -561,13 +561,20 @@ static size_t copy_pipe_to_iter(const void *addr, size_t bytes,
561 return bytes; 561 return bytes;
562} 562}
563 563
564static __wsum csum_and_memcpy(void *to, const void *from, size_t len,
565 __wsum sum, size_t off)
566{
567 __wsum next = csum_partial_copy_nocheck(from, to, len, 0);
568 return csum_block_add(sum, next, off);
569}
570
564static size_t csum_and_copy_to_pipe_iter(const void *addr, size_t bytes, 571static size_t csum_and_copy_to_pipe_iter(const void *addr, size_t bytes,
565 __wsum *csum, struct iov_iter *i) 572 __wsum *csum, struct iov_iter *i)
566{ 573{
567 struct pipe_inode_info *pipe = i->pipe; 574 struct pipe_inode_info *pipe = i->pipe;
568 size_t n, r; 575 size_t n, r;
569 size_t off = 0; 576 size_t off = 0;
570 __wsum sum = *csum, next; 577 __wsum sum = *csum;
571 int idx; 578 int idx;
572 579
573 if (!sanity(i)) 580 if (!sanity(i))
@@ -579,8 +586,7 @@ static size_t csum_and_copy_to_pipe_iter(const void *addr, size_t bytes,
579 for ( ; n; idx = next_idx(idx, pipe), r = 0) { 586 for ( ; n; idx = next_idx(idx, pipe), r = 0) {
580 size_t chunk = min_t(size_t, n, PAGE_SIZE - r); 587 size_t chunk = min_t(size_t, n, PAGE_SIZE - r);
581 char *p = kmap_atomic(pipe->bufs[idx].page); 588 char *p = kmap_atomic(pipe->bufs[idx].page);
582 next = csum_partial_copy_nocheck(addr, p + r, chunk, 0); 589 sum = csum_and_memcpy(p + r, addr, chunk, sum, off);
583 sum = csum_block_add(sum, next, off);
584 kunmap_atomic(p); 590 kunmap_atomic(p);
585 i->idx = idx; 591 i->idx = idx;
586 i->iov_offset = r + chunk; 592 i->iov_offset = r + chunk;
@@ -1401,17 +1407,15 @@ size_t csum_and_copy_from_iter(void *addr, size_t bytes, __wsum *csum,
1401 err ? v.iov_len : 0; 1407 err ? v.iov_len : 0;
1402 }), ({ 1408 }), ({
1403 char *p = kmap_atomic(v.bv_page); 1409 char *p = kmap_atomic(v.bv_page);
1404 next = csum_partial_copy_nocheck(p + v.bv_offset, 1410 sum = csum_and_memcpy((to += v.bv_len) - v.bv_len,
1405 (to += v.bv_len) - v.bv_len, 1411 p + v.bv_offset, v.bv_len,
1406 v.bv_len, 0); 1412 sum, off);
1407 kunmap_atomic(p); 1413 kunmap_atomic(p);
1408 sum = csum_block_add(sum, next, off);
1409 off += v.bv_len; 1414 off += v.bv_len;
1410 }),({ 1415 }),({
1411 next = csum_partial_copy_nocheck(v.iov_base, 1416 sum = csum_and_memcpy((to += v.iov_len) - v.iov_len,
1412 (to += v.iov_len) - v.iov_len, 1417 v.iov_base, v.iov_len,
1413 v.iov_len, 0); 1418 sum, off);
1414 sum = csum_block_add(sum, next, off);
1415 off += v.iov_len; 1419 off += v.iov_len;
1416 }) 1420 })
1417 ) 1421 )
@@ -1445,17 +1449,15 @@ bool csum_and_copy_from_iter_full(void *addr, size_t bytes, __wsum *csum,
1445 0; 1449 0;
1446 }), ({ 1450 }), ({
1447 char *p = kmap_atomic(v.bv_page); 1451 char *p = kmap_atomic(v.bv_page);
1448 next = csum_partial_copy_nocheck(p + v.bv_offset, 1452 sum = csum_and_memcpy((to += v.bv_len) - v.bv_len,
1449 (to += v.bv_len) - v.bv_len, 1453 p + v.bv_offset, v.bv_len,
1450 v.bv_len, 0); 1454 sum, off);
1451 kunmap_atomic(p); 1455 kunmap_atomic(p);
1452 sum = csum_block_add(sum, next, off);
1453 off += v.bv_len; 1456 off += v.bv_len;
1454 }),({ 1457 }),({
1455 next = csum_partial_copy_nocheck(v.iov_base, 1458 sum = csum_and_memcpy((to += v.iov_len) - v.iov_len,
1456 (to += v.iov_len) - v.iov_len, 1459 v.iov_base, v.iov_len,
1457 v.iov_len, 0); 1460 sum, off);
1458 sum = csum_block_add(sum, next, off);
1459 off += v.iov_len; 1461 off += v.iov_len;
1460 }) 1462 })
1461 ) 1463 )
@@ -1493,17 +1495,15 @@ size_t csum_and_copy_to_iter(const void *addr, size_t bytes, void *csump,
1493 err ? v.iov_len : 0; 1495 err ? v.iov_len : 0;
1494 }), ({ 1496 }), ({
1495 char *p = kmap_atomic(v.bv_page); 1497 char *p = kmap_atomic(v.bv_page);
1496 next = csum_partial_copy_nocheck((from += v.bv_len) - v.bv_len, 1498 sum = csum_and_memcpy(p + v.bv_offset,
1497 p + v.bv_offset, 1499 (from += v.bv_len) - v.bv_len,
1498 v.bv_len, 0); 1500 v.bv_len, sum, off);
1499 kunmap_atomic(p); 1501 kunmap_atomic(p);
1500 sum = csum_block_add(sum, next, off);
1501 off += v.bv_len; 1502 off += v.bv_len;
1502 }),({ 1503 }),({
1503 next = csum_partial_copy_nocheck((from += v.iov_len) - v.iov_len, 1504 sum = csum_and_memcpy(v.iov_base,
1504 v.iov_base, 1505 (from += v.iov_len) - v.iov_len,
1505 v.iov_len, 0); 1506 v.iov_len, sum, off);
1506 sum = csum_block_add(sum, next, off);
1507 off += v.iov_len; 1507 off += v.iov_len;
1508 }) 1508 })
1509 ) 1509 )
diff --git a/scripts/selinux/genheaders/genheaders.c b/scripts/selinux/genheaders/genheaders.c
index fa48fabcb330..1ceedea847dd 100644
--- a/scripts/selinux/genheaders/genheaders.c
+++ b/scripts/selinux/genheaders/genheaders.c
@@ -19,8 +19,6 @@ struct security_class_mapping {
19#include "classmap.h" 19#include "classmap.h"
20#include "initial_sid_to_string.h" 20#include "initial_sid_to_string.h"
21 21
22#define max(x, y) (((int)(x) > (int)(y)) ? x : y)
23
24const char *progname; 22const char *progname;
25 23
26static void usage(void) 24static void usage(void)
@@ -46,11 +44,9 @@ static char *stoupperx(const char *s)
46 44
47int main(int argc, char *argv[]) 45int main(int argc, char *argv[])
48{ 46{
49 int i, j, k; 47 int i, j;
50 int isids_len; 48 int isids_len;
51 FILE *fout; 49 FILE *fout;
52 const char *needle = "SOCKET";
53 char *substr;
54 50
55 progname = argv[0]; 51 progname = argv[0];
56 52
@@ -80,20 +76,14 @@ int main(int argc, char *argv[])
80 76
81 for (i = 0; secclass_map[i].name; i++) { 77 for (i = 0; secclass_map[i].name; i++) {
82 struct security_class_mapping *map = &secclass_map[i]; 78 struct security_class_mapping *map = &secclass_map[i];
83 fprintf(fout, "#define SECCLASS_%s", map->name); 79 fprintf(fout, "#define SECCLASS_%-39s %2d\n", map->name, i+1);
84 for (j = 0; j < max(1, 40 - strlen(map->name)); j++)
85 fprintf(fout, " ");
86 fprintf(fout, "%2d\n", i+1);
87 } 80 }
88 81
89 fprintf(fout, "\n"); 82 fprintf(fout, "\n");
90 83
91 for (i = 1; i < isids_len; i++) { 84 for (i = 1; i < isids_len; i++) {
92 const char *s = initial_sid_to_string[i]; 85 const char *s = initial_sid_to_string[i];
93 fprintf(fout, "#define SECINITSID_%s", s); 86 fprintf(fout, "#define SECINITSID_%-39s %2d\n", s, i);
94 for (j = 0; j < max(1, 40 - strlen(s)); j++)
95 fprintf(fout, " ");
96 fprintf(fout, "%2d\n", i);
97 } 87 }
98 fprintf(fout, "\n#define SECINITSID_NUM %d\n", i-1); 88 fprintf(fout, "\n#define SECINITSID_NUM %d\n", i-1);
99 fprintf(fout, "\nstatic inline bool security_is_socket_class(u16 kern_tclass)\n"); 89 fprintf(fout, "\nstatic inline bool security_is_socket_class(u16 kern_tclass)\n");
@@ -101,9 +91,10 @@ int main(int argc, char *argv[])
101 fprintf(fout, "\tbool sock = false;\n\n"); 91 fprintf(fout, "\tbool sock = false;\n\n");
102 fprintf(fout, "\tswitch (kern_tclass) {\n"); 92 fprintf(fout, "\tswitch (kern_tclass) {\n");
103 for (i = 0; secclass_map[i].name; i++) { 93 for (i = 0; secclass_map[i].name; i++) {
94 static char s[] = "SOCKET";
104 struct security_class_mapping *map = &secclass_map[i]; 95 struct security_class_mapping *map = &secclass_map[i];
105 substr = strstr(map->name, needle); 96 int len = strlen(map->name), l = sizeof(s) - 1;
106 if (substr && strcmp(substr, needle) == 0) 97 if (len >= l && memcmp(map->name + len - l, s, l) == 0)
107 fprintf(fout, "\tcase SECCLASS_%s:\n", map->name); 98 fprintf(fout, "\tcase SECCLASS_%s:\n", map->name);
108 } 99 }
109 fprintf(fout, "\t\tsock = true;\n"); 100 fprintf(fout, "\t\tsock = true;\n");
@@ -129,17 +120,15 @@ int main(int argc, char *argv[])
129 120
130 for (i = 0; secclass_map[i].name; i++) { 121 for (i = 0; secclass_map[i].name; i++) {
131 struct security_class_mapping *map = &secclass_map[i]; 122 struct security_class_mapping *map = &secclass_map[i];
123 int len = strlen(map->name);
132 for (j = 0; map->perms[j]; j++) { 124 for (j = 0; map->perms[j]; j++) {
133 if (j >= 32) { 125 if (j >= 32) {
134 fprintf(stderr, "Too many permissions to fit into an access vector at (%s, %s).\n", 126 fprintf(stderr, "Too many permissions to fit into an access vector at (%s, %s).\n",
135 map->name, map->perms[j]); 127 map->name, map->perms[j]);
136 exit(5); 128 exit(5);
137 } 129 }
138 fprintf(fout, "#define %s__%s", map->name, 130 fprintf(fout, "#define %s__%-*s 0x%08xU\n", map->name,
139 map->perms[j]); 131 39-len, map->perms[j], 1U<<j);
140 for (k = 0; k < max(1, 40 - strlen(map->name) - strlen(map->perms[j])); k++)
141 fprintf(fout, " ");
142 fprintf(fout, "0x%08xU\n", (1<<j));
143 } 132 }
144 } 133 }
145 134
generated by cgit v1.2.2 (git 2.25.0) at 2025-09-12 12:09:44 -0400