diff options
| author | Anatol Pomozov <anatol.pomozov@gmail.com> | 2013-01-15 01:30:00 -0500 |
|---|---|---|
| committer | Miklos Szeredi <mszeredi@suse.cz> | 2013-01-31 11:08:10 -0500 |
| commit | c2132c1bc73d9a279cec148f74ea709c960b3d89 (patch) | |
| tree | 46006804ce8e576513e2844c4696593373cf33a4 | |
| parent | fb05f41f5f96f7423c53da4d87913fb44fd0565d (diff) | |
Do not use RCU for current process credentials
Commit c69e8d9c0 added rcu lock to fuse/dir.c It was assuming
that 'task' is some other process but in fact this parameter always
equals to 'current'. Inline this parameter to make it more readable
and remove RCU lock as it is not needed when access current process
credentials.
Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
| -rw-r--r-- | fs/fuse/dir.c | 22 | ||||
| -rw-r--r-- | fs/fuse/file.c | 2 | ||||
| -rw-r--r-- | fs/fuse/fuse_i.h | 4 | ||||
| -rw-r--r-- | fs/fuse/inode.c | 2 |
4 files changed, 13 insertions, 17 deletions
diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index ed8f8c55ce10..aa0b6ade0e68 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c | |||
| @@ -985,7 +985,7 @@ int fuse_reverse_inval_entry(struct super_block *sb, u64 parent_nodeid, | |||
| 985 | 985 | ||
| 986 | /* | 986 | /* |
| 987 | * Calling into a user-controlled filesystem gives the filesystem | 987 | * Calling into a user-controlled filesystem gives the filesystem |
| 988 | * daemon ptrace-like capabilities over the requester process. This | 988 | * daemon ptrace-like capabilities over the current process. This |
| 989 | * means, that the filesystem daemon is able to record the exact | 989 | * means, that the filesystem daemon is able to record the exact |
| 990 | * filesystem operations performed, and can also control the behavior | 990 | * filesystem operations performed, and can also control the behavior |
| 991 | * of the requester process in otherwise impossible ways. For example | 991 | * of the requester process in otherwise impossible ways. For example |
| @@ -996,27 +996,23 @@ int fuse_reverse_inval_entry(struct super_block *sb, u64 parent_nodeid, | |||
| 996 | * for which the owner of the mount has ptrace privilege. This | 996 | * for which the owner of the mount has ptrace privilege. This |
| 997 | * excludes processes started by other users, suid or sgid processes. | 997 | * excludes processes started by other users, suid or sgid processes. |
| 998 | */ | 998 | */ |
| 999 | int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task) | 999 | int fuse_allow_current_process(struct fuse_conn *fc) |
| 1000 | { | 1000 | { |
| 1001 | const struct cred *cred; | 1001 | const struct cred *cred; |
| 1002 | int ret; | ||
| 1003 | 1002 | ||
| 1004 | if (fc->flags & FUSE_ALLOW_OTHER) | 1003 | if (fc->flags & FUSE_ALLOW_OTHER) |
| 1005 | return 1; | 1004 | return 1; |
| 1006 | 1005 | ||
| 1007 | rcu_read_lock(); | 1006 | cred = current_cred(); |
| 1008 | ret = 0; | ||
| 1009 | cred = __task_cred(task); | ||
| 1010 | if (uid_eq(cred->euid, fc->user_id) && | 1007 | if (uid_eq(cred->euid, fc->user_id) && |
| 1011 | uid_eq(cred->suid, fc->user_id) && | 1008 | uid_eq(cred->suid, fc->user_id) && |
| 1012 | uid_eq(cred->uid, fc->user_id) && | 1009 | uid_eq(cred->uid, fc->user_id) && |
| 1013 | gid_eq(cred->egid, fc->group_id) && | 1010 | gid_eq(cred->egid, fc->group_id) && |
| 1014 | gid_eq(cred->sgid, fc->group_id) && | 1011 | gid_eq(cred->sgid, fc->group_id) && |
| 1015 | gid_eq(cred->gid, fc->group_id)) | 1012 | gid_eq(cred->gid, fc->group_id)) |
| 1016 | ret = 1; | 1013 | return 1; |
| 1017 | rcu_read_unlock(); | ||
| 1018 | 1014 | ||
| 1019 | return ret; | 1015 | return 0; |
| 1020 | } | 1016 | } |
| 1021 | 1017 | ||
| 1022 | static int fuse_access(struct inode *inode, int mask) | 1018 | static int fuse_access(struct inode *inode, int mask) |
| @@ -1077,7 +1073,7 @@ static int fuse_permission(struct inode *inode, int mask) | |||
| 1077 | bool refreshed = false; | 1073 | bool refreshed = false; |
| 1078 | int err = 0; | 1074 | int err = 0; |
| 1079 | 1075 | ||
| 1080 | if (!fuse_allow_task(fc, current)) | 1076 | if (!fuse_allow_current_process(fc)) |
| 1081 | return -EACCES; | 1077 | return -EACCES; |
| 1082 | 1078 | ||
| 1083 | /* | 1079 | /* |
| @@ -1544,7 +1540,7 @@ static int fuse_do_setattr(struct dentry *entry, struct iattr *attr, | |||
| 1544 | loff_t oldsize; | 1540 | loff_t oldsize; |
| 1545 | int err; | 1541 | int err; |
| 1546 | 1542 | ||
| 1547 | if (!fuse_allow_task(fc, current)) | 1543 | if (!fuse_allow_current_process(fc)) |
| 1548 | return -EACCES; | 1544 | return -EACCES; |
| 1549 | 1545 | ||
| 1550 | if (!(fc->flags & FUSE_DEFAULT_PERMISSIONS)) | 1546 | if (!(fc->flags & FUSE_DEFAULT_PERMISSIONS)) |
| @@ -1653,7 +1649,7 @@ static int fuse_getattr(struct vfsmount *mnt, struct dentry *entry, | |||
| 1653 | struct inode *inode = entry->d_inode; | 1649 | struct inode *inode = entry->d_inode; |
| 1654 | struct fuse_conn *fc = get_fuse_conn(inode); | 1650 | struct fuse_conn *fc = get_fuse_conn(inode); |
| 1655 | 1651 | ||
| 1656 | if (!fuse_allow_task(fc, current)) | 1652 | if (!fuse_allow_current_process(fc)) |
| 1657 | return -EACCES; | 1653 | return -EACCES; |
| 1658 | 1654 | ||
| 1659 | return fuse_update_attributes(inode, stat, NULL, NULL); | 1655 | return fuse_update_attributes(inode, stat, NULL, NULL); |
| @@ -1756,7 +1752,7 @@ static ssize_t fuse_listxattr(struct dentry *entry, char *list, size_t size) | |||
| 1756 | struct fuse_getxattr_out outarg; | 1752 | struct fuse_getxattr_out outarg; |
| 1757 | ssize_t ret; | 1753 | ssize_t ret; |
| 1758 | 1754 | ||
| 1759 | if (!fuse_allow_task(fc, current)) | 1755 | if (!fuse_allow_current_process(fc)) |
| 1760 | return -EACCES; | 1756 | return -EACCES; |
| 1761 | 1757 | ||
| 1762 | if (fc->no_listxattr) | 1758 | if (fc->no_listxattr) |
diff --git a/fs/fuse/file.c b/fs/fuse/file.c index 28bc9c672196..a010585b0a74 100644 --- a/fs/fuse/file.c +++ b/fs/fuse/file.c | |||
| @@ -2082,7 +2082,7 @@ long fuse_ioctl_common(struct file *file, unsigned int cmd, | |||
| 2082 | struct inode *inode = file->f_dentry->d_inode; | 2082 | struct inode *inode = file->f_dentry->d_inode; |
| 2083 | struct fuse_conn *fc = get_fuse_conn(inode); | 2083 | struct fuse_conn *fc = get_fuse_conn(inode); |
| 2084 | 2084 | ||
| 2085 | if (!fuse_allow_task(fc, current)) | 2085 | if (!fuse_allow_current_process(fc)) |
| 2086 | return -EACCES; | 2086 | return -EACCES; |
| 2087 | 2087 | ||
| 2088 | if (is_bad_inode(inode)) | 2088 | if (is_bad_inode(inode)) |
diff --git a/fs/fuse/fuse_i.h b/fs/fuse/fuse_i.h index 13befcd29c5b..af51c146a9ae 100644 --- a/fs/fuse/fuse_i.h +++ b/fs/fuse/fuse_i.h | |||
| @@ -774,9 +774,9 @@ void fuse_ctl_remove_conn(struct fuse_conn *fc); | |||
| 774 | int fuse_valid_type(int m); | 774 | int fuse_valid_type(int m); |
| 775 | 775 | ||
| 776 | /** | 776 | /** |
| 777 | * Is task allowed to perform filesystem operation? | 777 | * Is current process allowed to perform filesystem operation? |
| 778 | */ | 778 | */ |
| 779 | int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task); | 779 | int fuse_allow_current_process(struct fuse_conn *fc); |
| 780 | 780 | ||
| 781 | u64 fuse_lock_owner_id(struct fuse_conn *fc, fl_owner_t id); | 781 | u64 fuse_lock_owner_id(struct fuse_conn *fc, fl_owner_t id); |
| 782 | 782 | ||
diff --git a/fs/fuse/inode.c b/fs/fuse/inode.c index 9d95a5a3d55c..79b70deb7cd6 100644 --- a/fs/fuse/inode.c +++ b/fs/fuse/inode.c | |||
| @@ -408,7 +408,7 @@ static int fuse_statfs(struct dentry *dentry, struct kstatfs *buf) | |||
| 408 | struct fuse_statfs_out outarg; | 408 | struct fuse_statfs_out outarg; |
| 409 | int err; | 409 | int err; |
| 410 | 410 | ||
| 411 | if (!fuse_allow_task(fc, current)) { | 411 | if (!fuse_allow_current_process(fc)) { |
| 412 | buf->f_type = FUSE_SUPER_MAGIC; | 412 | buf->f_type = FUSE_SUPER_MAGIC; |
| 413 | return 0; | 413 | return 0; |
| 414 | } | 414 | } |