From 2c48b9c45579a9b5e3e74694eebf3d2451f3dbd3 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sun, 9 Aug 2009 00:52:35 +0400 Subject: switch alloc_file() to passing struct path ... and have the caller grab both mnt and dentry; kill leak in infiniband, while we are at it. Signed-off-by: Al Viro --- ipc/shm.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'ipc') diff --git a/ipc/shm.c b/ipc/shm.c index 11bec626c228..16e39230aa0d 100644 --- a/ipc/shm.c +++ b/ipc/shm.c @@ -878,8 +878,8 @@ long do_shmat(int shmid, char __user *shmaddr, int shmflg, ulong *raddr) if (err) goto out_unlock; - path.dentry = dget(shp->shm_file->f_path.dentry); - path.mnt = shp->shm_file->f_path.mnt; + path = shp->shm_file->f_path; + path_get(&path); shp->shm_nattch++; size = i_size_read(path.dentry->d_inode); shm_unlock(shp); @@ -889,8 +889,8 @@ long do_shmat(int shmid, char __user *shmaddr, int shmflg, ulong *raddr) if (!sfd) goto out_put_dentry; - file = alloc_file(path.mnt, path.dentry, f_mode, - is_file_hugepages(shp->shm_file) ? + file = alloc_file(&path, f_mode, + is_file_hugepages(shp->shm_file) ? &shm_file_operations_huge : &shm_file_operations); if (!file) @@ -950,7 +950,7 @@ out_unlock: out_free: kfree(sfd); out_put_dentry: - dput(path.dentry); + path_put(&path); goto out_nattch; } -- cgit v1.2.3-58-ga151 From 0552f879d45cecc35d8e372a591fc5ed863bca58 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Wed, 16 Dec 2009 04:53:03 -0500 Subject: Untangling ima mess, part 1: alloc_file() There are 2 groups of alloc_file() callers: * ones that are followed by ima_counts_get * ones giving non-regular files So let's pull that ima_counts_get() into alloc_file(); it's a no-op in case of non-regular files. Signed-off-by: Al Viro --- fs/file_table.c | 2 ++ fs/hugetlbfs/inode.c | 2 -- ipc/shm.c | 2 -- mm/shmem.c | 2 -- 4 files changed, 2 insertions(+), 6 deletions(-) (limited to 'ipc') diff --git a/fs/file_table.c b/fs/file_table.c index 361d76be8295..17a55b81be2d 100644 --- a/fs/file_table.c +++ b/fs/file_table.c @@ -21,6 +21,7 @@ #include #include #include +#include #include @@ -190,6 +191,7 @@ struct file *alloc_file(struct path *path, fmode_t mode, error = mnt_clone_write(path->mnt); WARN_ON(error); } + ima_counts_get(file); return file; } diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c index 6bd41525cd71..a0bbd3d1b41a 100644 --- a/fs/hugetlbfs/inode.c +++ b/fs/hugetlbfs/inode.c @@ -30,7 +30,6 @@ #include #include #include -#include #include #include @@ -971,7 +970,6 @@ struct file *hugetlb_file_setup(const char *name, size_t size, int acctflag, &hugetlbfs_file_operations); if (!file) goto out_dentry; /* inode is already attached */ - ima_counts_get(file); return file; diff --git a/ipc/shm.c b/ipc/shm.c index 16e39230aa0d..02620fae8e1f 100644 --- a/ipc/shm.c +++ b/ipc/shm.c @@ -39,7 +39,6 @@ #include #include #include -#include #include @@ -895,7 +894,6 @@ long do_shmat(int shmid, char __user *shmaddr, int shmflg, ulong *raddr) &shm_file_operations); if (!file) goto out_free; - ima_counts_get(file); file->private_data = sfd; file->f_mapping = shp->shm_file->f_mapping; diff --git a/mm/shmem.c b/mm/shmem.c index d2ec7f029ff4..adf8033afd52 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -29,7 +29,6 @@ #include #include #include -#include static struct vfsmount *shm_mnt; @@ -2669,7 +2668,6 @@ struct file *shmem_file_setup(const char *name, loff_t size, unsigned long flags if (!file) goto put_dentry; - ima_counts_get(file); return file; put_dentry: -- cgit v1.2.3-58-ga151 From b65a9cfc2c38eebc33533280b8ad5841caee8b6e Mon Sep 17 00:00:00 2001 From: Al Viro Date: Wed, 16 Dec 2009 06:27:40 -0500 Subject: Untangling ima mess, part 2: deal with counters * do ima_get_count() in __dentry_open() * stop doing that in followups * move ima_path_check() to right after nameidata_to_filp() * don't bump counters on it Signed-off-by: Al Viro --- fs/cachefiles/rdwr.c | 2 -- fs/ecryptfs/main.c | 7 +------ fs/namei.c | 56 +++++++++++++++++++++++----------------------------- fs/nfsd/vfs.c | 2 -- fs/open.c | 2 ++ ipc/mqueue.c | 2 -- 6 files changed, 28 insertions(+), 43 deletions(-) (limited to 'ipc') diff --git a/fs/cachefiles/rdwr.c b/fs/cachefiles/rdwr.c index a6c8c6fe8df9..1d8332563863 100644 --- a/fs/cachefiles/rdwr.c +++ b/fs/cachefiles/rdwr.c @@ -11,7 +11,6 @@ #include #include -#include #include "internal.h" /* @@ -923,7 +922,6 @@ int cachefiles_write_page(struct fscache_storage *op, struct page *page) if (IS_ERR(file)) { ret = PTR_ERR(file); } else { - ima_counts_get(file); ret = -EIO; if (file->f_op->write) { pos = (loff_t) page->index << PAGE_SHIFT; diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c index c6ac85d6c701..101fe4c7b1ee 100644 --- a/fs/ecryptfs/main.c +++ b/fs/ecryptfs/main.c @@ -35,7 +35,6 @@ #include #include #include -#include #include "ecryptfs_kernel.h" /** @@ -119,7 +118,6 @@ int ecryptfs_init_persistent_file(struct dentry *ecryptfs_dentry) const struct cred *cred = current_cred(); struct ecryptfs_inode_info *inode_info = ecryptfs_inode_to_private(ecryptfs_dentry->d_inode); - int opened_lower_file = 0; int rc = 0; mutex_lock(&inode_info->lower_file_mutex); @@ -136,12 +134,9 @@ int ecryptfs_init_persistent_file(struct dentry *ecryptfs_dentry) "for lower_dentry [0x%p] and lower_mnt [0x%p]; " "rc = [%d]\n", lower_dentry, lower_mnt, rc); inode_info->lower_file = NULL; - } else - opened_lower_file = 1; + } } mutex_unlock(&inode_info->lower_file_mutex); - if (opened_lower_file) - ima_counts_get(inode_info->lower_file); return rc; } diff --git a/fs/namei.c b/fs/namei.c index 0f0fcccab19f..c530e5d32f12 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -1461,14 +1461,7 @@ int may_open(struct path *path, int acc_mode, int flag) /* * Ensure there are no outstanding leases on the file. */ - error = break_lease(inode, flag); - if (error) - return error; - - return ima_path_check(path, acc_mode ? - acc_mode & (MAY_READ | MAY_WRITE | MAY_EXEC) : - ACC_MODE(flag) & (MAY_READ | MAY_WRITE), - IMA_COUNT_UPDATE); + return break_lease(inode, flag); } static int handle_truncate(struct path *path) @@ -1688,13 +1681,17 @@ do_last: goto exit; } filp = nameidata_to_filp(&nd, open_flag); - if (IS_ERR(filp)) - ima_counts_put(&nd.path, - acc_mode & (MAY_READ | MAY_WRITE | - MAY_EXEC)); mnt_drop_write(nd.path.mnt); if (nd.root.mnt) path_put(&nd.root); + if (!IS_ERR(filp)) { + error = ima_path_check(&filp->f_path, filp->f_mode & + (MAY_READ | MAY_WRITE | MAY_EXEC), 0); + if (error) { + fput(filp); + filp = ERR_PTR(error); + } + } return filp; } @@ -1748,27 +1745,24 @@ ok: goto exit; } filp = nameidata_to_filp(&nd, open_flag); - if (IS_ERR(filp)) { - ima_counts_put(&nd.path, - acc_mode & (MAY_READ | MAY_WRITE | MAY_EXEC)); - if (will_truncate) - mnt_drop_write(nd.path.mnt); - if (nd.root.mnt) - path_put(&nd.root); - return filp; - } - - if (acc_mode & MAY_WRITE) - vfs_dq_init(nd.path.dentry->d_inode); - - if (will_truncate) { - error = handle_truncate(&nd.path); + if (!IS_ERR(filp)) { + error = ima_path_check(&filp->f_path, filp->f_mode & + (MAY_READ | MAY_WRITE | MAY_EXEC), 0); if (error) { - mnt_drop_write(nd.path.mnt); fput(filp); - if (nd.root.mnt) - path_put(&nd.root); - return ERR_PTR(error); + filp = ERR_PTR(error); + } + } + if (!IS_ERR(filp)) { + if (acc_mode & MAY_WRITE) + vfs_dq_init(nd.path.dentry->d_inode); + + if (will_truncate) { + error = handle_truncate(&nd.path); + if (error) { + fput(filp); + filp = ERR_PTR(error); + } } } /* diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c index a293f0273263..c9942b39654e 100644 --- a/fs/nfsd/vfs.c +++ b/fs/nfsd/vfs.c @@ -744,8 +744,6 @@ nfsd_open(struct svc_rqst *rqstp, struct svc_fh *fhp, int type, flags, current_cred()); if (IS_ERR(*filp)) host_err = PTR_ERR(*filp); - else - ima_counts_get(*filp); out_nfserr: err = nfserrno(host_err); out: diff --git a/fs/open.c b/fs/open.c index d95651e8be9e..ca69241796bd 100644 --- a/fs/open.c +++ b/fs/open.c @@ -30,6 +30,7 @@ #include #include #include +#include #include "internal.h" @@ -857,6 +858,7 @@ static struct file *__dentry_open(struct dentry *dentry, struct vfsmount *mnt, if (error) goto cleanup_all; } + ima_counts_get(f); f->f_flags &= ~(O_CREAT | O_EXCL | O_NOCTTY | O_TRUNC); diff --git a/ipc/mqueue.c b/ipc/mqueue.c index ee9d69707c0a..c79bd57353e7 100644 --- a/ipc/mqueue.c +++ b/ipc/mqueue.c @@ -32,7 +32,6 @@ #include #include #include -#include #include #include "util.h" @@ -734,7 +733,6 @@ SYSCALL_DEFINE4(mq_open, const char __user *, u_name, int, oflag, mode_t, mode, error = PTR_ERR(filp); goto out_putfd; } - ima_counts_get(filp); fd_install(fd, filp); goto out_upsem; -- cgit v1.2.3-58-ga151