Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Pull trivial vfs updates from Al Viro:
"A few cleanups + Neil's namespace_unlock() optimization"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
exec: make prepare_bprm_creds static
genheaders: %-<width>s had been there since v6; %-*s - since v7
VFS: use synchronize_rcu_expedited() in namespace_unlock()
iov_iter: reduce code duplication

Linus Torvalds 7 years ago 9b286efe 47f3f4eb

+38 -50

5 changed files

expand all

exec.c

namespace.c

include

linux

binfmts.h

lib

iov_iter.c

scripts

selinux

genheaders

genheaders.c

+1 -1

fs/exec.c

··· 1402 1402 * Or, if exec fails before, free_bprm() should release ->cred and 1403 1403 * and unlock. 1404 1404 */ 1405 - int prepare_bprm_creds(struct linux_binprm *bprm) 1405 + static int prepare_bprm_creds(struct linux_binprm *bprm) 1406 1406 { 1407 1407 if (mutex_lock_interruptible(&current->signal->cred_guard_mutex)) 1408 1408 return -ERESTARTNOINTR;

+1 -1

fs/namespace.c

··· 1360 1360 if (likely(hlist_empty(&head))) 1361 1361 return; 1362 1362 1363 - synchronize_rcu(); 1363 + synchronize_rcu_expedited(); 1364 1364 1365 1365 group_pin_kill(&head); 1366 1366 }

-1

include/linux/binfmts.h

··· 139 139 extern int bprm_change_interp(const char *interp, struct linux_binprm *bprm); 140 140 extern int copy_strings_kernel(int argc, const char *const *argv, 141 141 struct linux_binprm *bprm); 142 - extern int prepare_bprm_creds(struct linux_binprm *bprm); 143 142 extern void install_exec_creds(struct linux_binprm *bprm); 144 143 extern void set_binfmt(struct linux_binfmt *new); 145 144 extern ssize_t read_code(struct file *, unsigned long, loff_t, size_t);

+27 -27

lib/iov_iter.c

··· 561 561 return bytes; 562 562 } 563 563 564 + static __wsum csum_and_memcpy(void *to, const void *from, size_t len, 565 + __wsum sum, size_t off) 566 + { 567 + __wsum next = csum_partial_copy_nocheck(from, to, len, 0); 568 + return csum_block_add(sum, next, off); 569 + } 570 + 564 571 static size_t csum_and_copy_to_pipe_iter(const void *addr, size_t bytes, 565 572 __wsum *csum, struct iov_iter *i) 566 573 { 567 574 struct pipe_inode_info *pipe = i->pipe; 568 575 size_t n, r; 569 576 size_t off = 0; 570 - __wsum sum = *csum, next; 577 + __wsum sum = *csum; 571 578 int idx; 572 579 573 580 if (!sanity(i)) ··· 586 579 for ( ; n; idx = next_idx(idx, pipe), r = 0) { 587 580 size_t chunk = min_t(size_t, n, PAGE_SIZE - r); 588 581 char *p = kmap_atomic(pipe->bufs[idx].page); 589 - next = csum_partial_copy_nocheck(addr, p + r, chunk, 0); 590 - sum = csum_block_add(sum, next, off); 582 + sum = csum_and_memcpy(p + r, addr, chunk, sum, off); 591 583 kunmap_atomic(p); 592 584 i->idx = idx; 593 585 i->iov_offset = r + chunk; ··· 1407 1401 err ? v.iov_len : 0; 1408 1402 }), ({ 1409 1403 char *p = kmap_atomic(v.bv_page); 1410 - next = csum_partial_copy_nocheck(p + v.bv_offset, 1411 - (to += v.bv_len) - v.bv_len, 1412 - v.bv_len, 0); 1404 + sum = csum_and_memcpy((to += v.bv_len) - v.bv_len, 1405 + p + v.bv_offset, v.bv_len, 1406 + sum, off); 1413 1407 kunmap_atomic(p); 1414 - sum = csum_block_add(sum, next, off); 1415 1408 off += v.bv_len; 1416 1409 }),({ 1417 - next = csum_partial_copy_nocheck(v.iov_base, 1418 - (to += v.iov_len) - v.iov_len, 1419 - v.iov_len, 0); 1420 - sum = csum_block_add(sum, next, off); 1410 + sum = csum_and_memcpy((to += v.iov_len) - v.iov_len, 1411 + v.iov_base, v.iov_len, 1412 + sum, off); 1421 1413 off += v.iov_len; 1422 1414 }) 1423 1415 ) ··· 1449 1445 0; 1450 1446 }), ({ 1451 1447 char *p = kmap_atomic(v.bv_page); 1452 - next = csum_partial_copy_nocheck(p + v.bv_offset, 1453 - (to += v.bv_len) - v.bv_len, 1454 - v.bv_len, 0); 1448 + sum = csum_and_memcpy((to += v.bv_len) - v.bv_len, 1449 + p + v.bv_offset, v.bv_len, 1450 + sum, off); 1455 1451 kunmap_atomic(p); 1456 - sum = csum_block_add(sum, next, off); 1457 1452 off += v.bv_len; 1458 1453 }),({ 1459 - next = csum_partial_copy_nocheck(v.iov_base, 1460 - (to += v.iov_len) - v.iov_len, 1461 - v.iov_len, 0); 1462 - sum = csum_block_add(sum, next, off); 1454 + sum = csum_and_memcpy((to += v.iov_len) - v.iov_len, 1455 + v.iov_base, v.iov_len, 1456 + sum, off); 1463 1457 off += v.iov_len; 1464 1458 }) 1465 1459 ) ··· 1495 1493 err ? v.iov_len : 0; 1496 1494 }), ({ 1497 1495 char *p = kmap_atomic(v.bv_page); 1498 - next = csum_partial_copy_nocheck((from += v.bv_len) - v.bv_len, 1499 - p + v.bv_offset, 1500 - v.bv_len, 0); 1496 + sum = csum_and_memcpy(p + v.bv_offset, 1497 + (from += v.bv_len) - v.bv_len, 1498 + v.bv_len, sum, off); 1501 1499 kunmap_atomic(p); 1502 - sum = csum_block_add(sum, next, off); 1503 1500 off += v.bv_len; 1504 1501 }),({ 1505 - next = csum_partial_copy_nocheck((from += v.iov_len) - v.iov_len, 1506 - v.iov_base, 1507 - v.iov_len, 0); 1508 - sum = csum_block_add(sum, next, off); 1502 + sum = csum_and_memcpy(v.iov_base, 1503 + (from += v.iov_len) - v.iov_len, 1504 + v.iov_len, sum, off); 1509 1505 off += v.iov_len; 1510 1506 }) 1511 1507 )

+9 -20

scripts/selinux/genheaders/genheaders.c

··· 19 19 #include "classmap.h" 20 20 #include "initial_sid_to_string.h" 21 21 22 - #define max(x, y) (((int)(x) > (int)(y)) ? x : y) 23 - 24 22 const char *progname; 25 23 26 24 static void usage(void) ··· 44 46 45 47 int main(int argc, char *argv[]) 46 48 { 47 - int i, j, k; 49 + int i, j; 48 50 int isids_len; 49 51 FILE *fout; 50 - const char *needle = "SOCKET"; 51 - char *substr; 52 52 53 53 progname = argv[0]; 54 54 ··· 76 80 77 81 for (i = 0; secclass_map[i].name; i++) { 78 82 struct security_class_mapping *map = &secclass_map[i]; 79 - fprintf(fout, "#define SECCLASS_%s", map->name); 80 - for (j = 0; j < max(1, 40 - strlen(map->name)); j++) 81 - fprintf(fout, " "); 82 - fprintf(fout, "%2d\n", i+1); 83 + fprintf(fout, "#define SECCLASS_%-39s %2d\n", map->name, i+1); 83 84 } 84 85 85 86 fprintf(fout, "\n"); 86 87 87 88 for (i = 1; i < isids_len; i++) { 88 89 const char *s = initial_sid_to_string[i]; 89 - fprintf(fout, "#define SECINITSID_%s", s); 90 - for (j = 0; j < max(1, 40 - strlen(s)); j++) 91 - fprintf(fout, " "); 92 - fprintf(fout, "%2d\n", i); 90 + fprintf(fout, "#define SECINITSID_%-39s %2d\n", s, i); 93 91 } 94 92 fprintf(fout, "\n#define SECINITSID_NUM %d\n", i-1); 95 93 fprintf(fout, "\nstatic inline bool security_is_socket_class(u16 kern_tclass)\n"); ··· 91 101 fprintf(fout, "\tbool sock = false;\n\n"); 92 102 fprintf(fout, "\tswitch (kern_tclass) {\n"); 93 103 for (i = 0; secclass_map[i].name; i++) { 104 + static char s[] = "SOCKET"; 94 105 struct security_class_mapping *map = &secclass_map[i]; 95 - substr = strstr(map->name, needle); 96 - if (substr && strcmp(substr, needle) == 0) 106 + int len = strlen(map->name), l = sizeof(s) - 1; 107 + if (len >= l && memcmp(map->name + len - l, s, l) == 0) 97 108 fprintf(fout, "\tcase SECCLASS_%s:\n", map->name); 98 109 } 99 110 fprintf(fout, "\t\tsock = true;\n"); ··· 120 129 121 130 for (i = 0; secclass_map[i].name; i++) { 122 131 struct security_class_mapping *map = &secclass_map[i]; 132 + int len = strlen(map->name); 123 133 for (j = 0; map->perms[j]; j++) { 124 134 if (j >= 32) { 125 135 fprintf(stderr, "Too many permissions to fit into an access vector at (%s, %s).\n", 126 136 map->name, map->perms[j]); 127 137 exit(5); 128 138 } 129 - fprintf(fout, "#define %s__%s", map->name, 130 - map->perms[j]); 131 - for (k = 0; k < max(1, 40 - strlen(map->name) - strlen(map->perms[j])); k++) 132 - fprintf(fout, " "); 133 - fprintf(fout, "0x%08xU\n", (1<<j)); 139 + fprintf(fout, "#define %s__%-*s 0x%08xU\n", map->name, 140 + 39-len, map->perms[j], 1U<<j); 134 141 } 135 142 } 136 143