Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <202101131001.BF1108F90@keescook>
Date: Wed, 13 Jan 2021 10:01:55 -0800
From: Kees Cook <keescook@...omium.org>
To: "Eric W. Biederman" <ebiederm@...ssion.com>
Cc: Alexey Gladkov <gladkov.alexey@...il.com>,
	LKML <linux-kernel@...r.kernel.org>,
	Linux Containers <containers@...ts.linux-foundation.org>,
	Kernel Hardening <kernel-hardening@...ts.openwall.com>,
	Alexey Gladkov <legion@...nel.org>,
	Christian Brauner <christian@...uner.io>,
	Linus Torvalds <torvalds@...ux-foundation.org>
Subject: Re: [RFC PATCH v2 1/8] Use atomic type for ucounts reference counting

On Wed, Jan 13, 2021 at 10:31:40AM -0600, Eric W. Biederman wrote:
> Alexey Gladkov <gladkov.alexey@...il.com> writes:
> 
> We might want to use refcount_t instead of atomic_t.  Not a big deal
> either way.

Yes, please use refcount_t, and don't use _read() since that introduces
races.

-Kees

> 
> > Signed-off-by: Alexey Gladkov <gladkov.alexey@...il.com>
> > ---
> >  include/linux/user_namespace.h |  2 +-
> >  kernel/ucount.c                | 10 +++++-----
> >  2 files changed, 6 insertions(+), 6 deletions(-)
> >
> > diff --git a/include/linux/user_namespace.h b/include/linux/user_namespace.h
> > index 64cf8ebdc4ec..84fefa9247c4 100644
> > --- a/include/linux/user_namespace.h
> > +++ b/include/linux/user_namespace.h
> > @@ -92,7 +92,7 @@ struct ucounts {
> >  	struct hlist_node node;
> >  	struct user_namespace *ns;
> >  	kuid_t uid;
> > -	int count;
> > +	atomic_t count;
> >  	atomic_t ucount[UCOUNT_COUNTS];
> >  };
> >  
> > diff --git a/kernel/ucount.c b/kernel/ucount.c
> > index 11b1596e2542..0f2c7c11df19 100644
> > --- a/kernel/ucount.c
> > +++ b/kernel/ucount.c
> > @@ -141,7 +141,8 @@ static struct ucounts *get_ucounts(struct user_namespace *ns, kuid_t uid)
> >  
> >  		new->ns = ns;
> >  		new->uid = uid;
> > -		new->count = 0;
> > +
> > +		atomic_set(&new->count, 0);
> >  
> >  		spin_lock_irq(&ucounts_lock);
> >  		ucounts = find_ucounts(ns, uid, hashent);
> > @@ -152,10 +153,10 @@ static struct ucounts *get_ucounts(struct user_namespace *ns, kuid_t uid)
> >  			ucounts = new;
> >  		}
> >  	}
> > -	if (ucounts->count == INT_MAX)
> > +	if (atomic_read(&ucounts->count) == INT_MAX)
> >  		ucounts = NULL;
> >  	else
> > -		ucounts->count += 1;
> > +		atomic_inc(&ucounts->count);
> >  	spin_unlock_irq(&ucounts_lock);
> >  	return ucounts;
> >  }
> > @@ -165,8 +166,7 @@ static void put_ucounts(struct ucounts *ucounts)
> >  	unsigned long flags;
> >  
> >  	spin_lock_irqsave(&ucounts_lock, flags);
> > -	ucounts->count -= 1;
> > -	if (!ucounts->count)
> > +	if (atomic_dec_and_test(&ucounts->count))
> >  		hlist_del_init(&ucounts->node);
> >  	else
> >  		ucounts = NULL;
> 
> 
> This can become:
> static void put_ucounts(struct ucounts *ucounts)
> {
> 	unsigned long flags;
> 
>         if (atomic_dec_and_lock_irqsave(&ucounts->count, &ucounts_lock, flags)) {
>         	hlist_del_init(&ucounts->node);
>                 spin_unlock_irqrestore(&ucounts_lock);
>                 kfree(ucounts);
>         }
> }
> 

-- 
Kees Cook

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.