Do not use RCU for current process credentials

Commit c69e8d9c0 added rcu lock to fuse/dir.c It was assuming that 'task' is some other process but in fact this parameter always equals to 'current'. Inline this parameter to make it more readable and remove RCU lock as it is not needed when access current process credentials. Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com> Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>

Do not use RCU for current process credentials
Commit c69e8d9c0 added rcu lock to fuse/dir.c It was assuming that 'task' is some other process but in fact this parameter always equals to 'current'. Inline this parameter to make it more readable and remove RCU lock as it is not needed when access current process credentials. Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com> Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
Anatol Pomozov · Miklos Szeredi
1 parent fb05f41f5f
Showing 4 changed files with 13 additions and 17 deletions Side-by-side Diff
fs/fuse/dir.c
fs/fuse/file.c
fs/fuse/fuse_i.h
fs/fuse/inode.c
@@ -985,7 +985,7 @@
  
 /*
  * Calling into a user-controlled filesystem gives the filesystem
- * daemon ptrace-like capabilities over the requester process.  This
+ * daemon ptrace-like capabilities over the current process.  This
  * means, that the filesystem daemon is able to record the exact
  * filesystem operations performed, and can also control the behavior
  * of the requester process in otherwise impossible ways.  For example
  
  
  
  
@@ -996,27 +996,23 @@
  * for which the owner of the mount has ptrace privilege.  This
  * excludes processes started by other users, suid or sgid processes.
  */
-int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task)
+int fuse_allow_current_process(struct fuse_conn *fc)
 {
 	const struct cred *cred;
-	int ret;
  
 	if (fc->flags & FUSE_ALLOW_OTHER)
 		return 1;
  
-	rcu_read_lock();
-	ret = 0;
-	cred = __task_cred(task);
+	cred = current_cred();
 	if (uid_eq(cred->euid, fc->user_id) &&
 	    uid_eq(cred->suid, fc->user_id) &&
 	    uid_eq(cred->uid,  fc->user_id) &&
 	    gid_eq(cred->egid, fc->group_id) &&
 	    gid_eq(cred->sgid, fc->group_id) &&
 	    gid_eq(cred->gid,  fc->group_id))
-		ret = 1;
-	rcu_read_unlock();
+		return 1;
  
-	return ret;
+	return 0;
 }
  
 static int fuse_access(struct inode *inode, int mask)
@@ -1077,7 +1073,7 @@
 	bool refreshed = false;
 	int err = 0;
  
-	if (!fuse_allow_task(fc, current))
+	if (!fuse_allow_current_process(fc))
 		return -EACCES;
  
 	/*
@@ -1544,7 +1540,7 @@
 	loff_t oldsize;
 	int err;
  
-	if (!fuse_allow_task(fc, current))
+	if (!fuse_allow_current_process(fc))
 		return -EACCES;
  
 	if (!(fc->flags & FUSE_DEFAULT_PERMISSIONS))
@@ -1653,7 +1649,7 @@
 	struct inode *inode = entry->d_inode;
 	struct fuse_conn *fc = get_fuse_conn(inode);
  
-	if (!fuse_allow_task(fc, current))
+	if (!fuse_allow_current_process(fc))
 		return -EACCES;
  
 	return fuse_update_attributes(inode, stat, NULL, NULL);
@@ -1756,7 +1752,7 @@
 	struct fuse_getxattr_out outarg;
 	ssize_t ret;
  
-	if (!fuse_allow_task(fc, current))
+	if (!fuse_allow_current_process(fc))
 		return -EACCES;
  
 	if (fc->no_listxattr)
@@ -2082,7 +2082,7 @@
 	struct inode *inode = file->f_dentry->d_inode;
 	struct fuse_conn *fc = get_fuse_conn(inode);
  
-	if (!fuse_allow_task(fc, current))
+	if (!fuse_allow_current_process(fc))
 		return -EACCES;
  
 	if (is_bad_inode(inode))
@@ -774,9 +774,9 @@
 int fuse_valid_type(int m);
  
 /**
- * Is task allowed to perform filesystem operation?
+ * Is current process allowed to perform filesystem operation?
  */
-int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task);
+int fuse_allow_current_process(struct fuse_conn *fc);
  
 u64 fuse_lock_owner_id(struct fuse_conn *fc, fl_owner_t id);
  
@@ -408,7 +408,7 @@
 	struct fuse_statfs_out outarg;
 	int err;
  
-	if (!fuse_allow_task(fc, current)) {
+	if (!fuse_allow_current_process(fc)) {
 		buf->f_type = FUSE_SUPER_MAGIC;
 		return 0;
 	}
...	...	@@ -985,7 +985,7 @@
985	985
986	986	/*
987	987	* Calling into a user-controlled filesystem gives the filesystem
988		- * daemon ptrace-like capabilities over the requester process. This
	988	+ * daemon ptrace-like capabilities over the current process. This
989	989	* means, that the filesystem daemon is able to record the exact
990	990	* filesystem operations performed, and can also control the behavior
991	991	* of the requester process in otherwise impossible ways. For example
992	992
993	993
994	994
995	995
...	...	@@ -996,27 +996,23 @@
996	996	* for which the owner of the mount has ptrace privilege. This
997	997	* excludes processes started by other users, suid or sgid processes.
998	998	*/
999		-int fuse_allow_task(struct fuse_conn fc, struct task_struct task)
	999	+int fuse_allow_current_process(struct fuse_conn *fc)
1000	1000	{
1001	1001	const struct cred *cred;
1002		- int ret;
1003	1002
1004	1003	if (fc->flags & FUSE_ALLOW_OTHER)
1005	1004	return 1;
1006	1005
1007		- rcu_read_lock();
1008		- ret = 0;
1009		- cred = __task_cred(task);
	1006	+ cred = current_cred();
1010	1007	if (uid_eq(cred->euid, fc->user_id) &&
1011	1008	uid_eq(cred->suid, fc->user_id) &&
1012	1009	uid_eq(cred->uid, fc->user_id) &&
1013	1010	gid_eq(cred->egid, fc->group_id) &&
1014	1011	gid_eq(cred->sgid, fc->group_id) &&
1015	1012	gid_eq(cred->gid, fc->group_id))
1016		- ret = 1;
1017		- rcu_read_unlock();
	1013	+ return 1;
1018	1014
1019		- return ret;
	1015	+ return 0;
1020	1016	}
1021	1017
1022	1018	static int fuse_access(struct inode *inode, int mask)
...	...	@@ -1077,7 +1073,7 @@
1077	1073	bool refreshed = false;
1078	1074	int err = 0;
1079	1075
1080		- if (!fuse_allow_task(fc, current))
	1076	+ if (!fuse_allow_current_process(fc))
1081	1077	return -EACCES;
1082	1078
1083	1079	/*
...	...	@@ -1544,7 +1540,7 @@
1544	1540	loff_t oldsize;
1545	1541	int err;
1546	1542
1547		- if (!fuse_allow_task(fc, current))
	1543	+ if (!fuse_allow_current_process(fc))
1548	1544	return -EACCES;
1549	1545
1550	1546	if (!(fc->flags & FUSE_DEFAULT_PERMISSIONS))
...	...	@@ -1653,7 +1649,7 @@
1653	1649	struct inode *inode = entry->d_inode;
1654	1650	struct fuse_conn *fc = get_fuse_conn(inode);
1655	1651
1656		- if (!fuse_allow_task(fc, current))
	1652	+ if (!fuse_allow_current_process(fc))
1657	1653	return -EACCES;
1658	1654
1659	1655	return fuse_update_attributes(inode, stat, NULL, NULL);
...	...	@@ -1756,7 +1752,7 @@
1756	1752	struct fuse_getxattr_out outarg;
1757	1753	ssize_t ret;
1758	1754
1759		- if (!fuse_allow_task(fc, current))
	1755	+ if (!fuse_allow_current_process(fc))
1760	1756	return -EACCES;
1761	1757
1762	1758	if (fc->no_listxattr)
...	...	@@ -2082,7 +2082,7 @@
2082	2082	struct inode *inode = file->f_dentry->d_inode;
2083	2083	struct fuse_conn *fc = get_fuse_conn(inode);
2084	2084
2085		- if (!fuse_allow_task(fc, current))
	2085	+ if (!fuse_allow_current_process(fc))
2086	2086	return -EACCES;
2087	2087
2088	2088	if (is_bad_inode(inode))
...	...	@@ -774,9 +774,9 @@
774	774	int fuse_valid_type(int m);
775	775
776	776	/**
777		- * Is task allowed to perform filesystem operation?
	777	+ * Is current process allowed to perform filesystem operation?
778	778	*/
779		-int fuse_allow_task(struct fuse_conn fc, struct task_struct task);
	779	+int fuse_allow_current_process(struct fuse_conn *fc);
780	780
781	781	u64 fuse_lock_owner_id(struct fuse_conn *fc, fl_owner_t id);
782	782
...	...	@@ -408,7 +408,7 @@
408	408	struct fuse_statfs_out outarg;
409	409	int err;
410	410
411		- if (!fuse_allow_task(fc, current)) {
	411	+ if (!fuse_allow_current_process(fc)) {
412	412	buf->f_type = FUSE_SUPER_MAGIC;
413	413	return 0;
414	414	}