From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.8 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5C0A5C432C0 for ; Mon, 25 Nov 2019 16:48:27 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 34B472068E for ; Mon, 25 Nov 2019 16:48:27 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=kernel-dk.20150623.gappssmtp.com header.i=@kernel-dk.20150623.gappssmtp.com header.b="cvXjA6mM" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728876AbfKYQs1 (ORCPT ); Mon, 25 Nov 2019 11:48:27 -0500 Received: from mail-io1-f67.google.com ([209.85.166.67]:33503 "EHLO mail-io1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728860AbfKYQs0 (ORCPT ); Mon, 25 Nov 2019 11:48:26 -0500 Received: by mail-io1-f67.google.com with SMTP id j13so17050927ioe.0 for ; Mon, 25 Nov 2019 08:48:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kernel-dk.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=vhpTeuOA1GpRMng8r9BTuksctnFgh1g7Dr54Kb56Ya8=; b=cvXjA6mMM7Y6XtYDyhm+OxpuwQEeKpNb9L4AMArjDpqAUFNakMdrYboMjxa7BNoUPN iIiSfeNboHtm8Ub+3QNi4vZAW1AV/359syVGSreVeouBC9d0L5B10PrERQEFbcHtJ4mp Pe75+dMShSnx6AKlxt+9Luki8UI4d/9e+IkBVdzaCWpIFfV1zpvSqIIrk/1S/jjRA2EP pENzL/3OBAKdoRhN+GPKix1xEKvfDrr1PCgpY96nFeE40YZkVVQ0t6AdUenQB3pqDddq F+IcL1QRYg2u1o1NHMdAIn8koj4Y7P8KHdHA2Oe6/3PI1Znm+UNdO30o+Xuu+bLT7j+T FGng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=vhpTeuOA1GpRMng8r9BTuksctnFgh1g7Dr54Kb56Ya8=; b=tbc4Maqsnwu0BrQW8BL4+PjtOvi0J2aILs7pP+V8dhJfvo74Vvf81XBBWCi08M+pWH 9OFOY65qDhffOHpCNjFV/91xqXJRYEjS+iv3U8kyBexMpPUIdMRz/nWkDq4KjqLpvRic lL1W+DBSXEgMtvmcv9f3Hvl9EG5/kSAh8hO2ccri/YhjwowvIbmPQihRm6/i1BNzkKae CRCThwLvg0weJ94sqB8edI0R4cS0HDX+UQuy0opWME8fP+Ejc+nZ1RlcIbg+pzmXxFgm lbzE1rC7i4bAAhOFtWih0Pz4sGAo1ZUENsZ31qMrKe3fyiYg5aUX2LowgSOf2EtDB7Lo +stg== X-Gm-Message-State: APjAAAWABFPPv/KkqEaNlJg4fJ5zfr48YAB8ue6bmtTpb8K0ZFu3Hgba E+JbFWRENATib/GV2ffcpLl+ITjB4RhEKg== X-Google-Smtp-Source: APXvYqwQqUxpu7N8B0buWGCB33BuQEfnRa7ywsKlhLxeaXUUfWIwLhyQ1a/NAgzDc3Uulvg0S4IQLA== X-Received: by 2002:a6b:cf0f:: with SMTP id o15mr11023793ioa.229.1574700504208; Mon, 25 Nov 2019 08:48:24 -0800 (PST) Received: from localhost.localdomain ([65.144.74.34]) by smtp.gmail.com with ESMTPSA id k4sm1944788iof.61.2019.11.25.08.48.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 25 Nov 2019 08:48:23 -0800 (PST) From: Jens Axboe To: io-uring@vger.kernel.org Cc: Jens Axboe Subject: [PATCH] io_uring: async workers should inherit the user creds Date: Mon, 25 Nov 2019 09:48:17 -0700 Message-Id: <20191125164818.16414-3-axboe@kernel.dk> X-Mailer: git-send-email 2.24.0 In-Reply-To: <20191125164818.16414-1-axboe@kernel.dk> References: <20191125164818.16414-1-axboe@kernel.dk> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: io-uring-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: io-uring@vger.kernel.org If we don't inherit the original task creds, then we can confuse users like fuse that pass creds in the request header. See link below on identical aio issue. Link: https://lore.kernel.org/linux-fsdevel/26f0d78e-99ca-2f1b-78b9-433088053a61@scylladb.com/T/#u Signed-off-by: Jens Axboe --- fs/io_uring.c | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/fs/io_uring.c b/fs/io_uring.c index 84efb8956734..9bead1717949 100644 --- a/fs/io_uring.c +++ b/fs/io_uring.c @@ -255,6 +255,8 @@ struct io_ring_ctx { struct user_struct *user; + struct cred *creds; + struct completion ctx_done; struct { @@ -1294,8 +1296,11 @@ static void io_poll_complete_work(struct work_struct *work) struct io_poll_iocb *poll = &req->poll; struct poll_table_struct pt = { ._key = poll->events }; struct io_ring_ctx *ctx = req->ctx; + const struct cred *old_cred; __poll_t mask = 0; + old_cred = override_creds(ctx->creds); + if (!READ_ONCE(poll->canceled)) mask = vfs_poll(poll->file, &pt) & poll->events; @@ -1310,7 +1315,7 @@ static void io_poll_complete_work(struct work_struct *work) if (!mask && !READ_ONCE(poll->canceled)) { add_wait_queue(poll->head, &poll->wait); spin_unlock_irq(&ctx->completion_lock); - return; + goto out; } list_del_init(&req->list); io_poll_complete(ctx, req, mask); @@ -1318,6 +1323,8 @@ static void io_poll_complete_work(struct work_struct *work) io_cqring_ev_posted(ctx); io_put_req(req); +out: + revert_creds(old_cred); } static int io_poll_wake(struct wait_queue_entry *wait, unsigned mode, int sync, @@ -1528,10 +1535,12 @@ static void io_sq_wq_submit_work(struct work_struct *work) struct io_ring_ctx *ctx = req->ctx; struct mm_struct *cur_mm = NULL; struct async_list *async_list; + const struct cred *old_cred; LIST_HEAD(req_list); mm_segment_t old_fs; int ret; + old_cred = override_creds(ctx->creds); async_list = io_async_list_from_sqe(ctx, req->submit.sqe); restart: do { @@ -1633,6 +1642,7 @@ static void io_sq_wq_submit_work(struct work_struct *work) unuse_mm(cur_mm); mmput(cur_mm); } + revert_creds(old_cred); } /* @@ -1881,6 +1891,7 @@ static int io_sq_thread(void *data) struct sqe_submit sqes[IO_IOPOLL_BATCH]; struct io_ring_ctx *ctx = data; struct mm_struct *cur_mm = NULL; + const struct cred *old_cred; mm_segment_t old_fs; DEFINE_WAIT(wait); unsigned inflight; @@ -1888,6 +1899,7 @@ static int io_sq_thread(void *data) old_fs = get_fs(); set_fs(USER_DS); + old_cred = override_creds(ctx->creds); timeout = inflight = 0; while (!kthread_should_stop() && !ctx->sqo_stop) { @@ -2001,6 +2013,7 @@ static int io_sq_thread(void *data) unuse_mm(cur_mm); mmput(cur_mm); } + revert_creds(old_cred); if (kthread_should_park()) kthread_parkme(); @@ -2645,6 +2658,8 @@ static void io_ring_ctx_free(struct io_ring_ctx *ctx) io_unaccount_mem(ctx->user, ring_pages(ctx->sq_entries, ctx->cq_entries)); free_uid(ctx->user); + if (ctx->creds) + put_cred(ctx->creds); kfree(ctx); } @@ -2924,6 +2939,12 @@ static int io_uring_create(unsigned entries, struct io_uring_params *p) ctx->account_mem = account_mem; ctx->user = user; + ctx->creds = prepare_creds(); + if (!ctx->creds) { + ret = -ENOMEM; + goto err; + } + ret = io_allocate_scq_urings(ctx, p); if (ret) goto err; -- 2.24.0