diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2024-11-18 12:24:06 -0800 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2024-11-18 12:24:06 -0800 |
| commit | 0f25f0e4efaeb68086f7e65c442f2d648b21736f (patch) | |
| tree | f78d0fa8c337ee7319dbc80215c5fa5102c4bb3e /drivers | |
| parent | 23acd177540d7ba929cdc801b73d15d799f654f4 (diff) | |
| parent | 38052c2dd71f5490f34bba21dc358e97fb205ee5 (diff) | |
Merge tag 'pull-fd' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull 'struct fd' class updates from Al Viro:
"The bulk of struct fd memory safety stuff
Making sure that struct fd instances are destroyed in the same scope
where they'd been created, getting rid of reassignments and passing
them by reference, converting to CLASS(fd{,_pos,_raw}).
We are getting very close to having the memory safety of that stuff
trivial to verify"
* tag 'pull-fd' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (28 commits)
deal with the last remaing boolean uses of fd_file()
css_set_fork(): switch to CLASS(fd_raw, ...)
memcg_write_event_control(): switch to CLASS(fd)
assorted variants of irqfd setup: convert to CLASS(fd)
do_pollfd(): convert to CLASS(fd)
convert do_select()
convert vfs_dedupe_file_range().
convert cifs_ioctl_copychunk()
convert media_request_get_by_fd()
convert spu_run(2)
switch spufs_calls_{get,put}() to CLASS() use
convert cachestat(2)
convert do_preadv()/do_pwritev()
fdget(), more trivial conversions
fdget(), trivial conversions
privcmd_ioeventfd_assign(): don't open-code eventfd_ctx_fdget()
o2hb_region_dev_store(): avoid goto around fdget()/fdput()
introduce "fd_pos" class, convert fdget_pos() users to it.
fdget_raw() users: switch to CLASS(fd_raw)
convert vmsplice() to CLASS(fd)
...
Diffstat (limited to 'drivers')
| -rw-r--r-- | drivers/gpu/drm/amd/amdgpu/amdgpu_sched.c | 23 | ||||
| -rw-r--r-- | drivers/gpu/drm/drm_syncobj.c | 9 | ||||
| -rw-r--r-- | drivers/infiniband/core/ucma.c | 19 | ||||
| -rw-r--r-- | drivers/infiniband/core/uverbs_cmd.c | 8 | ||||
| -rw-r--r-- | drivers/media/mc/mc-request.c | 18 | ||||
| -rw-r--r-- | drivers/media/rc/lirc_dev.c | 13 | ||||
| -rw-r--r-- | drivers/vfio/group.c | 6 | ||||
| -rw-r--r-- | drivers/vfio/virqfd.c | 16 | ||||
| -rw-r--r-- | drivers/virt/acrn/irqfd.c | 13 | ||||
| -rw-r--r-- | drivers/xen/privcmd.c | 28 |
10 files changed, 43 insertions, 110 deletions
diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_sched.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_sched.c index b0a8abc7a8ec..341beec59537 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_sched.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_sched.c @@ -35,21 +35,19 @@ static int amdgpu_sched_process_priority_override(struct amdgpu_device *adev, int fd, int32_t priority) { - struct fd f = fdget(fd); + CLASS(fd, f)(fd); struct amdgpu_fpriv *fpriv; struct amdgpu_ctx_mgr *mgr; struct amdgpu_ctx *ctx; uint32_t id; int r; - if (!fd_file(f)) + if (fd_empty(f)) return -EINVAL; r = amdgpu_file_to_fpriv(fd_file(f), &fpriv); - if (r) { - fdput(f); + if (r) return r; - } mgr = &fpriv->ctx_mgr; mutex_lock(&mgr->lock); @@ -57,7 +55,6 @@ static int amdgpu_sched_process_priority_override(struct amdgpu_device *adev, amdgpu_ctx_priority_override(ctx, priority); mutex_unlock(&mgr->lock); - fdput(f); return 0; } @@ -66,31 +63,25 @@ static int amdgpu_sched_context_priority_override(struct amdgpu_device *adev, unsigned ctx_id, int32_t priority) { - struct fd f = fdget(fd); + CLASS(fd, f)(fd); struct amdgpu_fpriv *fpriv; struct amdgpu_ctx *ctx; int r; - if (!fd_file(f)) + if (fd_empty(f)) return -EINVAL; r = amdgpu_file_to_fpriv(fd_file(f), &fpriv); - if (r) { - fdput(f); + if (r) return r; - } ctx = amdgpu_ctx_get(fpriv, ctx_id); - if (!ctx) { - fdput(f); + if (!ctx) return -EINVAL; - } amdgpu_ctx_priority_override(ctx, priority); amdgpu_ctx_put(ctx); - fdput(f); - return 0; } diff --git a/drivers/gpu/drm/drm_syncobj.c b/drivers/gpu/drm/drm_syncobj.c index 8e3d2d7060f8..4f2ab8a7b50f 100644 --- a/drivers/gpu/drm/drm_syncobj.c +++ b/drivers/gpu/drm/drm_syncobj.c @@ -712,16 +712,14 @@ static int drm_syncobj_fd_to_handle(struct drm_file *file_private, int fd, u32 *handle) { struct drm_syncobj *syncobj; - struct fd f = fdget(fd); + CLASS(fd, f)(fd); int ret; - if (!fd_file(f)) + if (fd_empty(f)) return -EINVAL; - if (fd_file(f)->f_op != &drm_syncobj_file_fops) { - fdput(f); + if (fd_file(f)->f_op != &drm_syncobj_file_fops) return -EINVAL; - } /* take a reference to put in the idr */ syncobj = fd_file(f)->private_data; @@ -739,7 +737,6 @@ static int drm_syncobj_fd_to_handle(struct drm_file *file_private, } else drm_syncobj_put(syncobj); - fdput(f); return ret; } diff --git a/drivers/infiniband/core/ucma.c b/drivers/infiniband/core/ucma.c index 5dbb248e9625..02f1666f3cba 100644 --- a/drivers/infiniband/core/ucma.c +++ b/drivers/infiniband/core/ucma.c @@ -1615,7 +1615,6 @@ static ssize_t ucma_migrate_id(struct ucma_file *new_file, struct ucma_event *uevent, *tmp; struct ucma_context *ctx; LIST_HEAD(event_list); - struct fd f; struct ucma_file *cur_file; int ret = 0; @@ -1623,21 +1622,17 @@ static ssize_t ucma_migrate_id(struct ucma_file *new_file, return -EFAULT; /* Get current fd to protect against it being closed */ - f = fdget(cmd.fd); - if (!fd_file(f)) + CLASS(fd, f)(cmd.fd); + if (fd_empty(f)) return -ENOENT; - if (fd_file(f)->f_op != &ucma_fops) { - ret = -EINVAL; - goto file_put; - } + if (fd_file(f)->f_op != &ucma_fops) + return -EINVAL; cur_file = fd_file(f)->private_data; /* Validate current fd and prevent destruction of id. */ ctx = ucma_get_ctx(cur_file, cmd.id); - if (IS_ERR(ctx)) { - ret = PTR_ERR(ctx); - goto file_put; - } + if (IS_ERR(ctx)) + return PTR_ERR(ctx); rdma_lock_handler(ctx->cm_id); /* @@ -1678,8 +1673,6 @@ static ssize_t ucma_migrate_id(struct ucma_file *new_file, err_unlock: rdma_unlock_handler(ctx->cm_id); ucma_put_ctx(ctx); -file_put: - fdput(f); return ret; } diff --git a/drivers/infiniband/core/uverbs_cmd.c b/drivers/infiniband/core/uverbs_cmd.c index a4cce360df21..66b02fbf077a 100644 --- a/drivers/infiniband/core/uverbs_cmd.c +++ b/drivers/infiniband/core/uverbs_cmd.c @@ -584,7 +584,7 @@ static int ib_uverbs_open_xrcd(struct uverbs_attr_bundle *attrs) if (cmd.fd != -1) { /* search for file descriptor */ f = fdget(cmd.fd); - if (!fd_file(f)) { + if (fd_empty(f)) { ret = -EBADF; goto err_tree_mutex_unlock; } @@ -632,8 +632,7 @@ static int ib_uverbs_open_xrcd(struct uverbs_attr_bundle *attrs) atomic_inc(&xrcd->usecnt); } - if (fd_file(f)) - fdput(f); + fdput(f); mutex_unlock(&ibudev->xrcd_tree_mutex); uobj_finalize_uobj_create(&obj->uobject, attrs); @@ -648,8 +647,7 @@ err: uobj_alloc_abort(&obj->uobject, attrs); err_tree_mutex_unlock: - if (fd_file(f)) - fdput(f); + fdput(f); mutex_unlock(&ibudev->xrcd_tree_mutex); diff --git a/drivers/media/mc/mc-request.c b/drivers/media/mc/mc-request.c index e064914c476e..df39c8c11e9a 100644 --- a/drivers/media/mc/mc-request.c +++ b/drivers/media/mc/mc-request.c @@ -246,22 +246,21 @@ static const struct file_operations request_fops = { struct media_request * media_request_get_by_fd(struct media_device *mdev, int request_fd) { - struct fd f; struct media_request *req; if (!mdev || !mdev->ops || !mdev->ops->req_validate || !mdev->ops->req_queue) return ERR_PTR(-EBADR); - f = fdget(request_fd); - if (!fd_file(f)) - goto err_no_req_fd; + CLASS(fd, f)(request_fd); + if (fd_empty(f)) + goto err; if (fd_file(f)->f_op != &request_fops) - goto err_fput; + goto err; req = fd_file(f)->private_data; if (req->mdev != mdev) - goto err_fput; + goto err; /* * Note: as long as someone has an open filehandle of the request, @@ -272,14 +271,9 @@ media_request_get_by_fd(struct media_device *mdev, int request_fd) * before media_request_get() is called. */ media_request_get(req); - fdput(f); - return req; -err_fput: - fdput(f); - -err_no_req_fd: +err: dev_dbg(mdev->dev, "cannot find request_fd %d\n", request_fd); return ERR_PTR(-EINVAL); } diff --git a/drivers/media/rc/lirc_dev.c b/drivers/media/rc/lirc_dev.c index f042f3f14afa..a2257dc2f25d 100644 --- a/drivers/media/rc/lirc_dev.c +++ b/drivers/media/rc/lirc_dev.c @@ -815,28 +815,23 @@ void __exit lirc_dev_exit(void) struct rc_dev *rc_dev_get_from_fd(int fd, bool write) { - struct fd f = fdget(fd); + CLASS(fd, f)(fd); struct lirc_fh *fh; struct rc_dev *dev; - if (!fd_file(f)) + if (fd_empty(f)) return ERR_PTR(-EBADF); - if (fd_file(f)->f_op != &lirc_fops) { - fdput(f); + if (fd_file(f)->f_op != &lirc_fops) return ERR_PTR(-EINVAL); - } - if (write && !(fd_file(f)->f_mode & FMODE_WRITE)) { - fdput(f); + if (write && !(fd_file(f)->f_mode & FMODE_WRITE)) return ERR_PTR(-EPERM); - } fh = fd_file(f)->private_data; dev = fh->rc; get_device(&dev->dev); - fdput(f); return dev; } diff --git a/drivers/vfio/group.c b/drivers/vfio/group.c index 95b336de8a17..49559605177e 100644 --- a/drivers/vfio/group.c +++ b/drivers/vfio/group.c @@ -104,15 +104,14 @@ static int vfio_group_ioctl_set_container(struct vfio_group *group, { struct vfio_container *container; struct iommufd_ctx *iommufd; - struct fd f; int ret; int fd; if (get_user(fd, arg)) return -EFAULT; - f = fdget(fd); - if (!fd_file(f)) + CLASS(fd, f)(fd); + if (fd_empty(f)) return -EBADF; mutex_lock(&group->group_lock); @@ -153,7 +152,6 @@ static int vfio_group_ioctl_set_container(struct vfio_group *group, out_unlock: mutex_unlock(&group->group_lock); - fdput(f); return ret; } diff --git a/drivers/vfio/virqfd.c b/drivers/vfio/virqfd.c index d22881245e89..aa2891f97508 100644 --- a/drivers/vfio/virqfd.c +++ b/drivers/vfio/virqfd.c @@ -113,7 +113,6 @@ int vfio_virqfd_enable(void *opaque, void (*thread)(void *, void *), void *data, struct virqfd **pvirqfd, int fd) { - struct fd irqfd; struct eventfd_ctx *ctx; struct virqfd *virqfd; int ret = 0; @@ -133,8 +132,8 @@ int vfio_virqfd_enable(void *opaque, INIT_WORK(&virqfd->inject, virqfd_inject); INIT_WORK(&virqfd->flush_inject, virqfd_flush_inject); - irqfd = fdget(fd); - if (!fd_file(irqfd)) { + CLASS(fd, irqfd)(fd); + if (fd_empty(irqfd)) { ret = -EBADF; goto err_fd; } @@ -142,7 +141,7 @@ int vfio_virqfd_enable(void *opaque, ctx = eventfd_ctx_fileget(fd_file(irqfd)); if (IS_ERR(ctx)) { ret = PTR_ERR(ctx); - goto err_ctx; + goto err_fd; } virqfd->eventfd = ctx; @@ -181,18 +180,9 @@ int vfio_virqfd_enable(void *opaque, if ((!handler || handler(opaque, data)) && thread) schedule_work(&virqfd->inject); } - - /* - * Do not drop the file until the irqfd is fully initialized, - * otherwise we might race against the EPOLLHUP. - */ - fdput(irqfd); - return 0; err_busy: eventfd_ctx_put(ctx); -err_ctx: - fdput(irqfd); err_fd: kfree(virqfd); diff --git a/drivers/virt/acrn/irqfd.c b/drivers/virt/acrn/irqfd.c index 9994d818bb7e..b7da24ca1475 100644 --- a/drivers/virt/acrn/irqfd.c +++ b/drivers/virt/acrn/irqfd.c @@ -112,7 +112,6 @@ static int acrn_irqfd_assign(struct acrn_vm *vm, struct acrn_irqfd *args) struct eventfd_ctx *eventfd = NULL; struct hsm_irqfd *irqfd, *tmp; __poll_t events; - struct fd f; int ret = 0; irqfd = kzalloc(sizeof(*irqfd), GFP_KERNEL); @@ -124,8 +123,8 @@ static int acrn_irqfd_assign(struct acrn_vm *vm, struct acrn_irqfd *args) INIT_LIST_HEAD(&irqfd->list); INIT_WORK(&irqfd->shutdown, hsm_irqfd_shutdown_work); - f = fdget(args->fd); - if (!fd_file(f)) { + CLASS(fd, f)(args->fd); + if (fd_empty(f)) { ret = -EBADF; goto out; } @@ -133,7 +132,7 @@ static int acrn_irqfd_assign(struct acrn_vm *vm, struct acrn_irqfd *args) eventfd = eventfd_ctx_fileget(fd_file(f)); if (IS_ERR(eventfd)) { ret = PTR_ERR(eventfd); - goto fail; + goto out; } irqfd->eventfd = eventfd; @@ -162,13 +161,9 @@ static int acrn_irqfd_assign(struct acrn_vm *vm, struct acrn_irqfd *args) if (events & EPOLLIN) acrn_irqfd_inject(irqfd); - fdput(f); return 0; fail: - if (eventfd && !IS_ERR(eventfd)) - eventfd_ctx_put(eventfd); - - fdput(f); + eventfd_ctx_put(eventfd); out: kfree(irqfd); return ret; diff --git a/drivers/xen/privcmd.c b/drivers/xen/privcmd.c index 4f75bc876454..13a10f3294a8 100644 --- a/drivers/xen/privcmd.c +++ b/drivers/xen/privcmd.c @@ -965,10 +965,11 @@ static int privcmd_irqfd_assign(struct privcmd_irqfd *irqfd) struct privcmd_kernel_irqfd *kirqfd, *tmp; unsigned long flags; __poll_t events; - struct fd f; void *dm_op; int ret, idx; + CLASS(fd, f)(irqfd->fd); + kirqfd = kzalloc(sizeof(*kirqfd) + irqfd->size, GFP_KERNEL); if (!kirqfd) return -ENOMEM; @@ -984,8 +985,7 @@ static int privcmd_irqfd_assign(struct privcmd_irqfd *irqfd) kirqfd->dom = irqfd->dom; INIT_WORK(&kirqfd->shutdown, irqfd_shutdown); - f = fdget(irqfd->fd); - if (!fd_file(f)) { + if (fd_empty(f)) { ret = -EBADF; goto error_kfree; } @@ -993,7 +993,7 @@ static int privcmd_irqfd_assign(struct privcmd_irqfd *irqfd) kirqfd->eventfd = eventfd_ctx_fileget(fd_file(f)); if (IS_ERR(kirqfd->eventfd)) { ret = PTR_ERR(kirqfd->eventfd); - goto error_fd_put; + goto error_kfree; } /* @@ -1026,20 +1026,11 @@ static int privcmd_irqfd_assign(struct privcmd_irqfd *irqfd) irqfd_inject(kirqfd); srcu_read_unlock(&irqfds_srcu, idx); - - /* - * Do not drop the file until the kirqfd is fully initialized, otherwise - * we might race against the EPOLLHUP. - */ - fdput(f); return 0; error_eventfd: eventfd_ctx_put(kirqfd->eventfd); -error_fd_put: - fdput(f); - error_kfree: kfree(kirqfd); return ret; @@ -1350,7 +1341,6 @@ static int privcmd_ioeventfd_assign(struct privcmd_ioeventfd *ioeventfd) struct privcmd_kernel_ioeventfd *kioeventfd; struct privcmd_kernel_ioreq *kioreq; unsigned long flags; - struct fd f; int ret; /* Check for range overflow */ @@ -1370,15 +1360,7 @@ static int privcmd_ioeventfd_assign(struct privcmd_ioeventfd *ioeventfd) if (!kioeventfd) return -ENOMEM; - f = fdget(ioeventfd->event_fd); - if (!fd_file(f)) { - ret = -EBADF; - goto error_kfree; - } - - kioeventfd->eventfd = eventfd_ctx_fileget(fd_file(f)); - fdput(f); - + kioeventfd->eventfd = eventfd_ctx_fdget(ioeventfd->event_fd); if (IS_ERR(kioeventfd->eventfd)) { ret = PTR_ERR(kioeventfd->eventfd); goto error_kfree; |