[PATCH openEuler-1.0-LTS v2 372/771] io_uring: allow registering credentials

15 Apr 2021

From: Jens Axboe axboe@kernel.dk
mainline inclusion
from mainline-5.6-rc1
commit 071698e13ac6ba786dfa22349a7b62deb5a9464d
category: feature
bugzilla: https://bugzilla.openeuler.org/show_bug.cgi?id=27
CVE: NA
---------------------------
If an application wants to use a ring with different kinds of
credentials, it can register them upfront. We don't lookup credentials,
the credentials of the task calling IORING_REGISTER_PERSONALITY is used.
An 'id' is returned for the application to use in subsequent personality
support.
Reviewed-by: Pavel Begunkov asml.silence@gmail.com
Signed-off-by: Jens Axboe axboe@kernel.dk
Signed-off-by: yangerkun yangerkun@huawei.com
Reviewed-by: zhangyi (F) yi.zhang@huawei.com
Signed-off-by: Cheng Jian cj.chengjian@huawei.com
---
 fs/io_uring.c                 | 75 +++++++++++++++++++++++++++++++----
 include/uapi/linux/io_uring.h |  2 +
 2 files changed, 70 insertions(+), 7 deletions(-)

diff --git a/fs/io_uring.c b/fs/io_uring.c
index cc4a5e92153b..dc5ff7771c26 100644
--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -273,6 +273,8 @@ struct io_ring_ctx {
    struct socket		*ring_sock;
 #endif
+	struct idr		personality_idr;
+
    struct {
    	unsigned		cached_cq_tail;
    	unsigned		cq_entries;
@@ -792,6 +794,7 @@ static struct io_ring_ctx *io_ring_ctx_alloc(struct io_uring_params *p)
    INIT_LIST_HEAD(&ctx->cq_overflow_list);
    init_completion(&ctx->completions[0]);
    init_completion(&ctx->completions[1]);
+	idr_init(&ctx->personality_idr);
    mutex_init(&ctx->uring_lock);
    init_waitqueue_head(&ctx->wait);
    spin_lock_init(&ctx->completion_lock);
@@ -6120,6 +6123,17 @@ static int io_uring_fasync(int fd, struct file *file, int on)
    return fasync_helper(fd, file, on, &ctx->cq_fasync);
 }
+static int io_remove_personalities(int id, void *p, void *data)
+{
+	struct io_ring_ctx *ctx = data;
+	const struct cred *cred;
+
+	cred = idr_remove(&ctx->personality_idr, id);
+	if (cred)
+		put_cred(cred);
+	return 0;
+}
+
 static void io_ring_ctx_wait_and_kill(struct io_ring_ctx *ctx)
 {
    mutex_lock(&ctx->uring_lock);
@@ -6136,6 +6150,7 @@ static void io_ring_ctx_wait_and_kill(struct io_ring_ctx *ctx)
    /* if we failed setting up the ctx, we might not have any rings */
    if (ctx->rings)
    	io_cqring_overflow_flush(ctx, true);
+	idr_for_each(&ctx->personality_idr, io_remove_personalities, ctx);
    wait_for_completion(&ctx->completions[0]);
    io_ring_ctx_free(ctx);
 }
@@ -6616,6 +6631,45 @@ static int io_probe(struct io_ring_ctx *ctx, void __user *arg, unsigned nr_args)
    return ret;
 }
+static int io_register_personality(struct io_ring_ctx *ctx)
+{
+	const struct cred *creds = get_current_cred();
+	int id;
+
+	id = idr_alloc_cyclic(&ctx->personality_idr, (void *) creds, 1,
+				USHRT_MAX, GFP_KERNEL);
+	if (id < 0)
+		put_cred(creds);
+	return id;
+}
+
+static int io_unregister_personality(struct io_ring_ctx *ctx, unsigned id)
+{
+	const struct cred *old_creds;
+
+	old_creds = idr_remove(&ctx->personality_idr, id);
+	if (old_creds) {
+		put_cred(old_creds);
+		return 0;
+	}
+
+	return -EINVAL;
+}
+
+static bool io_register_op_must_quiesce(int op)
+{
+	switch (op) {
+	case IORING_UNREGISTER_FILES:
+	case IORING_REGISTER_FILES_UPDATE:
+	case IORING_REGISTER_PROBE:
+	case IORING_REGISTER_PERSONALITY:
+	case IORING_UNREGISTER_PERSONALITY:
+		return false;
+	default:
+		return true;
+	}
+}
+
 static int __io_uring_register(struct io_ring_ctx *ctx, unsigned opcode,
    		       void __user *arg, unsigned nr_args)
    __releases(ctx->uring_lock)
@@ -6631,9 +6685,7 @@ static int __io_uring_register(struct io_ring_ctx *ctx, unsigned opcode,
    if (percpu_ref_is_dying(&ctx->refs))
    	return -ENXIO;
-	if (opcode != IORING_UNREGISTER_FILES &&
-	    opcode != IORING_REGISTER_FILES_UPDATE &&
-	    opcode != IORING_REGISTER_PROBE) {
+	if (io_register_op_must_quiesce(opcode)) {
    	percpu_ref_kill(&ctx->refs);
/*
@@ -6701,15 +6753,24 @@ static int __io_uring_register(struct io_ring_ctx *ctx, unsigned opcode,
    		break;
    	ret = io_probe(ctx, arg, nr_args);
    	break;
+	case IORING_REGISTER_PERSONALITY:
+		ret = -EINVAL;
+		if (arg || nr_args)
+			break;
+		ret = io_register_personality(ctx);
+		break;
+	case IORING_UNREGISTER_PERSONALITY:
+		ret = -EINVAL;
+		if (arg)
+			break;
+		ret = io_unregister_personality(ctx, nr_args);
+		break;
    default:
    	ret = -EINVAL;
    	break;
    }
-
-	if (opcode != IORING_UNREGISTER_FILES &&
-	    opcode != IORING_REGISTER_FILES_UPDATE &&
-	    opcode != IORING_REGISTER_PROBE) {
+	if (io_register_op_must_quiesce(opcode)) {
    	/* bring the ctx back to life */
    	percpu_ref_reinit(&ctx->refs);
 out:
diff --git a/include/uapi/linux/io_uring.h b/include/uapi/linux/io_uring.h
index 4b5a3376d959..3c65bb6c3e97 100644
--- a/include/uapi/linux/io_uring.h
+++ b/include/uapi/linux/io_uring.h
@@ -210,6 +210,8 @@ struct io_uring_params {
 #define IORING_REGISTER_FILES_UPDATE	6
 #define IORING_REGISTER_EVENTFD_ASYNC	7
 #define IORING_REGISTER_PROBE		8
+#define IORING_REGISTER_PERSONALITY	9
+#define IORING_UNREGISTER_PERSONALITY	10
struct io_uring_files_update {
    __u32 offset;
-- 
2.25.1

    

2024

2023

2022

2021

2020

2019

[PATCH openEuler-1.0-LTS v2 372/771] io_uring: allow registering credentials