From patchwork Sat Jan 21 14:47:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chengen Du X-Patchwork-Id: 1729947 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=canonical.com header.i=@canonical.com header.a=rsa-sha256 header.s=20210705 header.b=a6uYAGtR; dkim-atps=neutral Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4NzfNK2gHGz23hH for ; Sun, 22 Jan 2023 01:47:29 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1pJF9O-0000AM-4g; Sat, 21 Jan 2023 14:47:22 +0000 Received: from smtp-relay-internal-1.internal ([10.131.114.114] helo=smtp-relay-internal-1.canonical.com) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1pJF9M-00009Y-LJ for kernel-team@lists.ubuntu.com; Sat, 21 Jan 2023 14:47:20 +0000 Received: from mail-pl1-f200.google.com (mail-pl1-f200.google.com [209.85.214.200]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 3C719418E4 for ; Sat, 21 Jan 2023 14:47:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1674312439; bh=1ztq/T5A7IJ8ZJQH6sMmUmwYtWPumVS2CgQ/e5H3sac=; h=From:To:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=a6uYAGtRv0NQPxgS25SNMMMiUv2pViPIsPUaLf/5WZVVWTZRYo+SFluxBAfnNXhHS wMFJcn3mmX9Mig1N19msVjuF4jsef6zv9fmLWGW/dgmHOP+xJAG64CaKn5RQs7rCBD M4Yg7Ze7agxC82h8YKFM1wXtbyDudRg3O7jbvUqXH+RqFs+MTH9Ig5Mr/4QL3HhjDt 48CX2KXI2vcYLfQiMf41a5vXYCn2X5oRh2oow/ZKd1CWXzCNgRpBFHIjiTUlwhSX4n TQNvsRvDH4JSVpxzmRwkL85HdWM+225Tw4JYIaDwJr6z5UJ481i8Xw9SAIuOzPc5Xc 1MW/PHU6TAWKw== Received: by mail-pl1-f200.google.com with SMTP id s5-20020a170903214500b00195e3b26848so2306153ple.7 for ; Sat, 21 Jan 2023 06:47:19 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=1ztq/T5A7IJ8ZJQH6sMmUmwYtWPumVS2CgQ/e5H3sac=; b=KxDhQ78ka/sE+8HFwec9PuxMrsTAid0m1wHxcJ1bN+2yrtmdVjJEzk0kY26r8yWq5I Z3QsLROx6BOX66ciXQUNzXeJRZtkb/YJg2yX4WOHU2f5IVXEkySZcHV3KEzm75P2fKeB B2BPgGyHggEiGPUO5JLe9WMFa4yBRi8vbKBh57SKc5J4MdfraLbdk7C7RN1EtgKKiRbo eK0FNqUYw67VbP+utDzoSq9VN4miqondlZH99C6q8k7Xz9u3+6RLZ1OlPiU8yRR/5x0C Lfou/C0FTMJUXq5eoH580dTD9uinSw6alY50DoGC7TrbuZo84CqYxl5jZdfqJQZM0iFx eiog== X-Gm-Message-State: AFqh2kqW/sRbb+KXsRFZp9M++A5ihadWPuYmZ4I82YT/7m6O1OZHKQ+1 Y+okymblkTDWU6y58tvA6Or3xi2EqNjmv/pG2bXfg6g6kQSaqs9CxG6I22yFncksmBPOSfJvIvV j6mcV3Yrxf8VyeuuGJv2b8defyB9Aq9KymknYtR3m6w== X-Received: by 2002:a17:902:b711:b0:185:50e4:f59c with SMTP id d17-20020a170902b71100b0018550e4f59cmr16473766pls.8.1674312437731; Sat, 21 Jan 2023 06:47:17 -0800 (PST) X-Google-Smtp-Source: AMrXdXtifwEI7t1UAGbkhQTkYanhGY9n6uRH6avGiS4fTqjEcswRp54oyxGkvbh+BqkJT83E/jNOSw== X-Received: by 2002:a17:902:b711:b0:185:50e4:f59c with SMTP id d17-20020a170902b71100b0018550e4f59cmr16473753pls.8.1674312437459; Sat, 21 Jan 2023 06:47:17 -0800 (PST) Received: from chengendu.. (111-248-116-144.dynamic-ip.hinet.net. [111.248.116.144]) by smtp.gmail.com with ESMTPSA id p5-20020a170902bd0500b001932a9e4f2csm25656235pls.255.2023.01.21.06.47.16 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 21 Jan 2023 06:47:17 -0800 (PST) From: Chengen Du To: kernel-team@lists.ubuntu.com Subject: [SRU][Bionic][PATCH 1/4] (upstream) cred: add cred_fscmp() for comparing creds. Date: Sat, 21 Jan 2023 22:47:10 +0800 Message-Id: <20230121144713.39111-2-chengen.du@canonical.com> X-Mailer: git-send-email 2.37.2 In-Reply-To: <20230121144713.39111-1-chengen.du@canonical.com> References: <20230121144713.39111-1-chengen.du@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: NeilBrown BugLink: https://bugs.launchpad.net/bugs/2003053 NFS needs to compare to credentials, to see if they can be treated the same w.r.t. filesystem access. Sometimes an ordering is needed when credentials are used as a key to an rbtree. NFS currently has its own private credential management from before 'struct cred' existed. To move it over to more consistent use of 'struct cred' we need a comparison function. This patch adds that function. Signed-off-by: NeilBrown Signed-off-by: Anna Schumaker (cherry picked from commit d89b22d46a40da3a1630ecea111beaf3ef10bc21) Signed-off-by: Chengen Du --- include/linux/cred.h | 1 + kernel/cred.c | 55 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 56 insertions(+) diff --git a/include/linux/cred.h b/include/linux/cred.h index 044c6b72d1e9..dbef5294121e 100644 --- a/include/linux/cred.h +++ b/include/linux/cred.h @@ -169,6 +169,7 @@ extern int change_create_files_as(struct cred *, struct inode *); extern int set_security_override(struct cred *, u32); extern int set_security_override_from_ctx(struct cred *, const char *); extern int set_create_files_as(struct cred *, struct inode *); +extern int cred_fscmp(const struct cred *, const struct cred *); extern void __init cred_init(void); /* diff --git a/kernel/cred.c b/kernel/cred.c index eed2bc6aa7d8..ca3ccdbccd7e 100644 --- a/kernel/cred.c +++ b/kernel/cred.c @@ -19,6 +19,7 @@ #include #include #include +#include #if 0 #define kdebug(FMT, ...) \ @@ -589,6 +590,60 @@ void revert_creds(const struct cred *old) } EXPORT_SYMBOL(revert_creds); +/** + * cred_fscmp - Compare two credentials with respect to filesystem access. + * @a: The first credential + * @b: The second credential + * + * cred_cmp() will return zero if both credentials have the same + * fsuid, fsgid, and supplementary groups. That is, if they will both + * provide the same access to files based on mode/uid/gid. + * If the credentials are different, then either -1 or 1 will + * be returned depending on whether @a comes before or after @b + * respectively in an arbitrary, but stable, ordering of credentials. + * + * Return: -1, 0, or 1 depending on comparison + */ +int cred_fscmp(const struct cred *a, const struct cred *b) +{ + struct group_info *ga, *gb; + int g; + + if (a == b) + return 0; + if (uid_lt(a->fsuid, b->fsuid)) + return -1; + if (uid_gt(a->fsuid, b->fsuid)) + return 1; + + if (gid_lt(a->fsgid, b->fsgid)) + return -1; + if (gid_gt(a->fsgid, b->fsgid)) + return 1; + + ga = a->group_info; + gb = b->group_info; + if (ga == gb) + return 0; + if (ga == NULL) + return -1; + if (gb == NULL) + return 1; + if (ga->ngroups < gb->ngroups) + return -1; + if (ga->ngroups > gb->ngroups) + return 1; + + for (g = 0; g < ga->ngroups; g++) { + if (gid_lt(ga->gid[g], gb->gid[g])) + return -1; + if (gid_gt(ga->gid[g], gb->gid[g])) + return 1; + } + return 0; +} +EXPORT_SYMBOL(cred_fscmp); + /* * initialise the credentials stuff */ From patchwork Sat Jan 21 14:47:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chengen Du X-Patchwork-Id: 1729948 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=canonical.com header.i=@canonical.com header.a=rsa-sha256 header.s=20210705 header.b=nBPUHPz9; dkim-atps=neutral Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4NzfNL1D5sz23hK for ; Sun, 22 Jan 2023 01:47:30 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1pJF9P-0000BQ-FS; Sat, 21 Jan 2023 14:47:23 +0000 Received: from smtp-relay-internal-1.internal ([10.131.114.114] helo=smtp-relay-internal-1.canonical.com) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1pJF9N-00009j-19 for kernel-team@lists.ubuntu.com; Sat, 21 Jan 2023 14:47:21 +0000 Received: from mail-pj1-f72.google.com (mail-pj1-f72.google.com [209.85.216.72]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id C6ED0418E4 for ; Sat, 21 Jan 2023 14:47:20 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1674312440; bh=KHeud4x8DYkt0LmbEtXun38Wko1mqDc6/VNe67/XaD8=; h=From:To:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=nBPUHPz9wTxrQMMccRgGiLIM2kOReto8jymHakyKaSXHgg2lfz2P4KmvxhJS4KkWG sV7k+UJnnmWAK9GObrOsT7iz0+h9F+ny3+lavmFq1ESoBTdciuK6GiaqHI1AZRfu0W D5GeWY8NzgMEESScJ9vvzlQWa3LTEkAp9OmJuf1WhbRfuyki74k6uRtKFBwKuu2i7f hYN2+JFTRRhDpBLGBo0UZ1ZjCCXRkH5UipIRlZkxSeXMS1mKk2CnbPN/tdrf0ow3qt Wya/GUPaIkSgIAUip4gsz5rPfrjFtwdyveKhEhhOxPt+vzX4QYLkcD2WUYGomWp21z dCHJg63ufh9qg== Received: by mail-pj1-f72.google.com with SMTP id h1-20020a17090a470100b0022646263abfso3594813pjg.6 for ; Sat, 21 Jan 2023 06:47:20 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=KHeud4x8DYkt0LmbEtXun38Wko1mqDc6/VNe67/XaD8=; b=hHbchdQDu0zAG1s48pe67QAzg6TT7N10+xZUAGvm8tEP5GPzutVhpwLZYiCD3paM5/ bjySAH+eozK6tJ996AtnCFTl23bh44U9L1OfQQnl0dRwtAaE8R2ymJK8RU/nn1nYZgsX Al64oowT/1bZm4clx/UuC2Qak6Y6O8GmRFR2ZvhzomO+zMUfZCVsXVc9RRuCK5Ue2y7g p1UVv7ZeTEypyY4TKct/bnmGEUVE+jZmIvI4Ss8m+dAIlM6xJprYfaA5wNkg5cpcD2Cj OkJdFGtdm9m573Gyf4N9YT+qcSRApDiGXURl9e2nUaOTJ8d7PsjkPICb8XeqFUqCfPmg Kv7A== X-Gm-Message-State: AFqh2kp/+Vwdh8JC/cHWt001HLigZuTG1WN8CF6XXb7RMMG6mvG62WtP PwWpvno1Bve0BtDyAjIhJ3vlneYz8LVp4uOYYKAMxYlCgAlnIYbUv328Z4n+KNw96syRKAXw/14 dzPr5E2UdaqGbagMlmxi+FG/ohX2wGXLWzcfwnnQ8NA== X-Received: by 2002:a17:902:c948:b0:194:6414:12e1 with SMTP id i8-20020a170902c94800b00194641412e1mr26934087pla.25.1674312438633; Sat, 21 Jan 2023 06:47:18 -0800 (PST) X-Google-Smtp-Source: AMrXdXuJnSd/yycsm4idWV++9Dhyb41QrVXj85yZUDZlWqwWOAXKOlzEsqj/EPOiysul3T0tJ6BW2w== X-Received: by 2002:a17:902:c948:b0:194:6414:12e1 with SMTP id i8-20020a170902c94800b00194641412e1mr26934076pla.25.1674312438353; Sat, 21 Jan 2023 06:47:18 -0800 (PST) Received: from chengendu.. (111-248-116-144.dynamic-ip.hinet.net. [111.248.116.144]) by smtp.gmail.com with ESMTPSA id p5-20020a170902bd0500b001932a9e4f2csm25656235pls.255.2023.01.21.06.47.17 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 21 Jan 2023 06:47:18 -0800 (PST) From: Chengen Du To: kernel-team@lists.ubuntu.com Subject: [SRU][Bionic][PATCH 2/4] (upstream) NFS: Clear the file access cache upon login Date: Sat, 21 Jan 2023 22:47:11 +0800 Message-Id: <20230121144713.39111-3-chengen.du@canonical.com> X-Mailer: git-send-email 2.37.2 In-Reply-To: <20230121144713.39111-1-chengen.du@canonical.com> References: <20230121144713.39111-1-chengen.du@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Trond Myklebust BugLink: https://bugs.launchpad.net/bugs/2003053 POSIX typically only refreshes the user's supplementary group information upon login. Since NFS servers may often refresh their concept of the user supplementary group membership at their own cadence, it is possible for the NFS client's access cache to become stale due to the user's group membership changing on the server after the user has already logged in on the client. While it is reasonable to expect that such group membership changes are rare, and that we do not want to optimise the cache to accommodate them, it is also not unreasonable for the user to expect that if they log out and log back in again, that the staleness would clear up. Reviewed-by: Benjamin Coddington Tested-by: Benjamin Coddington Signed-off-by: Trond Myklebust (backported from commit 0eb43812c0270ee3d005ff32f91f7d0a6c4943af) [chengen - adjust context and use current_cred() as the argument to get login time] Signed-off-by: Chengen Du --- fs/nfs/dir.c | 24 ++++++++++++++++++++++++ include/linux/nfs_fs.h | 1 + 2 files changed, 25 insertions(+) diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c index 7d9cf9f92b56..3ff938164381 100644 --- a/fs/nfs/dir.c +++ b/fs/nfs/dir.c @@ -2294,9 +2294,29 @@ static struct nfs_access_entry *nfs_access_search_rbtree(struct inode *inode, st return NULL; } +static u64 nfs_access_login_time(const struct task_struct *task, + const struct cred *cred) +{ + const struct task_struct *parent; + u64 ret; + + rcu_read_lock(); + for (;;) { + parent = rcu_dereference(task->real_parent); + if (parent == task || cred_fscmp(parent->cred, cred) != 0) + break; + task = parent; + } + ret = task->start_time; + rcu_read_unlock(); + return ret; +} + static int nfs_access_get_cached(struct inode *inode, struct rpc_cred *cred, struct nfs_access_entry *res, bool may_block) { struct nfs_inode *nfsi = NFS_I(inode); + const struct cred *cur_cred = current_cred(); + u64 login_time = nfs_access_login_time(current, cur_cred); struct nfs_access_entry *cache; bool retry = true; int err; @@ -2324,6 +2344,9 @@ static int nfs_access_get_cached(struct inode *inode, struct rpc_cred *cred, str spin_lock(&inode->i_lock); retry = false; } + err = -ENOENT; + if ((s64)(login_time - cache->timestamp) > 0) + goto out; res->cred = cache->cred; res->mask = cache->mask; list_move_tail(&cache->lru, &nfsi->access_cache_entry_lru); @@ -2387,6 +2410,7 @@ static void nfs_access_add_rbtree(struct inode *inode, struct nfs_access_entry * else goto found; } + set->timestamp = ktime_get_ns(); rb_link_node(&set->rb_node, parent, p); rb_insert_color(&set->rb_node, root_node); list_add_tail(&set->lru, &nfsi->access_cache_entry_lru); diff --git a/include/linux/nfs_fs.h b/include/linux/nfs_fs.h index 78ca796cd50e..21eeee96fa5a 100644 --- a/include/linux/nfs_fs.h +++ b/include/linux/nfs_fs.h @@ -52,6 +52,7 @@ struct nfs_access_entry { struct rb_node rb_node; struct list_head lru; struct rpc_cred * cred; + u64 timestamp; __u32 mask; struct rcu_head rcu_head; }; From patchwork Sat Jan 21 14:47:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chengen Du X-Patchwork-Id: 1729949 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=canonical.com header.i=@canonical.com header.a=rsa-sha256 header.s=20210705 header.b=ePgCDBKd; dkim-atps=neutral Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4NzfNP1drtz23gL for ; Sun, 22 Jan 2023 01:47:33 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1pJF9S-0000En-RA; Sat, 21 Jan 2023 14:47:26 +0000 Received: from smtp-relay-internal-1.internal ([10.131.114.114] helo=smtp-relay-internal-1.canonical.com) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1pJF9N-0000A2-Lm for kernel-team@lists.ubuntu.com; Sat, 21 Jan 2023 14:47:21 +0000 Received: from mail-pj1-f69.google.com (mail-pj1-f69.google.com [209.85.216.69]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 61A56418E4 for ; Sat, 21 Jan 2023 14:47:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1674312441; bh=R+MJbrG/B8IFBibVzML+G64akNZ8g7DkQpoULrR9sDA=; h=From:To:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=ePgCDBKdAagq6jsLFnqwulKCwjy3BpUnlVfG/4EBdFMPQCgZQEsn6AVEDg9rQdj3K UpJK7O+f4kNZBzvoAYds8wkawsOM0ib7nHiEL+qSJr+Fms1XuCnv8m+o5UaF8EDnMX DBoGWABnY/5bHQCXOg9O6qtDJR3Dtdp6hCY4q5IAkVsLK/hrFMOWQnpj8a5PWVapX5 6HlJgl835KlIyAp/GhuIU3WiWP9+hhPlNuAuhoDzoxMk9wCYlGa3kNozpoF3oUCYVV 0zkztz/6FDetoXOiDQuVPJe22EwnlrbjoMEMPWiYTS4BFpcvT9mzgY//ARE1wMLHGH Q0oG2Rhag/kvg== Received: by mail-pj1-f69.google.com with SMTP id pa16-20020a17090b265000b0020a71040b4cso3516738pjb.6 for ; Sat, 21 Jan 2023 06:47:21 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=R+MJbrG/B8IFBibVzML+G64akNZ8g7DkQpoULrR9sDA=; b=KgERAx9uv/SPKFWxPunCsrW7hkaji9spHv3yEAxYCkXHR14OHvVe8AeAJ4CZ8UQfE/ H4bKHFc/lFICerbNjhI2GQ3NHGAI9iU6FmVLgl15U/eGyOXCfUUeQAHrpz5Hp7OpBW7f 3dkXfxdGv0lZyDjfBm8k9C9x+xv4WesdCUuvW/MP29+MKsiFfvIe3dA6sff78VWg5PAM xG4kpsaZQwvvfmf02u7hCWXhW91FDW12+6ZWVM2V91TNKxARowXvqch7hk172rZx/TDm U9kznkStNd+VDTSG4kE6JQ8+f78keCOAHhnS/PGEDOb1VtmXZ/RZYPIf/HohK88dsLhh Rlow== X-Gm-Message-State: AFqh2kpqthnwSum1B6sdCTMjVHc2UrxY4mGwhzvUF3eaCUf4HRh/FiCm b75CjIPfpdRI56f2FFkky3loXVgwwlkcqJ0WEyOMhzj/vHj23PySVzDAxrqRVxHADRWByeN8v8B 6pb7r7NX6ks7yHJ4qil1MX/DJWO4KfxuUUocUa/Cf3w== X-Received: by 2002:a17:902:db01:b0:195:efb2:6c6d with SMTP id m1-20020a170902db0100b00195efb26c6dmr5752173plx.45.1674312439894; Sat, 21 Jan 2023 06:47:19 -0800 (PST) X-Google-Smtp-Source: AMrXdXvfy0wg1ng0VrL9soxIx6zPVTE/ysDTZPKhgV+BgMCDhG7cGE+eQz8PrHf5+JvF8XtVny0r6g== X-Received: by 2002:a17:902:db01:b0:195:efb2:6c6d with SMTP id m1-20020a170902db0100b00195efb26c6dmr5752158plx.45.1674312439558; Sat, 21 Jan 2023 06:47:19 -0800 (PST) Received: from chengendu.. (111-248-116-144.dynamic-ip.hinet.net. [111.248.116.144]) by smtp.gmail.com with ESMTPSA id p5-20020a170902bd0500b001932a9e4f2csm25656235pls.255.2023.01.21.06.47.18 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 21 Jan 2023 06:47:19 -0800 (PST) From: Chengen Du To: kernel-team@lists.ubuntu.com Subject: [SRU][Bionic][PATCH 3/4] (upstream) NFS: Judge the file access cache's timestamp in rcu path Date: Sat, 21 Jan 2023 22:47:12 +0800 Message-Id: <20230121144713.39111-4-chengen.du@canonical.com> X-Mailer: git-send-email 2.37.2 In-Reply-To: <20230121144713.39111-1-chengen.du@canonical.com> References: <20230121144713.39111-1-chengen.du@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" BugLink: https://bugs.launchpad.net/bugs/2003053 If the user's login time is newer than the cache's timestamp, we expect the cache may be stale and need to clear. The stale cache will remain in the list's tail if no other users operate on that inode. Once the user accesses the inode, the stale cache will be returned in rcu path. Signed-off-by: Chengen Du Signed-off-by: Trond Myklebust (backported from commit 029085b8949f5d269ae2bbd14915407dd0c7f902) [chengen - use current_cred() as the argument to get login time] Signed-off-by: Chengen Du --- fs/nfs/dir.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c index 3ff938164381..9a39bb94d5d8 100644 --- a/fs/nfs/dir.c +++ b/fs/nfs/dir.c @@ -2366,6 +2366,8 @@ static int nfs_access_get_cached_rcu(struct inode *inode, struct rpc_cred *cred, * but do it without locking. */ struct nfs_inode *nfsi = NFS_I(inode); + const struct cred *cur_cred = current_cred(); + u64 login_time = nfs_access_login_time(current, cur_cred); struct nfs_access_entry *cache; int err = -ECHILD; struct list_head *lh; @@ -2380,6 +2382,8 @@ static int nfs_access_get_cached_rcu(struct inode *inode, struct rpc_cred *cred, cache = NULL; if (cache == NULL) goto out; + if ((s64)(login_time - cache->timestamp) > 0) + goto out; if (nfs_check_cache_invalid(inode, NFS_INO_INVALID_ACCESS)) goto out; res->cred = cache->cred; From patchwork Sat Jan 21 14:47:13 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chengen Du X-Patchwork-Id: 1729950 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=canonical.com header.i=@canonical.com header.a=rsa-sha256 header.s=20210705 header.b=jK/Nanbl; dkim-atps=neutral Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4NzfNQ2Px6z23gL for ; Sun, 22 Jan 2023 01:47:34 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1pJF9T-0000FT-7E; Sat, 21 Jan 2023 14:47:27 +0000 Received: from smtp-relay-internal-1.internal ([10.131.114.114] helo=smtp-relay-internal-1.canonical.com) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1pJF9P-0000Az-0C for kernel-team@lists.ubuntu.com; Sat, 21 Jan 2023 14:47:23 +0000 Received: from mail-pj1-f71.google.com (mail-pj1-f71.google.com [209.85.216.71]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 8C4C5418E4 for ; Sat, 21 Jan 2023 14:47:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1674312442; bh=0bl0UGbtEp0YresrzuBy4C9WetOQWvdy91vfOBslV1c=; h=From:To:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=jK/NanblYblcV50/P8Z2t0OjVs+SXfoign6USndzxta6WNHiA1rF7uDrIrsxoWlMF Xt9LSDTqG/5FkU/SIj5OKH4l4c2hxMDm97MSZcX4rI+71juW96g/Iw9kWWKgQfk2i8 YKEDr5ZDxhPbRMn2AP24PBBXYen/8nn4hy4SCt68O2Ycv+EWL1jlPVr0FdP5097dJ+ J37nYMdHtl2zdXwdjhsBjIDfqLee5F2agl6wVaw/q4W0M2XEyoporGO7kjlOLCCXra cxADmEYKikScz1dh1KL45spv3riEtEMammBkscQR6fcKQrESmdne/aZIAqTbGzpoeY uLOjaWGsdwqvQ== Received: by mail-pj1-f71.google.com with SMTP id nb8-20020a17090b35c800b0022bb3fd0718so1662850pjb.4 for ; Sat, 21 Jan 2023 06:47:22 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0bl0UGbtEp0YresrzuBy4C9WetOQWvdy91vfOBslV1c=; b=DeyAxEDGy42iPHAJ6BHYk060sDA8oR7kZSE4e5XmsMSvpBLzUkskbuHFri75v6227p Pk0NIV2IJgkiKBXaovRJdBnrDgN7zJixjp11ZrFWVd1vqp+nzzVp2g3TKMethUnJy/Ue VA+nR7ciqLJxzcCg1Y9/hJEAvrn/1+9lnOt015GuqmazRbvSV+GNABB8ZMn36mkJcB6H rUUA8dyrb2hUnG0p5tpR2w5KQ68xxS24/AU1Uu+7R8NzOMYbQHLMDcdpF0UZe+O1EDyf qIG6LzyQvtdD4w/Ht1q5Jt2gDrD+HSA2Y3KIGmMNOvMee3l6hhtijqGAf/TWoqS/uENe B3Cw== X-Gm-Message-State: AFqh2krUOup2xIh4DcIMtMwATs437WFjJ3Z8ODYyYhumCZc5AkR+azWH x2ivggvNwh8aKBiiZmaQsrwA8tX4xMcnXYfrt5SRzrHGCw4Gkk+CAZ9vFqoHhOcwXR7Fs5mdRIR gFAo84Tqc/5cqymvVV10cQBSaParFtzy7A5s/xiO2EQ== X-Received: by 2002:a05:6a21:170d:b0:b6:3a0:6ec1 with SMTP id nv13-20020a056a21170d00b000b603a06ec1mr17326178pzb.25.1674312440975; Sat, 21 Jan 2023 06:47:20 -0800 (PST) X-Google-Smtp-Source: AMrXdXuAwm6wjq72FQPcuCBO/fYnasbjZGcfIzJnFqczrEH23plcs7TKDOM2X+mYyW6tizeICrER/A== X-Received: by 2002:a05:6a21:170d:b0:b6:3a0:6ec1 with SMTP id nv13-20020a056a21170d00b000b603a06ec1mr17326171pzb.25.1674312440703; Sat, 21 Jan 2023 06:47:20 -0800 (PST) Received: from chengendu.. (111-248-116-144.dynamic-ip.hinet.net. [111.248.116.144]) by smtp.gmail.com with ESMTPSA id p5-20020a170902bd0500b001932a9e4f2csm25656235pls.255.2023.01.21.06.47.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 21 Jan 2023 06:47:20 -0800 (PST) From: Chengen Du To: kernel-team@lists.ubuntu.com Subject: [SRU][Bionic][PATCH 4/4] (upstream) NFS: Fix up a sparse warning Date: Sat, 21 Jan 2023 22:47:13 +0800 Message-Id: <20230121144713.39111-5-chengen.du@canonical.com> X-Mailer: git-send-email 2.37.2 In-Reply-To: <20230121144713.39111-1-chengen.du@canonical.com> References: <20230121144713.39111-1-chengen.du@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Trond Myklebust BugLink: https://bugs.launchpad.net/bugs/2003053 sparse is warning about an incorrect RCU dereference. fs/nfs/dir.c:2965:56: warning: incorrect type in argument 1 (different address spaces) fs/nfs/dir.c:2965:56: expected struct cred const * fs/nfs/dir.c:2965:56: got struct cred const [noderef] __rcu *const cred Signed-off-by: Trond Myklebust (cherry picked from commit 5e9a7b9c2ea18551759833146a181b14835bfe39) Signed-off-by: Chengen Du --- fs/nfs/dir.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c index 9a39bb94d5d8..b98b19ca367c 100644 --- a/fs/nfs/dir.c +++ b/fs/nfs/dir.c @@ -2298,12 +2298,14 @@ static u64 nfs_access_login_time(const struct task_struct *task, const struct cred *cred) { const struct task_struct *parent; + const struct cred *pcred; u64 ret; rcu_read_lock(); for (;;) { parent = rcu_dereference(task->real_parent); - if (parent == task || cred_fscmp(parent->cred, cred) != 0) + pcred = rcu_dereference(parent->cred); + if (parent == task || cred_fscmp(pcred, cred) != 0) break; task = parent; }