--- /dev/null
+From f8fa5d76925991976b3e7076f9d1052515ec1fca Mon Sep 17 00:00:00 2001
+From: Jens Axboe <axboe@kernel.dk>
+Date: Fri, 15 Dec 2023 13:24:10 -0700
+Subject: cred: switch to using atomic_long_t
+
+From: Jens Axboe <axboe@kernel.dk>
+
+commit f8fa5d76925991976b3e7076f9d1052515ec1fca upstream.
+
+There are multiple ways to grab references to credentials, and the only
+protection we have against overflowing it is the memory required to do
+so.
+
+With memory sizes only moving in one direction, let's bump the reference
+count to 64-bit and move it outside the realm of feasibly overflowing.
+
+Signed-off-by: Jens Axboe <axboe@kernel.dk>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ include/linux/cred.h | 8 +++---
+ kernel/cred.c | 64 +++++++++++++++++++++++++--------------------------
+ 2 files changed, 36 insertions(+), 36 deletions(-)
+
+--- a/include/linux/cred.h
++++ b/include/linux/cred.h
+@@ -108,7 +108,7 @@ static inline int groups_search(const st
+ * same context as task->real_cred.
+ */
+ struct cred {
+- atomic_t usage;
++ atomic_long_t usage;
+ #ifdef CONFIG_DEBUG_CREDENTIALS
+ atomic_t subscribers; /* number of processes subscribed */
+ void *put_addr;
+@@ -228,7 +228,7 @@ static inline bool cap_ambient_invariant
+ */
+ static inline struct cred *get_new_cred(struct cred *cred)
+ {
+- atomic_inc(&cred->usage);
++ atomic_long_inc(&cred->usage);
+ return cred;
+ }
+
+@@ -260,7 +260,7 @@ static inline const struct cred *get_cre
+ struct cred *nonconst_cred = (struct cred *) cred;
+ if (!cred)
+ return NULL;
+- if (!atomic_inc_not_zero(&nonconst_cred->usage))
++ if (!atomic_long_inc_not_zero(&nonconst_cred->usage))
+ return NULL;
+ validate_creds(cred);
+ nonconst_cred->non_rcu = 0;
+@@ -284,7 +284,7 @@ static inline void put_cred(const struct
+
+ if (cred) {
+ validate_creds(cred);
+- if (atomic_dec_and_test(&(cred)->usage))
++ if (atomic_long_dec_and_test(&(cred)->usage))
+ __put_cred(cred);
+ }
+ }
+--- a/kernel/cred.c
++++ b/kernel/cred.c
+@@ -99,17 +99,17 @@ static void put_cred_rcu(struct rcu_head
+
+ #ifdef CONFIG_DEBUG_CREDENTIALS
+ if (cred->magic != CRED_MAGIC_DEAD ||
+- atomic_read(&cred->usage) != 0 ||
++ atomic_long_read(&cred->usage) != 0 ||
+ read_cred_subscribers(cred) != 0)
+ panic("CRED: put_cred_rcu() sees %p with"
+- " mag %x, put %p, usage %d, subscr %d\n",
++ " mag %x, put %p, usage %ld, subscr %d\n",
+ cred, cred->magic, cred->put_addr,
+- atomic_read(&cred->usage),
++ atomic_long_read(&cred->usage),
+ read_cred_subscribers(cred));
+ #else
+- if (atomic_read(&cred->usage) != 0)
+- panic("CRED: put_cred_rcu() sees %p with usage %d\n",
+- cred, atomic_read(&cred->usage));
++ if (atomic_long_read(&cred->usage) != 0)
++ panic("CRED: put_cred_rcu() sees %p with usage %ld\n",
++ cred, atomic_long_read(&cred->usage));
+ #endif
+
+ security_cred_free(cred);
+@@ -134,11 +134,11 @@ static void put_cred_rcu(struct rcu_head
+ */
+ void __put_cred(struct cred *cred)
+ {
+- kdebug("__put_cred(%p{%d,%d})", cred,
+- atomic_read(&cred->usage),
++ kdebug("__put_cred(%p{%ld,%d})", cred,
++ atomic_long_read(&cred->usage),
+ read_cred_subscribers(cred));
+
+- BUG_ON(atomic_read(&cred->usage) != 0);
++ BUG_ON(atomic_long_read(&cred->usage) != 0);
+ #ifdef CONFIG_DEBUG_CREDENTIALS
+ BUG_ON(read_cred_subscribers(cred) != 0);
+ cred->magic = CRED_MAGIC_DEAD;
+@@ -161,8 +161,8 @@ void exit_creds(struct task_struct *tsk)
+ {
+ struct cred *cred;
+
+- kdebug("exit_creds(%u,%p,%p,{%d,%d})", tsk->pid, tsk->real_cred, tsk->cred,
+- atomic_read(&tsk->cred->usage),
++ kdebug("exit_creds(%u,%p,%p,{%ld,%d})", tsk->pid, tsk->real_cred, tsk->cred,
++ atomic_long_read(&tsk->cred->usage),
+ read_cred_subscribers(tsk->cred));
+
+ cred = (struct cred *) tsk->real_cred;
+@@ -221,7 +221,7 @@ struct cred *cred_alloc_blank(void)
+ if (!new)
+ return NULL;
+
+- atomic_set(&new->usage, 1);
++ atomic_long_set(&new->usage, 1);
+ #ifdef CONFIG_DEBUG_CREDENTIALS
+ new->magic = CRED_MAGIC;
+ #endif
+@@ -267,7 +267,7 @@ struct cred *prepare_creds(void)
+ memcpy(new, old, sizeof(struct cred));
+
+ new->non_rcu = 0;
+- atomic_set(&new->usage, 1);
++ atomic_long_set(&new->usage, 1);
+ set_cred_subscribers(new, 0);
+ get_group_info(new->group_info);
+ get_uid(new->user);
+@@ -355,8 +355,8 @@ int copy_creds(struct task_struct *p, un
+ p->real_cred = get_cred(p->cred);
+ get_cred(p->cred);
+ alter_cred_subscribers(p->cred, 2);
+- kdebug("share_creds(%p{%d,%d})",
+- p->cred, atomic_read(&p->cred->usage),
++ kdebug("share_creds(%p{%ld,%d})",
++ p->cred, atomic_long_read(&p->cred->usage),
+ read_cred_subscribers(p->cred));
+ inc_rlimit_ucounts(task_ucounts(p), UCOUNT_RLIMIT_NPROC, 1);
+ return 0;
+@@ -449,8 +449,8 @@ int commit_creds(struct cred *new)
+ struct task_struct *task = current;
+ const struct cred *old = task->real_cred;
+
+- kdebug("commit_creds(%p{%d,%d})", new,
+- atomic_read(&new->usage),
++ kdebug("commit_creds(%p{%ld,%d})", new,
++ atomic_long_read(&new->usage),
+ read_cred_subscribers(new));
+
+ BUG_ON(task->cred != old);
+@@ -459,7 +459,7 @@ int commit_creds(struct cred *new)
+ validate_creds(old);
+ validate_creds(new);
+ #endif
+- BUG_ON(atomic_read(&new->usage) < 1);
++ BUG_ON(atomic_long_read(&new->usage) < 1);
+
+ get_cred(new); /* we will require a ref for the subj creds too */
+
+@@ -532,14 +532,14 @@ EXPORT_SYMBOL(commit_creds);
+ */
+ void abort_creds(struct cred *new)
+ {
+- kdebug("abort_creds(%p{%d,%d})", new,
+- atomic_read(&new->usage),
++ kdebug("abort_creds(%p{%ld,%d})", new,
++ atomic_long_read(&new->usage),
+ read_cred_subscribers(new));
+
+ #ifdef CONFIG_DEBUG_CREDENTIALS
+ BUG_ON(read_cred_subscribers(new) != 0);
+ #endif
+- BUG_ON(atomic_read(&new->usage) < 1);
++ BUG_ON(atomic_long_read(&new->usage) < 1);
+ put_cred(new);
+ }
+ EXPORT_SYMBOL(abort_creds);
+@@ -555,8 +555,8 @@ const struct cred *override_creds(const
+ {
+ const struct cred *old = current->cred;
+
+- kdebug("override_creds(%p{%d,%d})", new,
+- atomic_read(&new->usage),
++ kdebug("override_creds(%p{%ld,%d})", new,
++ atomic_long_read(&new->usage),
+ read_cred_subscribers(new));
+
+ validate_creds(old);
+@@ -578,8 +578,8 @@ const struct cred *override_creds(const
+ rcu_assign_pointer(current->cred, new);
+ alter_cred_subscribers(old, -1);
+
+- kdebug("override_creds() = %p{%d,%d}", old,
+- atomic_read(&old->usage),
++ kdebug("override_creds() = %p{%ld,%d}", old,
++ atomic_long_read(&old->usage),
+ read_cred_subscribers(old));
+ return old;
+ }
+@@ -596,8 +596,8 @@ void revert_creds(const struct cred *old
+ {
+ const struct cred *override = current->cred;
+
+- kdebug("revert_creds(%p{%d,%d})", old,
+- atomic_read(&old->usage),
++ kdebug("revert_creds(%p{%ld,%d})", old,
++ atomic_long_read(&old->usage),
+ read_cred_subscribers(old));
+
+ validate_creds(old);
+@@ -729,7 +729,7 @@ struct cred *prepare_kernel_cred(struct
+
+ *new = *old;
+ new->non_rcu = 0;
+- atomic_set(&new->usage, 1);
++ atomic_long_set(&new->usage, 1);
+ set_cred_subscribers(new, 0);
+ get_uid(new->user);
+ get_user_ns(new->user_ns);
+@@ -843,8 +843,8 @@ static void dump_invalid_creds(const str
+ cred == tsk->cred ? "[eff]" : "");
+ printk(KERN_ERR "CRED: ->magic=%x, put_addr=%p\n",
+ cred->magic, cred->put_addr);
+- printk(KERN_ERR "CRED: ->usage=%d, subscr=%d\n",
+- atomic_read(&cred->usage),
++ printk(KERN_ERR "CRED: ->usage=%ld, subscr=%d\n",
++ atomic_long_read(&cred->usage),
+ read_cred_subscribers(cred));
+ printk(KERN_ERR "CRED: ->*uid = { %d,%d,%d,%d }\n",
+ from_kuid_munged(&init_user_ns, cred->uid),
+@@ -916,9 +916,9 @@ EXPORT_SYMBOL(__validate_process_creds);
+ */
+ void validate_creds_for_do_exit(struct task_struct *tsk)
+ {
+- kdebug("validate_creds_for_do_exit(%p,%p{%d,%d})",
++ kdebug("validate_creds_for_do_exit(%p,%p{%ld,%d})",
+ tsk->real_cred, tsk->cred,
+- atomic_read(&tsk->cred->usage),
++ atomic_long_read(&tsk->cred->usage),
+ read_cred_subscribers(tsk->cred));
+
+ __validate_process_creds(tsk, __FILE__, __LINE__);
projects / thirdparty / kernel / stable-queue.git / commitdiff
