From patchwork Tue Nov 14 21:57:12 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: tip-bot2 for Thomas Gleixner <tip-bot2@linutronix.de>
X-Patchwork-Id: 165105
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:6358:a59:b0:164:83eb:24d7 with SMTP id 25csp2226774rwb;
        Tue, 14 Nov 2023 13:58:00 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IGoy8LZ+lqT1n5Nlo21m5+KZtkemh+JEbANe3593yFI8nLywQjgt+gBweLUbY9T4nN5SH/N
X-Received: by 2002:a17:902:7c96:b0:1cc:3f6b:a4b6 with SMTP id
 y22-20020a1709027c9600b001cc3f6ba4b6mr2701173pll.56.1699999079918;
        Tue, 14 Nov 2023 13:57:59 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1699999079; cv=none;
        d=google.com; s=arc-20160816;
        b=KPcHzZrIyzzfq0BeX7KXQZo5QFzw8QQM/1ogce41kkk/W8Hx1z0h4jBV1QsGuLClOZ
         Psao6+pCMcmhip3RZN+LAaR1ZmXugub4+RQciH0K8wN81KErkusKYsJOY4aznWvYavnh
         szFAZSPLtRKPjFkiytUMlG+sOPtEKhJ+dmmqfLMze8rJZkoURoZPqX0vLTkKhlVKK86R
         RRzX9m1S9BlWxRwF9wZjeeQmU2dKTZ2AWN2vkCO7lKU28ArdXfQBj4YjUn9vmIcsYsib
         EIidAG0adFYRqvpfsyrZyFOuyTynKPB9jG7ONBuSdmzx61d4pIeulKd5irpa3lOio3js
         AR0Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:robot-unsubscribe
         :robot-id:message-id:mime-version:references:in-reply-to:cc:subject
         :to:reply-to:sender:from:dkim-signature:dkim-signature:date;
        bh=ZyNm6zjsHnLhgpddgvEBkRYkAW72R/W124on/N7HXhQ=;
        fh=NlXJTFp2n2l23T5Z2O2oY2W5vvDOu9yuUqq0tk+l3mY=;
        b=iCksP/jvf08q1jrWMPv7WCmBeCi3kH2KCrSukHUWT9QEy+o8ltKKh0mSdfkRTIolNh
         QKjmM4BCQEwOHhw/U/Se730utsScDaINJS1s178+sOYLuGAgz5U7wUATPpC2Dfj/ZTen
         97/tEaJ1MP55rmjfPi/V+xqnla6Wh5Kw28xg2eoBvuegQayFInJsP32qgqFyRyloCHFw
         7ZDMwraRpgu97fKfBptZ50xmNyDwolI3yBal38wZ0jRfcfoCr+fPCvO0sV84q/RRtzVR
         cQo7zjKPsk+wLMkedgZM5AXFKMZRR9eaxEmlUgTKkhNofMyNZS65nbEe64/N05cF7lZR
         lV/Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linutronix.de header.s=2020 header.b=RXqACAOy;
       dkim=neutral (no key) header.i=@linutronix.de header.s=2020e;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::3:3 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de
Received: from lipwig.vger.email (lipwig.vger.email. [2620:137:e000::3:3])
        by mx.google.com with ESMTPS id
 jf1-20020a170903268100b001c7347e993esi8104821plb.17.2023.11.14.13.57.59
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 14 Nov 2023 13:57:59 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::3:3 as permitted sender)
 client-ip=2620:137:e000::3:3;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linutronix.de header.s=2020 header.b=RXqACAOy;
       dkim=neutral (no key) header.i=@linutronix.de header.s=2020e;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::3:3 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by lipwig.vger.email (Postfix) with ESMTP id E63668032FB6;
	Tue, 14 Nov 2023 13:57:46 -0800 (PST)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.11 at lipwig.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S234112AbjKNV5V (ORCPT <rfc822;lhua1029@gmail.com> + 29 others);
        Tue, 14 Nov 2023 16:57:21 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52438 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S233920AbjKNV5S (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 14 Nov 2023 16:57:18 -0500
Received: from galois.linutronix.de (Galois.linutronix.de
 [IPv6:2a0a:51c0:0:12e:550::1])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C4B93E3;
        Tue, 14 Nov 2023 13:57:14 -0800 (PST)
Date: Tue, 14 Nov 2023 21:57:12 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de;
        s=2020; t=1699999033;
        h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date:
         message-id:message-id:to:to:cc:cc:mime-version:mime-version:
         content-type:content-type:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=ZyNm6zjsHnLhgpddgvEBkRYkAW72R/W124on/N7HXhQ=;
        b=RXqACAOycE+0B7DF0wNmMg1GIBxrOKNSMruSmAtkxpoiLhimNsrHVBqMwQ4GKqL98nCfYu
        ZYaf2QxRi5EF7nhZwWfKIwJhASh2pTL328aqQXCzS8Q86Dd0lQd/vQuRqv3tqE+KOQssO7
        oZed/4x6E11Jf6tSef2htk27w07W9prVy5hZnfoG3loHIV+7xuYOdxxPiy3SWr3OYMn03v
        u04z9z8kHnaKtbrV1FiXrVY9ejQDdWrhrV/o9ypUL3LJshFNbnI4IcWrezKHieCt0upRTy
        yyKqx0wvmZhjO+qwJk0PemSO2DLPKLtPOB5XwDLEAmgBiVWZnm5w0EHxc+Kjlg==
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de;
        s=2020e; t=1699999033;
        h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date:
         message-id:message-id:to:to:cc:cc:mime-version:mime-version:
         content-type:content-type:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=ZyNm6zjsHnLhgpddgvEBkRYkAW72R/W124on/N7HXhQ=;
        b=2A+xYwJBgsmiTPqhY0xQDQLlo59Vo7phk2vpAAyUlTIWmriAAoikwD+lOcSvARC+RB6/Gu
        RW7nCU7NM5w+k0DQ==
From: "tip-bot2 for Johannes Weiner" <tip-bot2@linutronix.de>
Sender: tip-bot2@linutronix.de
Reply-to: linux-kernel@vger.kernel.org
To: linux-tip-commits@vger.kernel.org
Subject: [tip: sched/urgent] sched: psi: fix unprivileged polling against
 cgroups
Cc: Luca Boccassi <bluca@debian.org>,
        Johannes Weiner <hannes@cmpxchg.org>,
        "Peter Zijlstra (Intel)" <peterz@infradead.org>,
        Suren Baghdasaryan <surenb@google.com>, stable@vger.kernel.org,
        #@tip-bot2.tec.linutronix.de, 6.5+@tip-bot2.tec.linutronix.de,
        x86@kernel.org, linux-kernel@vger.kernel.org
In-Reply-To: <20231026164114.2488682-1-hannes@cmpxchg.org>
References: <20231026164114.2488682-1-hannes@cmpxchg.org>
MIME-Version: 1.0
Message-ID: <169999903275.391.5317186908629148143.tip-bot2@tip-bot2>
Robot-ID: <tip-bot2@linutronix.de>
Robot-Unsubscribe: Contact <mailto:tglx@linutronix.de> to get blacklisted from
 these emails
X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,
	SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable
	autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
 not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]);
 Tue, 14 Nov 2023 13:57:47 -0800 (PST)
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1780837005989419968
X-GMAIL-MSGID: 1782578235130018586

The following commit has been merged into the sched/urgent branch of tip:

Commit-ID:     8b39d20eceeda6c4eb23df1497f9ed2fffdc8f69
Gitweb:        https://git.kernel.org/tip/8b39d20eceeda6c4eb23df1497f9ed2fffdc8f69
Author:        Johannes Weiner <hannes@cmpxchg.org>
AuthorDate:    Thu, 26 Oct 2023 12:41:14 -04:00
Committer:     Peter Zijlstra <peterz@infradead.org>
CommitterDate: Tue, 14 Nov 2023 22:27:00 +01:00

sched: psi: fix unprivileged polling against cgroups

519fabc7aaba ("psi: remove 500ms min window size limitation for
triggers") breaks unprivileged psi polling on cgroups.

Historically, we had a privilege check for polling in the open() of a
pressure file in /proc, but were erroneously missing it for the open()
of cgroup pressure files.

When unprivileged polling was introduced in d82caa273565 ("sched/psi:
Allow unprivileged polling of N*2s period"), it needed to filter
privileges depending on the exact polling parameters, and as such
moved the CAP_SYS_RESOURCE check from the proc open() callback to
psi_trigger_create(). Both the proc files as well as cgroup files go
through this during write(). This implicitly added the missing check
for privileges required for HT polling for cgroups.

When 519fabc7aaba ("psi: remove 500ms min window size limitation for
triggers") followed right after to remove further restrictions on the
RT polling window, it incorrectly assumed the cgroup privilege check
was still missing and added it to the cgroup open(), mirroring what we
used to do for proc files in the past.

As a result, unprivileged poll requests that would be supported now
get rejected when opening the cgroup pressure file for writing.

Remove the cgroup open() check. psi_trigger_create() handles it.

Fixes: 519fabc7aaba ("psi: remove 500ms min window size limitation for triggers")
Reported-by: Luca Boccassi <bluca@debian.org>
Signed-off-by: Johannes Weiner <hannes@cmpxchg.org>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Acked-by: Luca Boccassi <bluca@debian.org>
Acked-by: Suren Baghdasaryan <surenb@google.com>
Cc: stable@vger.kernel.org # 6.5+
Link: https://lore.kernel.org/r/20231026164114.2488682-1-hannes@cmpxchg.org
---
 kernel/cgroup/cgroup.c | 12 ------------
 1 file changed, 12 deletions(-)

diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
index 1d5b9de..4b9ff41 100644
--- a/kernel/cgroup/cgroup.c
+++ b/kernel/cgroup/cgroup.c
@@ -3885,14 +3885,6 @@ static __poll_t cgroup_pressure_poll(struct kernfs_open_file *of,
 	return psi_trigger_poll(&ctx->psi.trigger, of->file, pt);
 }
 
-static int cgroup_pressure_open(struct kernfs_open_file *of)
-{
-	if (of->file->f_mode & FMODE_WRITE && !capable(CAP_SYS_RESOURCE))
-		return -EPERM;
-
-	return 0;
-}
-
 static void cgroup_pressure_release(struct kernfs_open_file *of)
 {
 	struct cgroup_file_ctx *ctx = of->priv;
@@ -5299,7 +5291,6 @@ static struct cftype cgroup_psi_files[] = {
 	{
 		.name = "io.pressure",
 		.file_offset = offsetof(struct cgroup, psi_files[PSI_IO]),
-		.open = cgroup_pressure_open,
 		.seq_show = cgroup_io_pressure_show,
 		.write = cgroup_io_pressure_write,
 		.poll = cgroup_pressure_poll,
@@ -5308,7 +5299,6 @@ static struct cftype cgroup_psi_files[] = {
 	{
 		.name = "memory.pressure",
 		.file_offset = offsetof(struct cgroup, psi_files[PSI_MEM]),
-		.open = cgroup_pressure_open,
 		.seq_show = cgroup_memory_pressure_show,
 		.write = cgroup_memory_pressure_write,
 		.poll = cgroup_pressure_poll,
@@ -5317,7 +5307,6 @@ static struct cftype cgroup_psi_files[] = {
 	{
 		.name = "cpu.pressure",
 		.file_offset = offsetof(struct cgroup, psi_files[PSI_CPU]),
-		.open = cgroup_pressure_open,
 		.seq_show = cgroup_cpu_pressure_show,
 		.write = cgroup_cpu_pressure_write,
 		.poll = cgroup_pressure_poll,
@@ -5327,7 +5316,6 @@ static struct cftype cgroup_psi_files[] = {
 	{
 		.name = "irq.pressure",
 		.file_offset = offsetof(struct cgroup, psi_files[PSI_IRQ]),
-		.open = cgroup_pressure_open,
 		.seq_show = cgroup_irq_pressure_show,
 		.write = cgroup_irq_pressure_write,
 		.poll = cgroup_pressure_poll,