From patchwork Mon Mar 27 18:22:51 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Christian Brauner <brauner@kernel.org>
X-Patchwork-Id: 75612
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp1711129vqo;
        Mon, 27 Mar 2023 11:32:31 -0700 (PDT)
X-Google-Smtp-Source: 
 AKy350ajLytug8m+QsreNr5/HsiQ1nV59FmM4Drn5DwQJUwaQNsMwfqgJZynsqlEwNjWwJceKr2n
X-Received: by 2002:aa7:c98b:0:b0:500:4c0e:cb8d with SMTP id
 c11-20020aa7c98b000000b005004c0ecb8dmr13693628edt.5.1679941951779;
        Mon, 27 Mar 2023 11:32:31 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1679941951; cv=none;
        d=google.com; s=arc-20160816;
        b=DjdkVlTm+fLmbwKlx5UNxSkIM3s29pS8habtm7uj6c+c+b+W5XqTIL43L4fAismP+a
         pNca1ht+u2Wuv6/ZWkf3iYFXnFM/c6rVm1qEnC85G2aUK/18U4qdlHoHJGcCn7l1KTuM
         l1jImJoT0ZbxTSnoUOli1TV3zHTEf187PaHxT6q6m/kYaF1NrRo0olCglCm/j09/Rxy7
         OWzk97ISW58fa5JxxKTMHetr2NSavQoY12Mp4EjPJ7dY/RizGD/TDRgFzEiyqz1VRjkp
         yt0b+qv81859d3hSiVq1M9bwrNSwUID8iZFaauDh2rVgWbnw9tepxnF3yqRnz8zxd6Hw
         pHMg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:cc:to:in-reply-to:references:message-id
         :content-transfer-encoding:mime-version:subject:date:from
         :dkim-signature;
        bh=PYh1Jm7PrMFjgaElC8P/RlTVpN04+yUS46u8mZ1DYEE=;
        b=T+4A9JEL+u4AtERnioZUidd8yiHvX+Iyk5gi4it+6tHtGrjKRTDsvbZmpwzHVYCqDj
         jz8ykEYiZg4+S3G+R+wXOz6I5VxFWTKwWmXEkpyxjmY0+moh47rNJDc2AMKji6xXURg1
         P8i90PGBdIrK3aDSuADRK/Fgm4FmKORdO67SnkpOZi+TVjVn0Wom7BuBKg2qiGOh19Fo
         A0/wJfFY8o6lQ0o/PSB8oR0cBdabhsh/zfTf5rt8ieIisldPolN/qvMqqvNRX9V0Plp3
         PrPuYduwa50KItoDg/QpfnwIH/7txFwpXg+L2eYt97Vn/69lFKcfPSn8Y4W71/GjqElf
         j8AA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=XYk0XCa2;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 bc25-20020a056402205900b005020d16209bsi12799353edb.518.2023.03.27.11.32.08;
        Mon, 27 Mar 2023 11:32:31 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=XYk0XCa2;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S232314AbjC0SXH (ORCPT <rfc822;kartikey406@gmail.com>
        + 99 others); Mon, 27 Mar 2023 14:23:07 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33796 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229805AbjC0SXD (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 27 Mar 2023 14:23:03 -0400
Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 13E3C2D5F;
        Mon, 27 Mar 2023 11:23:02 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by dfw.source.kernel.org (Postfix) with ESMTPS id 9D0AA61472;
        Mon, 27 Mar 2023 18:23:01 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id A12ADC4339C;
        Mon, 27 Mar 2023 18:22:59 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1679941381;
        bh=fQqYYZBl6thY1SMZV6P0vcEwNdRfXWrP08DeYYxt4Z4=;
        h=From:Date:Subject:References:In-Reply-To:To:Cc:From;
        b=XYk0XCa2T9KN0jiczq2OUcwgvM6ftE5qrh2oytwSHElilB5OysWGRNQKhQHR5+mGF
         26IEnVWANUwnUwUUejP3CJFuY9QY9KT18RUhxOrktdChTF3CrnGzt+Lst6xa1DhdTy
         TM5LaVPZtU7qYU7jDlEi+9tJImyIEi9zoT+I2fBgS+nf/p0gxY1aqip3MDNeGxZ1yl
         gRa+5VWI8JzSO2n7g8oLFaqiYW7KcfZxqhhWWI1TksZ+6WijfOrvJ5usf6Edm/Ovul
         yja1yO7e4XNCUcQLK8gEfx1GsohSQqkvRp4LF6W5wlgMPRqJx4e1susWo32zgXOLnk
         31onql7BRgMVA==
From: Christian Brauner <brauner@kernel.org>
Date: Mon, 27 Mar 2023 20:22:51 +0200
Subject: [PATCH 1/3] pid: add pidfd_prepare()
MIME-Version: 1.0
Message-Id: <20230327-pidfd-file-api-v1-1-5c0e9a3158e4@kernel.org>
References: <20230327-pidfd-file-api-v1-0-5c0e9a3158e4@kernel.org>
In-Reply-To: <20230327-pidfd-file-api-v1-0-5c0e9a3158e4@kernel.org>
To: linux-fsdevel@vger.kernel.org
Cc: Jan Kara <jack@suse.cz>, Amir Goldstein <amir73il@gmail.com>,
        Matthew Bobrowski <repnop@google.com>,
        linux-kernel@vger.kernel.org,
        Christian Brauner <brauner@kernel.org>
X-Mailer: b4 0.13-dev-00303
X-Developer-Signature: v=1; a=openpgp-sha256; l=3959; i=brauner@kernel.org;
 h=from:subject:message-id; bh=fQqYYZBl6thY1SMZV6P0vcEwNdRfXWrP08DeYYxt4Z4=;
 b=owGbwMvMwCU28Zj0gdSKO4sYT6slMaQo3mcI5rrLdWapP9exJC/fi+w7D703fVQ7+eZc1mkeevNl
 TzZO7ChlYRDjYpAVU2RxaDcJl1vOU7HZKFMDZg4rE8gQBi5OAZiIVz/D/6r9W1Vcm3acMmSvOrYq9N
 /bILdeDQf+fINXzUt5wlVfv2Nk+Dxdy89Uh29dOOchWe+XOyY8mTcnVsvdjJVzujJD/5XLHAA=
X-Developer-Key: i=brauner@kernel.org; a=openpgp;
 fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624
X-Spam-Status: No, score=-5.2 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,SPF_HELO_NONE,
        SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1761546811955768399?=
X-GMAIL-MSGID: =?utf-8?q?1761546811955768399?=

Add a new helper that allows to reserve a pidfd and allocates a new
pidfd file that stashes the provided struct pid. This will allow us to
remove places that either open code this function or that call
pidfd_create() but then have to call close_fd() because there are still
failure points after pidfd_create() has been called.

Signed-off-by: Christian Brauner <brauner@kernel.org>
Reviewed-by: Jan Kara <jack@suse.cz>
---
 include/linux/pid.h |  1 +
 kernel/pid.c        | 69 +++++++++++++++++++++++++++++++++++++++++++----------
 2 files changed, 58 insertions(+), 12 deletions(-)

diff --git a/include/linux/pid.h b/include/linux/pid.h
index 343abf22092e..b75de288a8c2 100644
--- a/include/linux/pid.h
+++ b/include/linux/pid.h
@@ -80,6 +80,7 @@ extern struct pid *pidfd_pid(const struct file *file);
 struct pid *pidfd_get_pid(unsigned int fd, unsigned int *flags);
 struct task_struct *pidfd_get_task(int pidfd, unsigned int *flags);
 int pidfd_create(struct pid *pid, unsigned int flags);
+int pidfd_prepare(struct pid *pid, unsigned int flags, struct file **ret);
 
 static inline struct pid *get_pid(struct pid *pid)
 {
diff --git a/kernel/pid.c b/kernel/pid.c
index 3fbc5e46b721..95e7e01574c8 100644
--- a/kernel/pid.c
+++ b/kernel/pid.c
@@ -576,6 +576,56 @@ struct task_struct *pidfd_get_task(int pidfd, unsigned int *flags)
 	return task;
 }
 
+/**
+ * pidfd_prepare - allocate a new pidfd_file and reserve a pidfd
+ * @pid:   the struct pid for which to create a pidfd
+ * @flags: flags of the new @pidfd
+ * @pidfd: the pidfd to return
+ *
+ * Allocate a new file that stashes @pid and reserve a new pidfd number in the
+ * caller's file descriptor table. The pidfd is reserved but not installed yet.
+ *
+ * If this function returns successfully the caller is responsible to either
+ * call fd_install() passing the returned pidfd and pidfd file as arguments in
+ * order to install the pidfd into its file descriptor table or they must use
+ * put_unused_fd() and fput() on the returned pidfd and pidfd file
+ * respectively.
+ *
+ * This function is useful when a pidfd must already be reserved but there
+ * might still be points of failure afterwards and the caller wants to ensure
+ * that no pidfd is leaked into its file descriptor table.
+ *
+ * Return: On success, a reserved pidfd is returned from the function and a new
+ *         pidfd file is returned in the last argument to the function. On
+ *         error, a negative error code is returned from the function and the
+ *         last argument remains unchanged.
+ */
+int pidfd_prepare(struct pid *pid, unsigned int flags, struct file **ret)
+{
+	int pidfd;
+	struct file *pidfd_file;
+
+	if (!pid || !pid_has_task(pid, PIDTYPE_TGID))
+		return -EINVAL;
+
+	if (flags & ~(O_NONBLOCK | O_RDWR | O_CLOEXEC))
+		return -EINVAL;
+
+	pidfd = get_unused_fd_flags(O_RDWR | O_CLOEXEC);
+	if (pidfd < 0)
+		return pidfd;
+
+	pidfd_file = anon_inode_getfile("[pidfd]", &pidfd_fops, pid,
+					flags | O_RDWR | O_CLOEXEC);
+	if (IS_ERR(pidfd_file)) {
+		put_unused_fd(pidfd);
+		return PTR_ERR(pidfd_file);
+	}
+	get_pid(pid); /* held by pidfd_file now */
+	*ret = pidfd_file;
+	return pidfd;
+}
+
 /**
  * pidfd_create() - Create a new pid file descriptor.
  *
@@ -594,20 +644,15 @@ struct task_struct *pidfd_get_task(int pidfd, unsigned int *flags)
  */
 int pidfd_create(struct pid *pid, unsigned int flags)
 {
-	int fd;
+	int pidfd;
+	struct file *pidfd_file;
 
-	if (!pid || !pid_has_task(pid, PIDTYPE_TGID))
-		return -EINVAL;
-
-	if (flags & ~(O_NONBLOCK | O_RDWR | O_CLOEXEC))
-		return -EINVAL;
-
-	fd = anon_inode_getfd("[pidfd]", &pidfd_fops, get_pid(pid),
-			      flags | O_RDWR | O_CLOEXEC);
-	if (fd < 0)
-		put_pid(pid);
+	pidfd = pidfd_prepare(pid, flags, &pidfd_file);
+	if (pidfd < 0)
+		return pidfd;
 
-	return fd;
+	fd_install(pidfd, pidfd_file);
+	return pidfd;
 }
 
 /**

From patchwork Mon Mar 27 18:22:52 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Christian Brauner <brauner@kernel.org>
X-Patchwork-Id: 75613
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp1716715vqo;
        Mon, 27 Mar 2023 11:43:46 -0700 (PDT)
X-Google-Smtp-Source: 
 AKy350bOb+UkDXI2j5b4I463gKnNJImyRwFBlt353D3GrKISB9kAPUounV3QmUUEKTYqptEHqwNb
X-Received: by 2002:a17:906:8398:b0:900:a150:cea3 with SMTP id
 p24-20020a170906839800b00900a150cea3mr13060464ejx.9.1679942625861;
        Mon, 27 Mar 2023 11:43:45 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1679942625; cv=none;
        d=google.com; s=arc-20160816;
        b=NhYbO8+BJCV47nmsqqkHL62c3qJhjN9f6WGE4b0u0LOsCF2AQ5axUPW9OCa5BeSvih
         OgbRdAoLdI5DEP0tdwup0Egcpk4Krn1gscSKrCcLvi5f2yxZvzHBCmu7aij9N+xYNeXn
         BlgtdRrb+AZFc3OAuWZSXG1fC+45GtRdoPq2sjg5WYyC7JYcIIA/OXw+l1WjUXrhwd6M
         bRQBAo4Jv5krVJaan1E3KcNsx/P0YdCuULVFHtUL0x+2/ECpfNjdzHTKDmUTdSWcp7p0
         AmyuMb3XFRyVNUf21/wDzpqL4SGOQQRNGrQCYyXrdMNz+oURwX/BadLwPZLlppy+E3CH
         HJTQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:cc:to:in-reply-to:references:message-id
         :content-transfer-encoding:mime-version:subject:date:from
         :dkim-signature;
        bh=6JyXm7w4vJYaYrYJDM3q7TW0HsDwf6nBA5bbe8nWoAc=;
        b=zmWJdaKmvRX73iZFFVpoSjrczc3qj9c1hQmX97tT480GXqkNudV2wImFZ684+x+aU4
         bEVwfv+GHWr1GNRte51cO4C7GGtili0hZZK5Q7/E+kbuJjQYm1A8zVJ2QmlAONrL/4gQ
         OPRGxxf9i7zRJMQ7C8+J8YkMg3ObVuuc07brpAR3B2sypU93AyZwDGXQSGmBhoxaAEAr
         h0eGVFHmb95newDM7wGCgFs5d/zFWUmzi9T+jbK0od0lEk7sJvM8a5CuWEVnbN2JvYKg
         mlx5BQiKyZTOd9k9eHRxojQSKJ0hUcqowGaSeDBmfmRuv49dBn3zG5aZahzCq+PRb/jD
         b20A==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=lSV0tP4+;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 n19-20020a170906841300b0093b83e8dc21si8472758ejx.26.2023.03.27.11.43.22;
        Mon, 27 Mar 2023 11:43:45 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=lSV0tP4+;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S232378AbjC0SXL (ORCPT <rfc822;kartikey406@gmail.com>
        + 99 others); Mon, 27 Mar 2023 14:23:11 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33858 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229720AbjC0SXG (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 27 Mar 2023 14:23:06 -0400
Received: from ams.source.kernel.org (ams.source.kernel.org
 [IPv6:2604:1380:4601:e00::1])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 719613585;
        Mon, 27 Mar 2023 11:23:05 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by ams.source.kernel.org (Postfix) with ESMTPS id 3902AB818A9;
        Mon, 27 Mar 2023 18:23:04 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 94982C433EF;
        Mon, 27 Mar 2023 18:23:01 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1679941383;
        bh=JEKlM+bqF/R1VFyTBMpRBCAf1N5vKq7gxUYcEFId+N0=;
        h=From:Date:Subject:References:In-Reply-To:To:Cc:From;
        b=lSV0tP4+v61vHHux+QcFowZFvdqJuXNaO0NRfRWwPXSE2tk2V/dEba8BGdLmrq+Sv
         3CDMY5JEyQjvPRnDKOpwZ+0egZSMOL/TEBgPvw31cNiV2EL4IWJVAjkIGyifXA1bb6
         gUECJyYvFgCDaWVLlatV/nRarSUe0l9WAfkFLW6f4vjPK1A06lYc5zgqji7QSK1liX
         mH4FcK2EEih3HkI7xufQoy3s0osbxcei59XxE44iiFmOMCWGiqIh6o4zN78dYSg6vp
         X5WqEYZxlF1VHXb5dEqBrQXdyR53OlJ48whrPXGLzG92Xf1i5228XqdfX25VQviPLY
         FT5OASAZtck6A==
From: Christian Brauner <brauner@kernel.org>
Date: Mon, 27 Mar 2023 20:22:52 +0200
Subject: [PATCH 2/3] fork: use pidfd_prepare()
MIME-Version: 1.0
Message-Id: <20230327-pidfd-file-api-v1-2-5c0e9a3158e4@kernel.org>
References: <20230327-pidfd-file-api-v1-0-5c0e9a3158e4@kernel.org>
In-Reply-To: <20230327-pidfd-file-api-v1-0-5c0e9a3158e4@kernel.org>
To: linux-fsdevel@vger.kernel.org
Cc: Jan Kara <jack@suse.cz>, Amir Goldstein <amir73il@gmail.com>,
        Matthew Bobrowski <repnop@google.com>,
        linux-kernel@vger.kernel.org,
        Christian Brauner <brauner@kernel.org>
X-Mailer: b4 0.13-dev-00303
X-Developer-Signature: v=1; a=openpgp-sha256; l=1162; i=brauner@kernel.org;
 h=from:subject:message-id; bh=JEKlM+bqF/R1VFyTBMpRBCAf1N5vKq7gxUYcEFId+N0=;
 b=owGbwMvMwCU28Zj0gdSKO4sYT6slMaQo3mf0SZAs/5tQ151pd9fkgc+LhkS7TY/+rj7JwhizkMvD
 7t6sjlIWBjEuBlkxRRaHdpNwueU8FZuNMjVg5rAygQxh4OIUgInsWsTIsDnPKfanzNml95aniu4Pf8
 15pGtb258Ihv3GP39of1hfdI6R4eCSYmVlCUHbeW8f8E0uaws7Vi0buLto6ZWggE8LGi9cYQcA
X-Developer-Key: i=brauner@kernel.org; a=openpgp;
 fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624
X-Spam-Status: No, score=-2.5 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE,
        SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1761547518954206611?=
X-GMAIL-MSGID: =?utf-8?q?1761547518954206611?=

Stop open-coding get_unused_fd_flags() and anon_inode_getfile(). That's
brittle just for keeping the flags between both calls in sync. Use the
dedicated helper.

Signed-off-by: Christian Brauner <brauner@kernel.org>
---
 kernel/fork.c | 12 +-----------
 1 file changed, 1 insertion(+), 11 deletions(-)

diff --git a/kernel/fork.c b/kernel/fork.c
index c0257cbee093..1f5eb854ba3e 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -2291,21 +2291,11 @@ static __latent_entropy struct task_struct *copy_process(
 	 * if the fd table isn't shared).
 	 */
 	if (clone_flags & CLONE_PIDFD) {
-		retval = get_unused_fd_flags(O_RDWR | O_CLOEXEC);
+		retval = pidfd_prepare(pid, O_RDWR | O_CLOEXEC, &pidfile);
 		if (retval < 0)
 			goto bad_fork_free_pid;
-
 		pidfd = retval;
 
-		pidfile = anon_inode_getfile("[pidfd]", &pidfd_fops, pid,
-					      O_RDWR | O_CLOEXEC);
-		if (IS_ERR(pidfile)) {
-			put_unused_fd(pidfd);
-			retval = PTR_ERR(pidfile);
-			goto bad_fork_free_pid;
-		}
-		get_pid(pid);	/* held by pidfile now */
-
 		retval = put_user(pidfd, args->pidfd);
 		if (retval)
 			goto bad_fork_put_pidfd;

From patchwork Mon Mar 27 18:22:53 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Christian Brauner <brauner@kernel.org>
X-Patchwork-Id: 75617
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp1716946vqo;
        Mon, 27 Mar 2023 11:44:11 -0700 (PDT)
X-Google-Smtp-Source: 
 AKy350ZtJgiWOWuZbL/VNFYcipkmHD5NVdBFvRCXfAnb6vMoBTUt3RdZsySUO3CRGxrOptsn/9LL
X-Received: by 2002:a17:907:1c93:b0:93e:908d:cfe2 with SMTP id
 nb19-20020a1709071c9300b0093e908dcfe2mr13777732ejc.0.1679942651025;
        Mon, 27 Mar 2023 11:44:11 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1679942651; cv=none;
        d=google.com; s=arc-20160816;
        b=GXr+NC74W8U0znfeF483gGZYkxkM710U07jeCNmCk9BL1pbOjHm+I89P1JiOL5CrN+
         2JP/BjLEh8GhzZgaIaG2LKDbe1/YnZBdH758/Ltfs3l7jiEGp36kgEdkGnj/YEFg/lsY
         ZCQ2aUP1HN72qrNwco79RJsMSTktKjzzc1sV0X4mGVuP2Xp5bnJVx5tFT1ama/Z8uxQj
         9zJzgLuFQnx77rMzwh7Js9pmySN/kWzi82Gwzt9w2vLfrjfc5WDTi5daqJXYQcl0XXts
         y3rjRk6o1m7AL2412KRIh18TOa+VF55b260wp8clrGhkDJ9HkD44NGSKB9PshOQnZEi1
         W/hQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:cc:to:in-reply-to:references:message-id
         :content-transfer-encoding:mime-version:subject:date:from
         :dkim-signature;
        bh=YPN1CVEuVYbh2RXLAtooi8g+GbnH1hgPu4CkQg/Z6Ps=;
        b=JccN3IGTUW2HZmzGm0JnLKaM1JstAEIDfQAUfQV0JwdRTpC2+DVYVIcRacqQrxjZFO
         hl5zThdCRl67O4XDWOSH6VAmuBa8VBwxAT8xmMRGutA13kShvU5DkIeWph1rZerSpQAY
         vl0AUWZplR0BA7iORdtN3cfMwsBIBuvPAbrhKAaCPrwngOgYkLwpoef+BLBcujI8Kumk
         dsYK/sTHz4EjCy1jZna5idiHvebZMtyPy3z6RyeQef+LteICXGDb8z42CB5Aq9fvR+1A
         I4q0dMU97IcOL8VIBTLSw2s2TsqhCVUZhIyxBSMUPYVVb0EQ9D5vYHAYdghUU/DuGpSO
         9dqw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=b0HvNd+k;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 lh17-20020a170906f8d100b0093048a8bd2esi26821831ejb.43.2023.03.27.11.43.46;
        Mon, 27 Mar 2023 11:44:11 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=b0HvNd+k;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S232382AbjC0SXO (ORCPT <rfc822;kartikey406@gmail.com>
        + 99 others); Mon, 27 Mar 2023 14:23:14 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33938 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S232345AbjC0SXJ (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 27 Mar 2023 14:23:09 -0400
Received: from ams.source.kernel.org (ams.source.kernel.org
 [IPv6:2604:1380:4601:e00::1])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6D42840CB;
        Mon, 27 Mar 2023 11:23:07 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by ams.source.kernel.org (Postfix) with ESMTPS id 2D8AAB818BC;
        Mon, 27 Mar 2023 18:23:06 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 862A2C433D2;
        Mon, 27 Mar 2023 18:23:03 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1679941384;
        bh=TNJCOio1Rm6H8bH6XbJFRUE6Yg7Pb43dg5K5QcL0diU=;
        h=From:Date:Subject:References:In-Reply-To:To:Cc:From;
        b=b0HvNd+kZXtHoSvHRENpxlIo2kjAYayuM/+3si5bBEC36OZkhZUW2/inUkkkFVCxs
         H07NhvpfLfKGc4cK58iwpJj/IkdfExLaojRh922UIhw/6VN+sxg0Y/az7zEbam6lW4
         C3ZA+WOAw/D7ZwSX/tpE0FM6Pr/neMD5TmPPrJBQcFpBasTxHFPbwj1TLJWzRjM5CD
         18RaqYriL3gw6QgWHnR63hFEajKTgQPSjPMN9VkAoVKxKIC2FEhJicVJEflplJX1oK
         b75bdavBWF5hoESSnaZSyGpiO1HwUA7JOqVc5EB9KtHK9CfVcx2sqkmDdgWTYGcxA+
         2D0pX/PGRvruQ==
From: Christian Brauner <brauner@kernel.org>
Date: Mon, 27 Mar 2023 20:22:53 +0200
Subject: [PATCH 3/3] fanotify: use pidfd_prepare()
MIME-Version: 1.0
Message-Id: <20230327-pidfd-file-api-v1-3-5c0e9a3158e4@kernel.org>
References: <20230327-pidfd-file-api-v1-0-5c0e9a3158e4@kernel.org>
In-Reply-To: <20230327-pidfd-file-api-v1-0-5c0e9a3158e4@kernel.org>
To: linux-fsdevel@vger.kernel.org
Cc: Jan Kara <jack@suse.cz>, Amir Goldstein <amir73il@gmail.com>,
        Matthew Bobrowski <repnop@google.com>,
        linux-kernel@vger.kernel.org,
        Christian Brauner <brauner@kernel.org>
X-Mailer: b4 0.13-dev-00303
X-Developer-Signature: v=1; a=openpgp-sha256; l=2293; i=brauner@kernel.org;
 h=from:subject:message-id; bh=TNJCOio1Rm6H8bH6XbJFRUE6Yg7Pb43dg5K5QcL0diU=;
 b=owGbwMvMwCU28Zj0gdSKO4sYT6slMaQo3mf857bx57Q5Hq8DfDZp8R1W+Ny4gD9sBmt0cor7Odb7
 e2pcO0pZGMS4GGTFFFkc2k3C5ZbzVGw2ytSAmcPKBDKEgYtTACaS1sbwP71L+INEhnNUpHZSoX5yt8
 N754og1n8iJyqVxP+WKL9kYvinsvVwyoNzyVNUrhxat39l0d4fXPs/xas2l+SGsc890PGAHQA=
X-Developer-Key: i=brauner@kernel.org; a=openpgp;
 fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624
X-Spam-Status: No, score=-2.5 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE,
        SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1761547545152424130?=
X-GMAIL-MSGID: =?utf-8?q?1761547545152424130?=

We generally try to avoid installing a file descriptor into the caller's
file descriptor table just to close it again via close_fd() in case an
error occurs. Instead we reserve a file descriptor but don't install it
into the caller's file descriptor table yet. If we fail for other,
unrelated reasons we can just close the reserved file descriptor and if
we make it past all meaningful error paths we just install it. Fanotify
gets this right already for one fd type but not for pidfds.

Use the new pidfd_prepare() helper to reserve a pidfd and a pidfd file
and switch to the more common fd allocation and installation pattern.

Signed-off-by: Christian Brauner <brauner@kernel.org>
Acked-by: Jan Kara <jack@suse.cz>
---
 fs/notify/fanotify/fanotify_user.c | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c
index 8f430bfad487..22fb1cf7e1fc 100644
--- a/fs/notify/fanotify/fanotify_user.c
+++ b/fs/notify/fanotify/fanotify_user.c
@@ -663,7 +663,7 @@ static ssize_t copy_event_to_user(struct fsnotify_group *group,
 	struct fanotify_info *info = fanotify_event_info(event);
 	unsigned int info_mode = FAN_GROUP_FLAG(group, FANOTIFY_INFO_MODES);
 	unsigned int pidfd_mode = info_mode & FAN_REPORT_PIDFD;
-	struct file *f = NULL;
+	struct file *f = NULL, *pidfd_file = NULL;
 	int ret, pidfd = FAN_NOPIDFD, fd = FAN_NOFD;
 
 	pr_debug("%s: group=%p event=%p\n", __func__, group, event);
@@ -718,7 +718,7 @@ static ssize_t copy_event_to_user(struct fsnotify_group *group,
 		    !pid_has_task(event->pid, PIDTYPE_TGID)) {
 			pidfd = FAN_NOPIDFD;
 		} else {
-			pidfd = pidfd_create(event->pid, 0);
+			pidfd = pidfd_prepare(event->pid, 0, &pidfd_file);
 			if (pidfd < 0)
 				pidfd = FAN_EPIDFD;
 		}
@@ -751,6 +751,9 @@ static ssize_t copy_event_to_user(struct fsnotify_group *group,
 	if (f)
 		fd_install(fd, f);
 
+	if (pidfd_file)
+		fd_install(pidfd, pidfd_file);
+
 	return metadata.event_len;
 
 out_close_fd:
@@ -759,8 +762,10 @@ static ssize_t copy_event_to_user(struct fsnotify_group *group,
 		fput(f);
 	}
 
-	if (pidfd >= 0)
-		close_fd(pidfd);
+	if (pidfd >= 0) {
+		put_unused_fd(pidfd);
+		fput(pidfd_file);
+	}
 
 	return ret;
 }