From patchwork Mon Dec 11 16:34:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Howells X-Patchwork-Id: 176801 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:bcd1:0:b0:403:3b70:6f57 with SMTP id r17csp7179832vqy; Mon, 11 Dec 2023 08:34:46 -0800 (PST) X-Google-Smtp-Source: AGHT+IG2uNO4RIEPXAdDgJhhYLM8KSAZX2Cu1Kkz4GtxSXhaYl9KvUrfJJW+cqIMt93S33e0Z/k8 X-Received: by 2002:a05:6a20:85a7:b0:191:309:1646 with SMTP id s39-20020a056a2085a700b0019103091646mr1538540pzd.20.1702312486386; Mon, 11 Dec 2023 08:34:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1702312486; cv=none; d=google.com; s=arc-20160816; b=A7eru7pu0nKsS+BrbRpB5lsob6h/jEwok+FiiMC4JMGjU3puo/CExunlIx7yHpginc Cl7HHzstob/OSouXFg9M3P+OqQOicCp1dPUbHwvRQYmvYmOEms+9wvTt/eCT2gHM4uQH IkeI8NOJdfJxgahRlO7vNhV/a+0OI/1ETEP9hQ4zPJDaPza0jSTvWOvH3+MIOvg8z4lc O6ZUeFuHWR00qyAWsK2gw8HCY+PD7ir2XKOs24wRCgMQOEjUCbW7TY9ELpxdLHM+8P5N EAsyIcfT9qtbxL9zgIZmu70bLnF6Mi10GT47+M9Nh9ppPW3he55kUYPRztnHYjY/or6U DG+w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=8Hgc4VpHrij9wpXpDIXTA7F+eZGvk3a4sFe7hddHELc=; fh=amlZE/0bmUZb0iruJSnjcNGDWpcpLgWng4o3VdOIeS8=; b=I9skMtwLpTXdX5xFLu87FNnwsDqW2z8fglhxlnm7fdAnfCyLSUpn6BJP56gLJ1Lkq8 rNUGkatKtogYDKMRSfn6bgvWqttHB2//YXBqbAgzMO6RC2DHNo8kIAD52abYSPnUvBNG n8TfEa0EVjBjFiiNpAjzQWaoWkhPnIyDnNF5KciyhVS/szLvSystyAyfsRaUTMjY2rXU XsqjEijwdJNATg6CVSVY0nwkKR34C1uprKOITMfLyR2HPiaKTfT2E1tbe3t4EO0sb4qr NqT8h057wzYksSKriS1dXOc9cFa0irxVOEUH0NYKpO6dR/I6UuRMZ7SntXZJXWb1NL+l 1M2g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b="UP/HOCiP"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from lipwig.vger.email (lipwig.vger.email. [2620:137:e000::3:3]) by mx.google.com with ESMTPS id o14-20020a63e34e000000b005c677a35336si6297299pgj.348.2023.12.11.08.34.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 11 Dec 2023 08:34:46 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) client-ip=2620:137:e000::3:3; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b="UP/HOCiP"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id 85895809F8B3; Mon, 11 Dec 2023 08:34:43 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344883AbjLKQeZ (ORCPT + 99 others); Mon, 11 Dec 2023 11:34:25 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56426 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1344868AbjLKQeV (ORCPT ); Mon, 11 Dec 2023 11:34:21 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9D6898E for ; Mon, 11 Dec 2023 08:34:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1702312466; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=8Hgc4VpHrij9wpXpDIXTA7F+eZGvk3a4sFe7hddHELc=; b=UP/HOCiPZcFGmV2irFL2fYZ3ki5G4YcW1SOdxL2EbSxNzyp03owRBxXKN2MhzuecBc+G60 HHto6QEnmVJSP9O0qrzHgWmKQXff/yA6Kgl5zJ9cMv+Buj0gyaYa1h/0dyjpnBhUAUEtSC SlkplgQZX8lwrCuwD4HvO/KYZFTfPEk= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-626-7J7Zab7gN3ihCVoCmnBD7Q-1; Mon, 11 Dec 2023 11:34:20 -0500 X-MC-Unique: 7J7Zab7gN3ihCVoCmnBD7Q-1 Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C69F1185A780; Mon, 11 Dec 2023 16:34:19 +0000 (UTC) Received: from warthog.procyon.org.com (unknown [10.42.28.2]) by smtp.corp.redhat.com (Postfix) with ESMTP id C3489492BE6; Mon, 11 Dec 2023 16:34:18 +0000 (UTC) From: David Howells To: Markus Suvanto , Marc Dionne Cc: David Howells , linux-afs@lists.infradead.org, keyrings@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 1/3] afs: Fix the dynamic root's d_delete to always delete unused dentries Date: Mon, 11 Dec 2023 16:34:10 +0000 Message-ID: <20231211163412.2766147-2-dhowells@redhat.com> In-Reply-To: <20231211163412.2766147-1-dhowells@redhat.com> References: <20231211163412.2766147-1-dhowells@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.10 X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Mon, 11 Dec 2023 08:34:43 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785004017710865769 X-GMAIL-MSGID: 1785004017710865769 Fix the afs dynamic root's d_delete function to always delete unused dentries rather than only deleting them if they're positive. With things as they stand upstream, negative dentries stemming from failed DNS lookups stick around preventing retries. Fixes: 66c7e1d319a5 ("afs: Split the dynroot stuff out and give it its own ops tables") Signed-off-by: David Howells cc: Marc Dionne cc: linux-afs@lists.infradead.org --- fs/afs/dynroot.c | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/fs/afs/dynroot.c b/fs/afs/dynroot.c index 1fa8cf23bd36..34474a061654 100644 --- a/fs/afs/dynroot.c +++ b/fs/afs/dynroot.c @@ -252,20 +252,9 @@ static int afs_dynroot_d_revalidate(struct dentry *dentry, unsigned int flags) return 1; } -/* - * Allow the VFS to enquire as to whether a dentry should be unhashed (mustn't - * sleep) - * - called from dput() when d_count is going to 0. - * - return 1 to request dentry be unhashed, 0 otherwise - */ -static int afs_dynroot_d_delete(const struct dentry *dentry) -{ - return d_really_is_positive(dentry); -} - const struct dentry_operations afs_dynroot_dentry_operations = { .d_revalidate = afs_dynroot_d_revalidate, - .d_delete = afs_dynroot_d_delete, + .d_delete = always_delete_dentry, .d_release = afs_d_release, .d_automount = afs_d_automount, }; From patchwork Mon Dec 11 16:34:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Howells X-Patchwork-Id: 176799 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:bcd1:0:b0:403:3b70:6f57 with SMTP id r17csp7179827vqy; Mon, 11 Dec 2023 08:34:46 -0800 (PST) X-Google-Smtp-Source: AGHT+IFTtzbqGktL0vCS671qUtZIZnyDndvp8RSfOSH4qLdQbZh0bo0nbnxd8ANdyCxSvVdcX4F8 X-Received: by 2002:a17:90b:1989:b0:286:6cc1:2cd4 with SMTP id mv9-20020a17090b198900b002866cc12cd4mr2339599pjb.94.1702312486073; Mon, 11 Dec 2023 08:34:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1702312486; cv=none; d=google.com; s=arc-20160816; b=pUINAMGwzjNZyUIAEm+J5GMpFSLFgp2W4EjxY9XgSbw9NMKZUEoLVbOjwQ3qEDKLfy 0eXfca/fnx+v2ZO44K/x6Xgg4S4wD3YEpiKN7ChVykNniIU9ybVtk/Bf5t+flkV+bq10 dT8dCcymWFLrnIR0CaIcHhsNz54x6vzmwH0HuvdeUG3brjljfKkUnngxItuorNrVY/NA Aoz9//xhKpVbjmrC56sCpaTmOSdPNuyD3e4Ygu1pJeOgUv643i69GY+jgkr/TKz+/bkE BR9abTQ1sWdKOWzIofRQHZXioxHNKUFbm9UW4TDILPJg4LtQ6V+sP0oBfMrIdwGuX9Le Ut2g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=u+ZZc9tpbDfGr90pM2vQWil9uTsRvVuBO2QwM72BV7A=; fh=amlZE/0bmUZb0iruJSnjcNGDWpcpLgWng4o3VdOIeS8=; b=viu+B7IUZX2HlxyH9DGJh4KoBnU7ICUMEk7UBU0zNSCay2Fqv48om1d2EHfG7qr0b1 sBm4fETHp97Fr0nhCbFZ2Z7X+6YJkBWNniykTXL+ZtymKZsN/nXC14kbfo8AVVtLyRUo nZ4qtSJSLePMB2IS7BsWRj1LuOh/ZwvshiBZNrLvtGz6jKDq6QCPXlHkmxQ2lTYnIN5/ MGpLKjKmI5WkUFMETNzYMXAoFURkziAnTRRQDsin7Ty+0L6YcSvBx/pakeRhtgIrmCiO yPxJMlJmA4cFvDySKz3R/R2iWldkSPAuDicRn77eeQ3wiDW+lsJ1CkMFcYhuMvy41EW+ aKGA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=R3yKquyN; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from morse.vger.email (morse.vger.email. [23.128.96.31]) by mx.google.com with ESMTPS id a2-20020a17090abe0200b00286a1497c76si6396477pjs.21.2023.12.11.08.34.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 11 Dec 2023 08:34:45 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) client-ip=23.128.96.31; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=R3yKquyN; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by morse.vger.email (Postfix) with ESMTP id 2A38B803C460; Mon, 11 Dec 2023 08:34:43 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at morse.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344877AbjLKQeX (ORCPT + 99 others); Mon, 11 Dec 2023 11:34:23 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56392 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1343947AbjLKQeU (ORCPT ); Mon, 11 Dec 2023 11:34:20 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 16B9D91 for ; Mon, 11 Dec 2023 08:34:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1702312466; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=u+ZZc9tpbDfGr90pM2vQWil9uTsRvVuBO2QwM72BV7A=; b=R3yKquyNSoYuWKAcCcwP52GXFYKdcX/i5BWFrpB9Z3y/LkhQ31TP40l96lfc+RAQaE38jK K9sfop9L+Zn1umUtCanfpcnnjoRpBud+V25Aw4qGXYeFvXJsWWGnPmxbeQmvlHfnW2k5LT VHyNxnwgDpadb4L2nXsEl6uVS/XrIUo= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-331-6usZ8FX2O2yi5a9xxVOF8A-1; Mon, 11 Dec 2023 11:34:21 -0500 X-MC-Unique: 6usZ8FX2O2yi5a9xxVOF8A-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 7D6D6185A786; Mon, 11 Dec 2023 16:34:21 +0000 (UTC) Received: from warthog.procyon.org.com (unknown [10.42.28.2]) by smtp.corp.redhat.com (Postfix) with ESMTP id 72C992166B31; Mon, 11 Dec 2023 16:34:20 +0000 (UTC) From: David Howells To: Markus Suvanto , Marc Dionne Cc: David Howells , linux-afs@lists.infradead.org, keyrings@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 2/3] afs: Fix dynamic root lookup DNS check Date: Mon, 11 Dec 2023 16:34:11 +0000 Message-ID: <20231211163412.2766147-3-dhowells@redhat.com> In-Reply-To: <20231211163412.2766147-1-dhowells@redhat.com> References: <20231211163412.2766147-1-dhowells@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.6 X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on morse.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (morse.vger.email [0.0.0.0]); Mon, 11 Dec 2023 08:34:43 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785004016826977665 X-GMAIL-MSGID: 1785004016826977665 In the afs dynamic root directory, the ->lookup() function does a DNS check on the cell being asked for and if the DNS upcall reports an error it will report an error back to userspace (typically ENOENT). However, if a failed DNS upcall returns a new-style result, it will return a valid result, with the status field set appropriately to indicate the type of failure - and in that case, dns_query() doesn't return an error and we let stat() complete with no error - which can cause confusion in userspace as subsequent calls that trigger d_automount then fail with ENOENT. Fix this by checking the status result from a valid dns_query() and returning an error if it indicates a failure. Fixes: bbb4c4323a4d ("dns: Allow the dns resolver to retrieve a server set") Reported-by: Markus Suvanto Closes: https://bugzilla.kernel.org/show_bug.cgi?id=216637 Signed-off-by: David Howells cc: Marc Dionne cc: linux-afs@lists.infradead.org --- fs/afs/dynroot.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/fs/afs/dynroot.c b/fs/afs/dynroot.c index 34474a061654..4089d77a7a4d 100644 --- a/fs/afs/dynroot.c +++ b/fs/afs/dynroot.c @@ -114,6 +114,7 @@ static int afs_probe_cell_name(struct dentry *dentry) struct afs_net *net = afs_d2net(dentry); const char *name = dentry->d_name.name; size_t len = dentry->d_name.len; + char *result = NULL; int ret; /* Names prefixed with a dot are R/W mounts. */ @@ -131,9 +132,22 @@ static int afs_probe_cell_name(struct dentry *dentry) } ret = dns_query(net->net, "afsdb", name, len, "srv=1", - NULL, NULL, false); - if (ret == -ENODATA || ret == -ENOKEY) + &result, NULL, false); + if (ret == -ENODATA || ret == -ENOKEY || ret == 0) ret = -ENOENT; + if (ret >= sizeof(struct dns_server_list_v1_header)) { + struct dns_server_list_v1_header *v1 = (void *)result; + + if (v1->hdr.zero == 0 && + v1->hdr.content == DNS_PAYLOAD_IS_SERVER_LIST && + v1->hdr.version == 1 && + (v1->status != DNS_LOOKUP_GOOD && + v1->status != DNS_LOOKUP_GOOD_WITH_BAD)) + return -ENOENT; + + } + + kfree(result); return ret; } From patchwork Mon Dec 11 16:34:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Howells X-Patchwork-Id: 176800 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:bcd1:0:b0:403:3b70:6f57 with SMTP id r17csp7179834vqy; Mon, 11 Dec 2023 08:34:46 -0800 (PST) X-Google-Smtp-Source: AGHT+IGu41JHuUcethqJJFrs5Kkmazp1RCZ8IUQmwLFm3O5U5hAL1GpiXYdKCePTg82vLvku8Z2e X-Received: by 2002:a05:6358:5916:b0:16e:29a9:f5af with SMTP id g22-20020a056358591600b0016e29a9f5afmr3124103rwf.27.1702312486444; Mon, 11 Dec 2023 08:34:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1702312486; cv=none; d=google.com; s=arc-20160816; b=UgUhleO7XaHd7DKtBxykvbDlV24c1sWPvp7p0fH84Ig0g/QQjVOkZfvJT02F7zmFW4 k6iWNIoUy1RE6LlOwoFR+hX2CGyiplW74UYd9lICYjETrM0Ly4uR8+qZtTkBVqc+/0S5 0Mj5++tQZ5qvsWhUc6VrRfasoVnI84jP6s0JI+61Rd0/yyGU9ce3afvIxoUsDK4z0FEU l16hHzrYgOcVWmnXnTa0tiT6oy6ApgLjQMYHAgVVdaMORj8CZsY5oHF8Vv1ea6NvAyAE H5Pwh/a5VtCdBsuv3f4vtEYB4Nng4nRrQSRqWZo0U5VP+j8FdR0EduHlGtQa+GXifaX1 x8pA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=vLk+s36CrmcN/jHutHg878NqXnxvoZdKdAeSrt1NZXM=; fh=GOzvKCCyiqLyMXi2YfG7+doTsB8gjt0en4ux6GXwcbo=; b=wMSPK33uhmNHSND0OC/VR9BmIgvIOJx30zI0CkJfqRdMwSfGFgLyJaJEnUhvuWsrEo X/C6eOw1MF3lEUne/TPcOu2DOfVKvrh17ORS3xhr6iaQl25JEXJMJfTb6N6k5BzVxIdu 1VihsUDyjxfky3FC6KCQrCjgXYPguQx86MCXeL8B/oIPYMdHss4lXKwK0+HHer/1cZrG d3z3nZTFL05BDhNJtkx/lDQTdYj+92TH+pmKOPU233jNI4OTiF6ZEFsaTH4tnorXE5mh UH+dK456GRK9uVyYCq9PJ87994Uv7fj9nlsz7/cwhE8djdcOe5psNtGsgA7Gue62Bj+X 8Rvg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=LytBxhIB; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.34 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from howler.vger.email (howler.vger.email. [23.128.96.34]) by mx.google.com with ESMTPS id bx2-20020a056a02050200b005bdf59618e3si6733396pgb.497.2023.12.11.08.34.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 11 Dec 2023 08:34:46 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.34 as permitted sender) client-ip=23.128.96.34; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=LytBxhIB; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.34 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by howler.vger.email (Postfix) with ESMTP id 1A91A804BDF3; Mon, 11 Dec 2023 08:34:42 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at howler.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344892AbjLKQe2 (ORCPT + 99 others); Mon, 11 Dec 2023 11:34:28 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50794 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1344597AbjLKQeZ (ORCPT ); Mon, 11 Dec 2023 11:34:25 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 96999A9 for ; Mon, 11 Dec 2023 08:34:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1702312470; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=vLk+s36CrmcN/jHutHg878NqXnxvoZdKdAeSrt1NZXM=; b=LytBxhIBX0nZong5gBDmcZN8+2MZRcqa+zpZzt2pJ5UraXh9qmJFWYAFZG0Qv8Ksm74Hsd YJI2ynPFtR1HhvMmWAQ7prT2n/31eGO6vUxj2Tyhp1aKSvXLjQFJ7EbLahyyTde9LnHHYp Vpcx6t3yAU6+xZwDGGUKfoXTgDEhpGY= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-396-saFToYxHPwiAC-rkKFA2CA-1; Mon, 11 Dec 2023 11:34:25 -0500 X-MC-Unique: saFToYxHPwiAC-rkKFA2CA-1 Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id AEE87101CC60; Mon, 11 Dec 2023 16:34:24 +0000 (UTC) Received: from warthog.procyon.org.com (unknown [10.42.28.2]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4B545492BE6; Mon, 11 Dec 2023 16:34:22 +0000 (UTC) From: David Howells To: Markus Suvanto , Marc Dionne Cc: David Howells , linux-afs@lists.infradead.org, keyrings@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, Wang Lei , Jeff Layton , Steve French , Jarkko Sakkinen , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , linux-cifs@vger.kernel.org, linux-nfs@vger.kernel.org, ceph-devel@vger.kernel.org, netdev@vger.kernel.org Subject: [PATCH 3/3] keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiry Date: Mon, 11 Dec 2023 16:34:12 +0000 Message-ID: <20231211163412.2766147-4-dhowells@redhat.com> In-Reply-To: <20231211163412.2766147-1-dhowells@redhat.com> References: <20231211163412.2766147-1-dhowells@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.10 X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on howler.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]); Mon, 11 Dec 2023 08:34:42 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785004018213082075 X-GMAIL-MSGID: 1785004018213082075 If a key has an expiration time, then when that time passes, the key is left around for a certain amount of time before being collected (5 mins by default) so that EKEYEXPIRED can be returned instead of ENOKEY. This is a problem for DNS keys because we want to redo the DNS lookup immediately at that point. Fix this by allowing key types to be marked such that keys of that type don't have this extra period, but are reclaimed as soon as they expire and turn this on for dns_resolver-type keys. To make this easier to handle, key->expiry is changed to be permanent if TIME64_MAX rather than 0. Furthermore, give such new-style negative DNS results a 10s default expiry if no other expiry time is set rather than allowing it to stick around indefinitely. This shouldn't be zero as ls will follow a failing stat call immediately with a second with AT_SYMLINK_NOFOLLOW added. Fixes: 1a4240f4764a ("DNS: Separate out CIFS DNS Resolver code") Signed-off-by: David Howells cc: Wang Lei cc: Jeff Layton cc: Steve French cc: Marc Dionne cc: Jarkko Sakkinen cc: "David S. Miller" cc: Eric Dumazet cc: Jakub Kicinski cc: Paolo Abeni cc: linux-afs@lists.infradead.org cc: linux-cifs@vger.kernel.org cc: linux-nfs@vger.kernel.org cc: ceph-devel@vger.kernel.org cc: keyrings@vger.kernel.org cc: netdev@vger.kernel.org --- include/linux/key-type.h | 1 + net/dns_resolver/dns_key.c | 10 +++++++++- security/keys/gc.c | 31 +++++++++++++++++++++---------- security/keys/internal.h | 8 +++++++- security/keys/key.c | 15 +++++---------- security/keys/proc.c | 2 +- 6 files changed, 44 insertions(+), 23 deletions(-) diff --git a/include/linux/key-type.h b/include/linux/key-type.h index 7d985a1dfe4a..5caf3ce82373 100644 --- a/include/linux/key-type.h +++ b/include/linux/key-type.h @@ -73,6 +73,7 @@ struct key_type { unsigned int flags; #define KEY_TYPE_NET_DOMAIN 0x00000001 /* Keys of this type have a net namespace domain */ +#define KEY_TYPE_INSTANT_REAP 0x00000002 /* Keys of this type don't have a delay after expiring */ /* vet a description */ int (*vet_description)(const char *description); diff --git a/net/dns_resolver/dns_key.c b/net/dns_resolver/dns_key.c index 01e54b46ae0b..3233f4f25fed 100644 --- a/net/dns_resolver/dns_key.c +++ b/net/dns_resolver/dns_key.c @@ -91,6 +91,7 @@ const struct cred *dns_resolver_cache; static int dns_resolver_preparse(struct key_preparsed_payload *prep) { + const struct dns_server_list_v1_header *v1; const struct dns_payload_header *bin; struct user_key_payload *upayload; unsigned long derrno; @@ -122,6 +123,13 @@ dns_resolver_preparse(struct key_preparsed_payload *prep) return -EINVAL; } + v1 = (const struct dns_server_list_v1_header *)bin; + if ((v1->status != DNS_LOOKUP_GOOD && + v1->status != DNS_LOOKUP_GOOD_WITH_BAD)) { + if (prep->expiry == TIME64_MAX) + prep->expiry = ktime_get_real_seconds() + 10; + } + result_len = datalen; goto store_result; } @@ -314,7 +322,7 @@ static long dns_resolver_read(const struct key *key, struct key_type key_type_dns_resolver = { .name = "dns_resolver", - .flags = KEY_TYPE_NET_DOMAIN, + .flags = KEY_TYPE_NET_DOMAIN | KEY_TYPE_INSTANT_REAP, .preparse = dns_resolver_preparse, .free_preparse = dns_resolver_free_preparse, .instantiate = generic_key_instantiate, diff --git a/security/keys/gc.c b/security/keys/gc.c index 3c90807476eb..eaddaceda14e 100644 --- a/security/keys/gc.c +++ b/security/keys/gc.c @@ -66,6 +66,19 @@ void key_schedule_gc(time64_t gc_at) } } +/* + * Set the expiration time on a key. + */ +void key_set_expiry(struct key *key, time64_t expiry) +{ + key->expiry = expiry; + if (expiry != TIME64_MAX) { + if (!(key->type->flags & KEY_TYPE_INSTANT_REAP)) + expiry += key_gc_delay; + key_schedule_gc(expiry); + } +} + /* * Schedule a dead links collection run. */ @@ -176,7 +189,6 @@ static void key_garbage_collector(struct work_struct *work) static u8 gc_state; /* Internal persistent state */ #define KEY_GC_REAP_AGAIN 0x01 /* - Need another cycle */ #define KEY_GC_REAPING_LINKS 0x02 /* - We need to reap links */ -#define KEY_GC_SET_TIMER 0x04 /* - We need to restart the timer */ #define KEY_GC_REAPING_DEAD_1 0x10 /* - We need to mark dead keys */ #define KEY_GC_REAPING_DEAD_2 0x20 /* - We need to reap dead key links */ #define KEY_GC_REAPING_DEAD_3 0x40 /* - We need to reap dead keys */ @@ -184,21 +196,17 @@ static void key_garbage_collector(struct work_struct *work) struct rb_node *cursor; struct key *key; - time64_t new_timer, limit; + time64_t new_timer, limit, expiry; kenter("[%lx,%x]", key_gc_flags, gc_state); limit = ktime_get_real_seconds(); - if (limit > key_gc_delay) - limit -= key_gc_delay; - else - limit = key_gc_delay; /* Work out what we're going to be doing in this pass */ gc_state &= KEY_GC_REAPING_DEAD_1 | KEY_GC_REAPING_DEAD_2; gc_state <<= 1; if (test_and_clear_bit(KEY_GC_KEY_EXPIRED, &key_gc_flags)) - gc_state |= KEY_GC_REAPING_LINKS | KEY_GC_SET_TIMER; + gc_state |= KEY_GC_REAPING_LINKS; if (test_and_clear_bit(KEY_GC_REAP_KEYTYPE, &key_gc_flags)) gc_state |= KEY_GC_REAPING_DEAD_1; @@ -233,8 +241,11 @@ static void key_garbage_collector(struct work_struct *work) } } - if (gc_state & KEY_GC_SET_TIMER) { - if (key->expiry > limit && key->expiry < new_timer) { + expiry = key->expiry; + if (expiry != TIME64_MAX) { + if (!(key->type->flags & KEY_TYPE_INSTANT_REAP)) + expiry += key_gc_delay; + if (expiry > limit && expiry < new_timer) { kdebug("will expire %x in %lld", key_serial(key), key->expiry - limit); new_timer = key->expiry; @@ -276,7 +287,7 @@ static void key_garbage_collector(struct work_struct *work) */ kdebug("pass complete"); - if (gc_state & KEY_GC_SET_TIMER && new_timer != (time64_t)TIME64_MAX) { + if (new_timer != TIME64_MAX) { new_timer += key_gc_delay; key_schedule_gc(new_timer); } diff --git a/security/keys/internal.h b/security/keys/internal.h index 471cf36dedc0..b63a8c41635a 100644 --- a/security/keys/internal.h +++ b/security/keys/internal.h @@ -167,6 +167,7 @@ extern unsigned key_gc_delay; extern void keyring_gc(struct key *keyring, time64_t limit); extern void keyring_restriction_gc(struct key *keyring, struct key_type *dead_type); +void key_set_expiry(struct key *key, time64_t expiry); extern void key_schedule_gc(time64_t gc_at); extern void key_schedule_gc_links(void); extern void key_gc_keytype(struct key_type *ktype); @@ -215,10 +216,15 @@ extern struct key *key_get_instantiation_authkey(key_serial_t target_id); */ static inline bool key_is_dead(const struct key *key, time64_t limit) { + time64_t expiry = key->expiry; + + if (!(key->type->flags & KEY_TYPE_INSTANT_REAP)) + expiry += key_gc_delay; + return key->flags & ((1 << KEY_FLAG_DEAD) | (1 << KEY_FLAG_INVALIDATED)) || - (key->expiry > 0 && key->expiry <= limit) || + expiry <= limit || key->domain_tag->removed; } diff --git a/security/keys/key.c b/security/keys/key.c index 0260a1902922..5b10641debd5 100644 --- a/security/keys/key.c +++ b/security/keys/key.c @@ -294,6 +294,7 @@ struct key *key_alloc(struct key_type *type, const char *desc, key->uid = uid; key->gid = gid; key->perm = perm; + key->expiry = TIME64_MAX; key->restrict_link = restrict_link; key->last_used_at = ktime_get_real_seconds(); @@ -463,10 +464,7 @@ static int __key_instantiate_and_link(struct key *key, if (authkey) key_invalidate(authkey); - if (prep->expiry != TIME64_MAX) { - key->expiry = prep->expiry; - key_schedule_gc(prep->expiry + key_gc_delay); - } + key_set_expiry(key, prep->expiry); } } @@ -606,8 +604,7 @@ int key_reject_and_link(struct key *key, atomic_inc(&key->user->nikeys); mark_key_instantiated(key, -error); notify_key(key, NOTIFY_KEY_INSTANTIATED, -error); - key->expiry = ktime_get_real_seconds() + timeout; - key_schedule_gc(key->expiry + key_gc_delay); + key_set_expiry(key, ktime_get_real_seconds() + timeout); if (test_and_clear_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags)) awaken = 1; @@ -723,16 +720,14 @@ struct key_type *key_type_lookup(const char *type) void key_set_timeout(struct key *key, unsigned timeout) { - time64_t expiry = 0; + time64_t expiry = TIME64_MAX; /* make the changes with the locks held to prevent races */ down_write(&key->sem); if (timeout > 0) expiry = ktime_get_real_seconds() + timeout; - - key->expiry = expiry; - key_schedule_gc(key->expiry + key_gc_delay); + key_set_expiry(key, expiry); up_write(&key->sem); } diff --git a/security/keys/proc.c b/security/keys/proc.c index d0cde6685627..4f4e2c1824f1 100644 --- a/security/keys/proc.c +++ b/security/keys/proc.c @@ -198,7 +198,7 @@ static int proc_keys_show(struct seq_file *m, void *v) /* come up with a suitable timeout value */ expiry = READ_ONCE(key->expiry); - if (expiry == 0) { + if (expiry == TIME64_MAX) { memcpy(xbuf, "perm", 5); } else if (now >= expiry) { memcpy(xbuf, "expd", 5);