[PATCH v2] fs, security: Fix file_set_fowner LSM hook inconsistencies

[Mateusz Guzik]

On Wed, Aug 14, 2024 at 1:39 AM Paul Moore <paul at paul-moore.com> wrote:
>
> I don't see how where the cred reference live will have any impact,
> you still need to get and drop references which will have an impact.
> There will always be something.
>

The patch as posted here adds 2 atomics in the fast path and that
indeed is a problem, but it can be trivially avoided -- either use
get/put_cred_many or make it so that the same pointer means the ref is
held implicitly (after all the f_cred one is guaranteed to be there
for the entire file's lifetime).

Either way extra overhead does not have to be there (modulo one branch
on teardown to check for mismatched creds) and can be considered a
non-factor.

I have no basis to comment on the idea behind the patch.

I'll note however that the patch to move f_owner out of struct file
(and have *not* present by default) is likely to come through, it
already landed here:
https://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs.git/commit/?h=vfs.misc&id=0e8540d012189259261c75360d2725a2107761e7

I don't know if it has any bearing on viability of the patch posted here.

-- 
Mateusz Guzik <mjguzik gmail.com>