WSL2-Linux-Kernel/security
Jeff Layton 5d50ffd7c3 locks: add new fcntl cmd values for handling file private locks
Due to some unfortunate history, POSIX locks have very strange and
unhelpful semantics. The thing that usually catches people by surprise
is that they are dropped whenever the process closes any file descriptor
associated with the inode.

This is extremely problematic for people developing file servers that
need to implement byte-range locks. Developers often need a "lock
management" facility to ensure that file descriptors are not closed
until all of the locks associated with the inode are finished.

Additionally, "classic" POSIX locks are owned by the process. Locks
taken between threads within the same process won't conflict with one
another, which renders them useless for synchronization between threads.

This patchset adds a new type of lock that attempts to address these
issues. These locks conflict with classic POSIX read/write locks, but
have semantics that are more like BSD locks with respect to inheritance
and behavior on close.

This is implemented primarily by changing how fl_owner field is set for
these locks. Instead of having them owned by the files_struct of the
process, they are instead owned by the filp on which they were acquired.
Thus, they are inherited across fork() and are only released when the
last reference to a filp is put.

These new semantics prevent them from being merged with classic POSIX
locks, even if they are acquired by the same process. These locks will
also conflict with classic POSIX locks even if they are acquired by
the same process or on the same file descriptor.

The new locks are managed using a new set of cmd values to the fcntl()
syscall. The initial implementation of this converts these values to
"classic" cmd values at a fairly high level, and the details are not
exposed to the underlying filesystem. We may eventually want to push
this handing out to the lower filesystem code but for now I don't
see any need for it.

Also, note that with this implementation the new cmd values are only
available via fcntl64() on 32-bit arches. There's little need to
add support for legacy apps on a new interface like this.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
2014-03-31 08:24:43 -04:00
..
apparmor Merge branch 'for-linus2' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2013-11-21 19:46:00 -08:00
integrity Merge to v3.13-rc7 for prerequisite changes in the Xen code for TPM 2014-01-06 22:23:01 +11:00
keys security: shmem: implement kernel private shmem inodes 2013-12-02 11:24:19 +00:00
selinux locks: add new fcntl cmd values for handling file private locks 2014-03-31 08:24:43 -04:00
smack Merge git://git.infradead.org/users/eparis/audit 2014-01-23 18:08:10 -08:00
tomoyo Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-05-01 17:51:54 -07:00
yama yama: Better permission check for ptraceme 2013-03-26 13:17:58 -07:00
Kconfig KEYS: Move the key config into security/keys/Kconfig 2012-05-11 10:56:56 +01:00
Makefile security: remove erroneous comment about capabilities.o link ordering 2013-09-24 11:26:28 +10:00
capability.c Linux 3.12 2013-11-26 17:32:55 -05:00
commoncap.c capabilities: allow nice if we are privileged 2013-08-30 23:44:09 -07:00
device_cgroup.c cgroup: replace cftype->read_seq_string() with cftype->seq_show() 2013-12-05 12:28:04 -05:00
inode.c securityfs: fix object creation races 2012-01-10 10:20:35 -05:00
lsm_audit.c Merge git://git.infradead.org/users/eparis/audit 2013-11-21 19:18:14 -08:00
min_addr.c mmap_min_addr check CAP_SYS_RAWIO only for write 2010-04-23 08:56:31 +10:00
security.c Linux 3.12 2013-11-26 17:32:55 -05:00