From patchwork Sat Oct 13 00:06:51 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Darrick J. Wong" X-Patchwork-Id: 10639531 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 52EB61508 for ; Sat, 13 Oct 2018 00:06:59 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3FFC42B78F for ; Sat, 13 Oct 2018 00:06:59 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 33CBB2B79F; Sat, 13 Oct 2018 00:06:59 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9F7EC2B7A0 for ; Sat, 13 Oct 2018 00:06:58 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 399616B0274; Fri, 12 Oct 2018 20:06:57 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 36DE66B0275; Fri, 12 Oct 2018 20:06:57 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 25EF76B0276; Fri, 12 Oct 2018 20:06:57 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-qt1-f199.google.com (mail-qt1-f199.google.com [209.85.160.199]) by kanga.kvack.org (Postfix) with ESMTP id ED8616B0274 for ; Fri, 12 Oct 2018 20:06:56 -0400 (EDT) Received: by mail-qt1-f199.google.com with SMTP id i64-v6so13794502qtb.21 for ; Fri, 12 Oct 2018 17:06:56 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:subject:from:to:cc:date :message-id:in-reply-to:references:user-agent:mime-version :content-transfer-encoding; bh=X+hRMF8qOyPmwrn+aLfQoFcvGdBY/MR4c6X0bQBl/UQ=; b=Obru2MJzY6Y6IfUNoVSk/pB5x3DFF0I744+srxqscW+bmEgwAQ2/ACebOujoNVpoXK 88Xt0BsrwlyNGfXL/xybijkkMTHwf6Aeozew2LT+702nh0WpcaEvmcInMIE8IAQ8CuKP LUO9+hJ5TD7WiX9CvqGJdkVm+tKc3AB/lqzJJFCcXUpppu3Y+tt68PSR3eZxYBJ6/Aw/ 9JBzO+H7DcaemuoDKR8Tj5750M7n9uyazMif8zvtvUJN2oUY62vDg4iLUtVDbelIbROA iOGYcuyaa13lpZrQ+o0fDue7IQuhUDFravVVTzS8JVtTv0+WLQp/StdMLK2qjo5y36rA PmwQ== X-Gm-Message-State: ABuFfoiDBVamGrctnpUu2RqX172o2mU3Pxc7e7HpNgnaTtdPtSjp9gk4 e2Sum3dzjRpRpoIVG8MI5WPfjkG1/aY4uNcsS6J/7s77MjXkAUHGzoRLWBFEvF2lopmdtJ7Rx9j GIH2SjgCsun7lfocn5iR2RpbiR+4kgT3sMx2+3fbwq2yjVX8vbTU5iUA7cEKb5iREkg== X-Received: by 2002:a0c:92f3:: with SMTP id c48mr7921531qvc.39.1539389216733; Fri, 12 Oct 2018 17:06:56 -0700 (PDT) X-Google-Smtp-Source: ACcGV60ujShNBb3omkZJT4c4upELRPfm5ukTdo3U0ddOW1SfjJiSQhUOseqOko3sV1jJr88bAZCf X-Received: by 2002:a0c:92f3:: with SMTP id c48mr7921506qvc.39.1539389216130; Fri, 12 Oct 2018 17:06:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1539389216; cv=none; d=google.com; s=arc-20160816; b=aUx5xPQ1CV2+/cJZU83Ezmzr2fAyoWSgDV0+sPT5VmrCAo3fNQQSw9KtKIeEeOq1LB Qbu7IPZFNxQ9CPF0cS8AANsEwKHFpOSXE9J7EUAuVQqEG2wLrjoOBdJfLRlQesmzaMxZ 1Ax47b1cf+zOcBC/qEO6G42aOoOd8SZzR1GfcLj3NPsMRGJzyM2OBB4jInxawxjox4Sn isEECi+VQWKFRZMIDWgW5rA014LMD2xQwBwm2ko8b/LHUqFfAU+F1glBjXVEyAMzeRAf QTtmSwNudPC1T7YZS0ks/ZBnV0lxJg9Mg/ZZOPCT3tbiv6qL0iyqUVK5KWNlSnoV509x YiCA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:user-agent:references :in-reply-to:message-id:date:cc:to:from:subject:dkim-signature; bh=X+hRMF8qOyPmwrn+aLfQoFcvGdBY/MR4c6X0bQBl/UQ=; b=XX53rzaC4a0Lt4ebQJyLT1u6ON2gyOkZXByLPzVHAIPdz/u7asws3FPkjixOzWF29f ejmcpODZW6NvPCJvDuR3bd+z4BntFDyPiH9xlGiD5S6KZEQy5efS2Sj8GBDtHyYbINJS Vn+P4PmkYx7zHrUV4OwZcLeUnp+y57ZVq+kBdq5IgjmBvltQeZxnQWEgGlLGKM7Fmjbl SmTcW+3WxLtvFjywdUUb4iM4PCGkY5uydME4LHbgXmXpa1F2M1Lu1+UoIlx+Gt7FbztG IZMztZTuiaEj7Ng/bhyQCZ/8hN+qvXEmgOGrdWAWpI5SwUQbqoODZ4lgNVYdz+wSwjEY kObw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=oaf75sNI; spf=pass (google.com: domain of darrick.wong@oracle.com designates 141.146.126.78 as permitted sender) smtp.mailfrom=darrick.wong@oracle.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from aserp2120.oracle.com (aserp2120.oracle.com. [141.146.126.78]) by mx.google.com with ESMTPS id n79-v6si2385303qkl.244.2018.10.12.17.06.55 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 12 Oct 2018 17:06:56 -0700 (PDT) Received-SPF: pass (google.com: domain of darrick.wong@oracle.com designates 141.146.126.78 as permitted sender) client-ip=141.146.126.78; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=oaf75sNI; spf=pass (google.com: domain of darrick.wong@oracle.com designates 141.146.126.78 as permitted sender) smtp.mailfrom=darrick.wong@oracle.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from pps.filterd (aserp2120.oracle.com [127.0.0.1]) by aserp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w9D058qB163717; Sat, 13 Oct 2018 00:06:54 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=subject : from : to : cc : date : message-id : in-reply-to : references : mime-version : content-type : content-transfer-encoding; s=corp-2018-07-02; bh=X+hRMF8qOyPmwrn+aLfQoFcvGdBY/MR4c6X0bQBl/UQ=; b=oaf75sNI9fHdy3z1KCWd1yMoIIQOCfKi6l+fxwIosb+BBV/PVmeb9COz3atuJZSqTUvk gsDCA3RUWS+iSqwPIoZfURb82XUSyqrYJLiTOceAKpkzX/0W6RdfilwWfkA1pgNAUt7c FqZ7kNSkHNzVraOeuoUgQCS6MjSsSdFORjoJtO/T6jEq+CyJEZjs9m11n3158n658BEK lfZlu69J7TBiS+mkb3CjkFY13E6M1ztKyGlPIV3b84OOUY+QlNgt6XUA6/1DSzwcsm47 wcT+E5f1mS41cUGiBEm1IWwsgy/c3SXyQ4jnA2lJG8ys+JpidPOy2AWtC3uYRef5YzDW VA== Received: from aserv0022.oracle.com (aserv0022.oracle.com [141.146.126.234]) by aserp2120.oracle.com with ESMTP id 2mxn0qnmee-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sat, 13 Oct 2018 00:06:54 +0000 Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235]) by aserv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w9D06rC3018311 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sat, 13 Oct 2018 00:06:53 GMT Received: from abhmp0010.oracle.com (abhmp0010.oracle.com [141.146.116.16]) by aserv0121.oracle.com (8.14.4/8.13.8) with ESMTP id w9D06rH5017876; Sat, 13 Oct 2018 00:06:53 GMT Received: from localhost (/10.159.251.254) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Sat, 13 Oct 2018 00:06:53 +0000 Subject: [PATCH 10/25] vfs: create generic_remap_file_range_touch to update inode metadata From: "Darrick J. Wong" To: david@fromorbit.com, darrick.wong@oracle.com Cc: sandeen@redhat.com, linux-nfs@vger.kernel.org, linux-cifs@vger.kernel.org, Amir Goldstein , linux-unionfs@vger.kernel.org, linux-xfs@vger.kernel.org, linux-mm@kvack.org, linux-btrfs@vger.kernel.org, linux-fsdevel@vger.kernel.org, ocfs2-devel@oss.oracle.com Date: Fri, 12 Oct 2018 17:06:51 -0700 Message-ID: <153938921180.8361.13556945128095535605.stgit@magnolia> In-Reply-To: <153938912912.8361.13446310416406388958.stgit@magnolia> References: <153938912912.8361.13446310416406388958.stgit@magnolia> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9044 signatures=668706 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1807170000 definitions=main-1810130000 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Darrick J. Wong Create a new VFS helper to handle inode metadata updates when remapping into a file. If the operation can possibly alter the file contents, we must update the ctime and mtime and remove security privileges, just like we do for regular file writes. Wire up ocfs2 to ensure consistent behavior. Signed-off-by: Darrick J. Wong Reviewed-by: Amir Goldstein --- fs/ocfs2/refcounttree.c | 8 ++++++++ fs/read_write.c | 24 ++++++++++++++++++++++++ fs/xfs/xfs_reflink.c | 29 +++++++---------------------- include/linux/fs.h | 1 + 4 files changed, 40 insertions(+), 22 deletions(-) diff --git a/fs/ocfs2/refcounttree.c b/fs/ocfs2/refcounttree.c index 36c56dfbe485..ee1ed11379b3 100644 --- a/fs/ocfs2/refcounttree.c +++ b/fs/ocfs2/refcounttree.c @@ -4855,6 +4855,14 @@ int ocfs2_reflink_remap_range(struct file *file_in, if (ret <= 0) goto out_unlock; + /* + * Update inode timestamps and remove security privileges before we + * take the ilock. + */ + ret = generic_remap_file_range_touch(file_out, is_dedupe); + if (ret) + goto out_unlock; + /* Lock out changes to the allocation maps and remap. */ down_write(&OCFS2_I(inode_in)->ip_alloc_sem); if (!same_inode) diff --git a/fs/read_write.c b/fs/read_write.c index ff6fcb3b99dd..7b837d12f75d 100644 --- a/fs/read_write.c +++ b/fs/read_write.c @@ -1806,6 +1806,30 @@ int generic_remap_file_range_prep(struct file *file_in, loff_t pos_in, } EXPORT_SYMBOL(generic_remap_file_range_prep); +/* Update inode timestamps and remove security privileges when remapping. */ +int generic_remap_file_range_touch(struct file *file, bool is_dedupe) +{ + int ret; + + /* If can't alter the file contents, we're done. */ + if (is_dedupe) + return 0; + + /* Update the timestamps, since we can alter file contents. */ + if (!(file->f_mode & FMODE_NOCMTIME)) { + ret = file_update_time(file); + if (ret) + return ret; + } + + /* + * Clear the security bits if the process is not being run by root. + * This keeps people from modifying setuid and setgid binaries. + */ + return file_remove_privs(file); +} +EXPORT_SYMBOL(generic_remap_file_range_touch); + int do_clone_file_range(struct file *file_in, loff_t pos_in, struct file *file_out, loff_t pos_out, u64 len) { diff --git a/fs/xfs/xfs_reflink.c b/fs/xfs/xfs_reflink.c index a7757a128a78..99f2ea4fcaba 100644 --- a/fs/xfs/xfs_reflink.c +++ b/fs/xfs/xfs_reflink.c @@ -1371,28 +1371,13 @@ xfs_reflink_remap_prep( truncate_inode_pages_range(&inode_out->i_data, pos_out, PAGE_ALIGN(pos_out + *len) - 1); - /* If we're altering the file contents... */ - if (!is_dedupe) { - /* - * ...update the timestamps (which will grab the ilock again - * from xfs_fs_dirty_inode, so we have to call it before we - * take the ilock). - */ - if (!(file_out->f_mode & FMODE_NOCMTIME)) { - ret = file_update_time(file_out); - if (ret) - goto out_unlock; - } - - /* - * ...clear the security bits if the process is not being run - * by root. This keeps people from modifying setuid and setgid - * binaries. - */ - ret = file_remove_privs(file_out); - if (ret) - goto out_unlock; - } + /* + * Update inode timestamps and remove security privileges before we + * take the ilock. + */ + ret = generic_remap_file_range_touch(file_out, is_dedupe); + if (ret) + goto out_unlock; return 1; out_unlock: diff --git a/include/linux/fs.h b/include/linux/fs.h index 686905be04c0..91fd3c77763b 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1847,6 +1847,7 @@ extern ssize_t vfs_copy_file_range(struct file *, loff_t , struct file *, extern int generic_remap_file_range_prep(struct file *file_in, loff_t pos_in, struct file *file_out, loff_t pos_out, u64 *count, bool is_dedupe); +extern int generic_remap_file_range_touch(struct file *file, bool is_dedupe); extern int do_clone_file_range(struct file *file_in, loff_t pos_in, struct file *file_out, loff_t pos_out, u64 len); extern int vfs_clone_file_range(struct file *file_in, loff_t pos_in,