From patchwork Wed Apr 17 19:04:33 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Darrick J. Wong" X-Patchwork-Id: 10905967 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C91FB14DB for ; Wed, 17 Apr 2019 19:06:39 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id AC54F28B87 for ; Wed, 17 Apr 2019 19:06:39 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 9F8E528B9C; Wed, 17 Apr 2019 19:06:39 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, SUSPICIOUS_RECIPS,UNPARSEABLE_RELAY autolearn=no version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2B65E28B96 for ; Wed, 17 Apr 2019 19:06:39 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 1DB676B027C; Wed, 17 Apr 2019 15:06:38 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 18C216B027E; Wed, 17 Apr 2019 15:06:38 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 053CC6B027F; Wed, 17 Apr 2019 15:06:38 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-qt1-f200.google.com (mail-qt1-f200.google.com [209.85.160.200]) by kanga.kvack.org (Postfix) with ESMTP id D58656B027C for ; Wed, 17 Apr 2019 15:06:37 -0400 (EDT) Received: by mail-qt1-f200.google.com with SMTP id g17so23377714qte.17 for ; Wed, 17 Apr 2019 12:06:37 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:subject:from:to:cc:date :message-id:in-reply-to:references:user-agent:mime-version :content-transfer-encoding; bh=JouHYqapC+Bru3b7LvDckRkkxunv72G7Ij9fwNIVhtw=; b=J/TGqjFfraqqhTHKhhcedFQR4gvHSdOCUTPU5lwJrIpOqwSYHn4/C3lcbm+fFMOn8B gSFAW7g2OMuk+BINqSzhFA5gqLvIpr5ceDr4sye09V0F9I4Fm+N95BccJsBCW6uiV3I0 csT7nmut0/ssPG0LRguKhCWrRcGHDdMvg45/R8q7Y79oIiusLBReSVhzIdvMRfonSj/V 8Vzgb+LlBFiAjTwIBDOAWvw5KJ366JV9rI9PZv4DI0DkvE2Hp0r3ALqqK1kTk5CfVIVp YY1+HVIGTl/+Uo7ZZcUw5yaANAwA/LJC2N/MkPBC+JeP7GvAAzFr5L0npLMA09YXtlwg EzYA== X-Gm-Message-State: APjAAAW/KNOt9kHgCv3otuSSpxQAGyE8LZ/azk+Wb0qRRV8iMYp0cRgp AwQZ44YjGHLEDpaI1EU/dqCA7T+2I1ZWNZ6hThucICXizo4NDxwjfRZvE5tnbOcV1uTVF/j+XBs +v3hwQai7cr8ocbXqgPneLfpsla3jv6uKodBY6QmqsM7B+vgK38Mcyan6DDCKp+Kzwg== X-Received: by 2002:a37:5805:: with SMTP id m5mr68716947qkb.136.1555527997627; Wed, 17 Apr 2019 12:06:37 -0700 (PDT) X-Google-Smtp-Source: APXvYqyoMwh5aMahs71fS17+DDIfXcM82xVCA8n9uZJSwnIRmKYr/Kt5M3uH/RPt7Bm3VqKXs92k X-Received: by 2002:a37:5805:: with SMTP id m5mr68716881qkb.136.1555527996872; Wed, 17 Apr 2019 12:06:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555527996; cv=none; d=google.com; s=arc-20160816; b=PvgrNcul9Bo4KG50vU67hHPMMyOZJmlYg2M4wI4lWNuaq6xZvKnL3ue5ghJi5c7rvP bRxwsyCnYhl2WyQLFEdUv56BKgu9/vGN6nIu+G8DtO/ctWwTHunjkAJPHuhL0sszLD/O keYZukLYDPYD3H6sdEhk9yfbRW0shNJ/p+VB67VeQFjN/k6yOCRWdXZeL6xKnA0x12MQ Mr3D5vz2mAiT1KiTAy1+To++KIEiMPE7TO7/vGcB9G56f7AT42beOV9cJUUHH1DWrc8T EfXT2TGD/5xlbtk2EuAB9Whu7ac4uC9Ig/m2WnUIvn9Y9WLVC+ygeftDhZw0NXWHkWO9 CAoQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:user-agent:references :in-reply-to:message-id:date:cc:to:from:subject:dkim-signature; bh=JouHYqapC+Bru3b7LvDckRkkxunv72G7Ij9fwNIVhtw=; b=DBz+Ky7e1W3clccqoheDoUF+GufUGMFPDhmpAOFjEZx9HYtK23RJ8edNL+Vap1eT2J qHiHt6udt2H8sB/VRz28lBsQ/5X32ec3setYB6haais0EW2aOQ0xS2pszgRS5nkRO3Pw 08MqjVy46tOSeEjx0qVSLQ2pBlgjTQ1nTRy+kAzLe75tFS2zBR2agEqEj/TuNUwiV6NG vAtaMPPj6G3FHqraLBivdxWlp/yS8f8Jt3oms/cFVLG96ravlJNpfi7AIyHdxD9/VGvH QuaQaooVK0gEdcEAgYvmzVjPQ+gNspM3CrOa8SFD+kEpzSD7JnXjT/LIR8GGEEQmFN7r 2oOw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=sYhTtogV; spf=pass (google.com: domain of darrick.wong@oracle.com designates 141.146.126.79 as permitted sender) smtp.mailfrom=darrick.wong@oracle.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from aserp2130.oracle.com (aserp2130.oracle.com. [141.146.126.79]) by mx.google.com with ESMTPS id n18si9773898qvn.17.2019.04.17.12.06.36 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 17 Apr 2019 12:06:36 -0700 (PDT) Received-SPF: pass (google.com: domain of darrick.wong@oracle.com designates 141.146.126.79 as permitted sender) client-ip=141.146.126.79; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=sYhTtogV; spf=pass (google.com: domain of darrick.wong@oracle.com designates 141.146.126.79 as permitted sender) smtp.mailfrom=darrick.wong@oracle.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from pps.filterd (aserp2130.oracle.com [127.0.0.1]) by aserp2130.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x3HIwrW0174911; Wed, 17 Apr 2019 19:06:36 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=subject : from : to : cc : date : message-id : in-reply-to : references : mime-version : content-type : content-transfer-encoding; s=corp-2018-07-02; bh=JouHYqapC+Bru3b7LvDckRkkxunv72G7Ij9fwNIVhtw=; b=sYhTtogV2rz0CQ7WtQZBxg27VjT2c0iYvfnb7MkAJHjwYWyrFXX6d2yTmAznDmyilqJB d9OepAaFTrcZi9wpBI7rBESJRoaT0WSSYhAUssNFj/G2xlcBkOYOCjddOG1LIfQtQ4qz PTMnFG8X0NjYd7F982V9yU1WjX/KOcluZaBD2LzIqWcHZsy4njOrTS32V6UrEAPZ6z7T oaM12PSyqVObWxMFI7ckyHglKDXbpbSsY8pON5zwmFRPj93BLpv3AAq6Hj5qYi76xbTF LImlFac+FuXVRvr6GL7FGrEWHWE49GT1YxhLtDrfYyIZwStbi1ZswjmAyxCQlYdDb2j/ HQ== Received: from userp3020.oracle.com (userp3020.oracle.com [156.151.31.79]) by aserp2130.oracle.com with ESMTP id 2ru59dcxbv-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 17 Apr 2019 19:06:35 +0000 Received: from pps.filterd (userp3020.oracle.com [127.0.0.1]) by userp3020.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x3HJ4ScB119486; Wed, 17 Apr 2019 19:04:35 GMT Received: from userv0122.oracle.com (userv0122.oracle.com [156.151.31.75]) by userp3020.oracle.com with ESMTP id 2rubq744gy-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 17 Apr 2019 19:04:34 +0000 Received: from abhmp0015.oracle.com (abhmp0015.oracle.com [141.146.116.21]) by userv0122.oracle.com (8.14.4/8.14.4) with ESMTP id x3HJ4YpM020984; Wed, 17 Apr 2019 19:04:34 GMT Received: from localhost (/67.169.218.210) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 17 Apr 2019 12:04:34 -0700 Subject: [PATCH 1/8] mm/fs: don't allow writes to immutable files From: "Darrick J. Wong" To: darrick.wong@oracle.com Cc: linux-xfs@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org Date: Wed, 17 Apr 2019 12:04:33 -0700 Message-ID: <155552787330.20411.11893581890744963309.stgit@magnolia> In-Reply-To: <155552786671.20411.6442426840435740050.stgit@magnolia> References: <155552786671.20411.6442426840435740050.stgit@magnolia> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9230 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=1 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=265 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904170125 X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9230 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=292 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904170125 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Darrick J. Wong The chattr manpage has this to say about immutable files: "A file with the 'i' attribute cannot be modified: it cannot be deleted or renamed, no link can be created to this file, most of the file's metadata can not be modified, and the file can not be opened in write mode." Once the flag is set, it is enforced for quite a few file operations, such as fallocate, fpunch, fzero, rm, touch, open, etc. However, we don't check for immutability when doing a write(), a PROT_WRITE mmap(), a truncate(), or a write to a previously established mmap. If a program has an open write fd to a file that the administrator subsequently marks immutable, the program still can change the file contents. Weird! The ability to write to an immutable file does not follow the manpage promise that immutable files cannot be modified. Worse yet it's inconsistent with the behavior of other syscalls which don't allow modifications of immutable files. Therefore, add the necessary checks to make the write, mmap, and truncate behavior consistent with what the manpage says and consistent with other syscalls on filesystems which support IMMUTABLE. Signed-off-by: Darrick J. Wong --- fs/attr.c | 13 ++++++------- mm/filemap.c | 3 +++ mm/memory.c | 3 +++ mm/mmap.c | 8 ++++++-- 4 files changed, 18 insertions(+), 9 deletions(-) diff --git a/fs/attr.c b/fs/attr.c index d22e8187477f..1fcfdcc5b367 100644 --- a/fs/attr.c +++ b/fs/attr.c @@ -233,19 +233,18 @@ int notify_change(struct dentry * dentry, struct iattr * attr, struct inode **de WARN_ON_ONCE(!inode_is_locked(inode)); - if (ia_valid & (ATTR_MODE | ATTR_UID | ATTR_GID | ATTR_TIMES_SET)) { - if (IS_IMMUTABLE(inode) || IS_APPEND(inode)) - return -EPERM; - } + if (IS_IMMUTABLE(inode)) + return -EPERM; + + if ((ia_valid & (ATTR_MODE | ATTR_UID | ATTR_GID | ATTR_TIMES_SET)) && + IS_APPEND(inode)) + return -EPERM; /* * If utimes(2) and friends are called with times == NULL (or both * times are UTIME_NOW), then we need to check for write permission */ if (ia_valid & ATTR_TOUCH) { - if (IS_IMMUTABLE(inode)) - return -EPERM; - if (!inode_owner_or_capable(inode)) { error = inode_permission(inode, MAY_WRITE); if (error) diff --git a/mm/filemap.c b/mm/filemap.c index d78f577baef2..9fed698f4c63 100644 --- a/mm/filemap.c +++ b/mm/filemap.c @@ -3033,6 +3033,9 @@ inline ssize_t generic_write_checks(struct kiocb *iocb, struct iov_iter *from) loff_t count; int ret; + if (IS_IMMUTABLE(inode)) + return -EPERM; + if (!iov_iter_count(from)) return 0; diff --git a/mm/memory.c b/mm/memory.c index ab650c21bccd..dfd5eba278d6 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -2149,6 +2149,9 @@ static vm_fault_t do_page_mkwrite(struct vm_fault *vmf) vmf->flags = FAULT_FLAG_WRITE|FAULT_FLAG_MKWRITE; + if (vmf->vma->vm_file && IS_IMMUTABLE(file_inode(vmf->vma->vm_file))) + return VM_FAULT_SIGBUS; + ret = vmf->vma->vm_ops->page_mkwrite(vmf); /* Restore original flags so that caller is not surprised */ vmf->flags = old_flags; diff --git a/mm/mmap.c b/mm/mmap.c index 41eb48d9b527..697a101bda59 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -1481,8 +1481,12 @@ unsigned long do_mmap(struct file *file, unsigned long addr, case MAP_SHARED_VALIDATE: if (flags & ~flags_mask) return -EOPNOTSUPP; - if ((prot&PROT_WRITE) && !(file->f_mode&FMODE_WRITE)) - return -EACCES; + if (prot & PROT_WRITE) { + if (!(file->f_mode & FMODE_WRITE)) + return -EACCES; + if (IS_IMMUTABLE(file_inode(file))) + return -EPERM; + } /* * Make sure we don't allow writing to an append-only From patchwork Wed Apr 17 19:04:39 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Darrick J. Wong" X-Patchwork-Id: 10905911 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C1A0914DB for ; Wed, 17 Apr 2019 19:04:46 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A2BB628A44 for ; Wed, 17 Apr 2019 19:04:46 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 96A1C28B87; Wed, 17 Apr 2019 19:04:46 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, SUSPICIOUS_RECIPS,UNPARSEABLE_RELAY autolearn=no version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 36DCB28A44 for ; Wed, 17 Apr 2019 19:04:46 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 5D3836B026E; Wed, 17 Apr 2019 15:04:45 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 55CE46B0270; Wed, 17 Apr 2019 15:04:45 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3FEBD6B0271; Wed, 17 Apr 2019 15:04:45 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pf1-f200.google.com (mail-pf1-f200.google.com [209.85.210.200]) by kanga.kvack.org (Postfix) with ESMTP id 031996B026E for ; Wed, 17 Apr 2019 15:04:45 -0400 (EDT) Received: by mail-pf1-f200.google.com with SMTP id p8so16850781pfd.4 for ; Wed, 17 Apr 2019 12:04:44 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:subject:from:to:cc:date :message-id:in-reply-to:references:user-agent:mime-version :content-transfer-encoding; bh=y+PxHRpKRR8FMn+l+nQg0fxdlWX1SCLNjd1udTc7yR8=; b=t4eGzG/9U8sh99Sjbu5LL8atq8nwOOGYjuWUNDq7flIfCC6Ihl9w3eaN9JBFsmmvUM pHF99nMdCxDmLpaoF8kPHyIXzSY6IjryE90mZpKRXcHVUJ/rv/Wc4yLsgvm4gg7SpkTE TBa96IISYuDpnReQD+W9dNP/fLUsY2syt7m+vVSVGiX0fYUY4QQiqbIEWDHhkeHbayj5 qv2tOMynX42+vL9vwc3nqxgw4Sh7C0nQRhIJsyCKA/AV1e16sPaXIx39wQD2UNdyXb2P CGmcMEAtStIfjQKEfbKXzJDa4imG/RaJ/fPkp6MUfqm+rAIAfB3BUr42gy5pJKbOW54Q EW+g== X-Gm-Message-State: APjAAAWQ1GP28hg30+J5R+eX5AeSaxe91HeER6DCAf/EcxlVtpa7Vtho l4OaPk7YOjKEbJrdg2OkynmWvqoyBIFs5G2xDk6i29jiMjWFw69Nx4COpUrUVNDD01jAhVgpV9o NdVnrnBUQZBmOTjBrYgSSWucFW+Q8up3AugfdZcN58fBy2K6AZP/Eeh/ZYyqoAAWMKA== X-Received: by 2002:a65:6202:: with SMTP id d2mr5840515pgv.176.1555527884688; Wed, 17 Apr 2019 12:04:44 -0700 (PDT) X-Google-Smtp-Source: APXvYqyAWm4Ytl5pdSxY++OQWF2TDA0xSWUbodD8LwP6umNDUCHrjbPxGOgfHc+Zkte0IQm9uOYy X-Received: by 2002:a65:6202:: with SMTP id d2mr5840467pgv.176.1555527884052; Wed, 17 Apr 2019 12:04:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555527884; cv=none; d=google.com; s=arc-20160816; b=UvHWlCZT9zFVdf45EXEOkFsDWYLKBrmYLf1rf4U1cz7WUmjaEHXPTlX/lbsYUCQncR 7JoXiity/xQEP2+TwUiQYRJen3c148TpGG0g7QbaRoMTd51mS3PuQ1EoLg9MEPETLVY0 uhNaEB3HZi5HZCVSMgppPXfGmPQEfsWWc5PySEmo2tctxJ0VoLaJGj3nY3SVlBvpRjcB Bs72/WVOYN0RxaOfo2BogAN8ijoFmrK6MJP3fQeYGqN5t//HTkYgBKbxUeKVcDks8tDS PDTlUrnZ2CnOSSI2aKD07jHRHZ9kdmxx8PN0AT6E/WJt/6T0wvNSFLp9OsheEMzEK5ul eWCg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:user-agent:references :in-reply-to:message-id:date:cc:to:from:subject:dkim-signature; bh=y+PxHRpKRR8FMn+l+nQg0fxdlWX1SCLNjd1udTc7yR8=; b=RVnsCiaDODcLOaytxvODu9Ys2MbarBpAeKY2PiFSDOIHECRm0NaRWKlSgVkdbQU9TT Obf4hx48s6nBky18zsG7+hpYFT3rI7TfnGVTA9Ze6/oGsIJD6ci8cyDQBoB0zSeEB5RT v7pnVN9t66P34Z40AUNiIUvd6abIWSn+3JAJV9NOMq5lYH/V+tSG3SSKr/j5K1CN0sGY OwB372CtEPUMLiCWa1w4ObJbYJH+sTsRxarJSMaggOJYDf6hoFTNAgv86kk1d0v5w6ob q+ds5OsuWN12nmlBxKebn3c7J1rWQotO5zjWgBa1bhCx8KkbVJPlKpk7Yz2OB8kOSJvt /Rrg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b="x/aLz03x"; spf=pass (google.com: domain of darrick.wong@oracle.com designates 156.151.31.85 as permitted sender) smtp.mailfrom=darrick.wong@oracle.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from userp2120.oracle.com (userp2120.oracle.com. [156.151.31.85]) by mx.google.com with ESMTPS id k12si49447264pll.73.2019.04.17.12.04.43 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 17 Apr 2019 12:04:44 -0700 (PDT) Received-SPF: pass (google.com: domain of darrick.wong@oracle.com designates 156.151.31.85 as permitted sender) client-ip=156.151.31.85; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b="x/aLz03x"; spf=pass (google.com: domain of darrick.wong@oracle.com designates 156.151.31.85 as permitted sender) smtp.mailfrom=darrick.wong@oracle.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from pps.filterd (userp2120.oracle.com [127.0.0.1]) by userp2120.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x3HIwtRL185818; Wed, 17 Apr 2019 19:04:43 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=subject : from : to : cc : date : message-id : in-reply-to : references : mime-version : content-type : content-transfer-encoding; s=corp-2018-07-02; bh=y+PxHRpKRR8FMn+l+nQg0fxdlWX1SCLNjd1udTc7yR8=; b=x/aLz03x9oud8wZan9RTBVwgCc31dEemOIKWGIia/Zw+wSbao09lIvbCBQSjxxPTf5XI 53Xegw/lfsTQe2QPikyDzTuxivy9Yu0n9Kmt+eqqdCSFtUXeZrffaY0W5H6rSX1Ow5L0 BU/a0kveDWkVPhMfXYicCFxJJJ12LnCw5mFpiaGbHyc4bcj7h9FySx1DPUj5oEurK/1r eVVe+oILw48oHvz2FDvcXEOmtU6evGrWh50fBTfx6ytDIByWiPBN3uGA+tiVFWWj8Dgf Bozd4pa1FQgPv//cDWhDStAlrKY8BmqHqbQoqQTBFjf1D1wiUiz9cWwE1ydcKOsb1kkb Yw== Received: from aserp3030.oracle.com (aserp3030.oracle.com [141.146.126.71]) by userp2120.oracle.com with ESMTP id 2rusnf2vg0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 17 Apr 2019 19:04:43 +0000 Received: from pps.filterd (aserp3030.oracle.com [127.0.0.1]) by aserp3030.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x3HJ49EM159083; Wed, 17 Apr 2019 19:04:42 GMT Received: from aserv0122.oracle.com (aserv0122.oracle.com [141.146.126.236]) by aserp3030.oracle.com with ESMTP id 2rwe7ak1g9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 17 Apr 2019 19:04:42 +0000 Received: from abhmp0019.oracle.com (abhmp0019.oracle.com [141.146.116.25]) by aserv0122.oracle.com (8.14.4/8.14.4) with ESMTP id x3HJ4fde008279; Wed, 17 Apr 2019 19:04:41 GMT Received: from localhost (/67.169.218.210) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 17 Apr 2019 12:04:41 -0700 Subject: [PATCH 2/8] xfs: unlock inode when xfs_ioctl_setattr_get_trans can't get transaction From: "Darrick J. Wong" To: darrick.wong@oracle.com Cc: linux-xfs@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org Date: Wed, 17 Apr 2019 12:04:39 -0700 Message-ID: <155552787973.20411.3438010430489882890.stgit@magnolia> In-Reply-To: <155552786671.20411.6442426840435740050.stgit@magnolia> References: <155552786671.20411.6442426840435740050.stgit@magnolia> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9230 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=1 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=798 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904170125 X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9230 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=820 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904170125 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Darrick J. Wong We passed an inode into xfs_ioctl_setattr_get_trans with join_flags indicating which locks are held on that inode. If we can't allocate a transaction then we need to unlock the inode before we bail out. Signed-off-by: Darrick J. Wong Reviewed-by: Brian Foster --- fs/xfs/xfs_ioctl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/xfs/xfs_ioctl.c b/fs/xfs/xfs_ioctl.c index ae615a79b266..21d6f433c375 100644 --- a/fs/xfs/xfs_ioctl.c +++ b/fs/xfs/xfs_ioctl.c @@ -1153,7 +1153,7 @@ xfs_ioctl_setattr_get_trans( error = xfs_trans_alloc(mp, &M_RES(mp)->tr_ichange, 0, 0, 0, &tp); if (error) - return ERR_PTR(error); + goto out_unlock; xfs_ilock(ip, XFS_ILOCK_EXCL); xfs_trans_ijoin(tp, ip, XFS_ILOCK_EXCL | join_flags); From patchwork Wed Apr 17 19:04:47 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Darrick J. Wong" X-Patchwork-Id: 10905921 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id B11B017E0 for ; Wed, 17 Apr 2019 19:04:54 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A358328B6D for ; Wed, 17 Apr 2019 19:04:54 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 97EAC28B81; Wed, 17 Apr 2019 19:04:54 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, SUSPICIOUS_RECIPS,UNPARSEABLE_RELAY autolearn=no version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C949628B6D for ; Wed, 17 Apr 2019 19:04:53 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 055DE6B0270; Wed, 17 Apr 2019 15:04:53 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id EF8B96B0272; Wed, 17 Apr 2019 15:04:52 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D9C3D6B0273; Wed, 17 Apr 2019 15:04:52 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pl1-f197.google.com (mail-pl1-f197.google.com [209.85.214.197]) by kanga.kvack.org (Postfix) with ESMTP id 9BF386B0270 for ; Wed, 17 Apr 2019 15:04:52 -0400 (EDT) Received: by mail-pl1-f197.google.com with SMTP id w9so15989122plz.11 for ; Wed, 17 Apr 2019 12:04:52 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:subject:from:to:cc:date :message-id:in-reply-to:references:user-agent:mime-version :content-transfer-encoding; bh=4IWcQHbcbjjSoElqhy/tH+JNcEGf6skHkkWEdbPjeHg=; b=tXaFuz9nH11+Y+I4JMtFiK4KiOr84hFQit4o7KrAKLa/ZB4QG/H9lCblp8Deejlqlb XNZmSrUyqRVCdq9MoMQERDSrK/4d2pIcfMCe9Y8ExnjBIzURt3M3YBFDK5QRVrTfcgTw +qp/msgB8jVe2K7o4Z+YWx0gen17l5WZbFsoeYBAO4ej0GHMKzd2HITXsWAhadzkVxGG BsmY0K0mc1zlsLlmOEJD/OpEwJjUyRthK7kUsdQQMX6RILtH5YoD7yUW4b/waCXBhqkm PqynO/8Owqy3LnymyzhoWgfaFe/vZox1V/Jf/cG5a16MCzt+eqyKHPYLBfsQI20E/97Y wL0w== X-Gm-Message-State: APjAAAW+9Ye0Cn+a4+zu3/pratJ6q7MAR6TfGs5vTeAViQ9cXMrkeobg mxi8E7xTVzDFjtuaTDY0oix9xgSVREvOidmyJMFZKotzR3ve3UYqh5X/NYIbnIoJtTeyqtPDcfL y3xZJMups2+CnrWdj7BtYaEhGGw4mGqHx2gx1P0L1CbqVh76DoyLGmqoBtTcN8EC3sQ== X-Received: by 2002:a65:4108:: with SMTP id w8mr83863215pgp.236.1555527892250; Wed, 17 Apr 2019 12:04:52 -0700 (PDT) X-Google-Smtp-Source: APXvYqxQgetdhHVcV7spajGJ3YtrlYd2KdnKbE5VFsSAYgHdV0+87oaSU/jVdf5MARPlSzCxlvmu X-Received: by 2002:a65:4108:: with SMTP id w8mr83863131pgp.236.1555527891141; Wed, 17 Apr 2019 12:04:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555527891; cv=none; d=google.com; s=arc-20160816; b=diZaXeNbmFDhEt5T4NryTrNh2cm8FQxSgLrkDFad6O5ExIVyN5SP76h+EzRvgkw2UC IYlYoyDZYsn0fpN+/8DH08CN0o3U4W91l5PO2slNjXkntOtRswydV7KCsESLz9xI0k1+ hkU87NpaZYU74OENFiPaxPp8kHlOpKUeSq6uABJKmeAXoejDGdlP0gUKzL3iZ7RchbwQ mSsymxlawbAQRWRWW8FlKzhW2V9ayNF7+/WQrVGkGKY4D6CMdWAsPzc6BBQjabhGMDf5 2LJuYhhWWnlDJ1kwNuevF+eD6+j0dRhjKpknJyfnRjgrnboqlZy6JaHe2tDSSKUImc6p Ac3w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:user-agent:references :in-reply-to:message-id:date:cc:to:from:subject:dkim-signature; bh=4IWcQHbcbjjSoElqhy/tH+JNcEGf6skHkkWEdbPjeHg=; b=lcneVIJLtNtjrKWTYOuqvRO5+96Kuqx48cU+aaZnVJUma4iuCfmbo1T77rmTGMIoRq DZqEqzRCm8TEJl0opWIP1XqmFyh1MYlBWKe0244co9NudzgjFCsnNHAl56O6VZ6smaxi 1H+EKv8ukm17LTTbhZqvaxZTdbeyN/DBVTo4vOIUOw8Ki93PW9opGMiASjG3CI4k5677 zA+6gg/cO/tIHrDj4mWSnX6lohgk/Dt4sUFBxGgxz8EQ1lgZAJpvIOG3GLV5hAlB62Mu hHdQKF4hlhbMkG8BdaklYwAxOhozTTG5oBWjmc0GUA7O4MlLviKrmFwV8uwkS5WO3xKq Kp2Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=tRqmVUCd; spf=pass (google.com: domain of darrick.wong@oracle.com designates 156.151.31.85 as permitted sender) smtp.mailfrom=darrick.wong@oracle.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from userp2120.oracle.com (userp2120.oracle.com. [156.151.31.85]) by mx.google.com with ESMTPS id s29si49888955pga.152.2019.04.17.12.04.50 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 17 Apr 2019 12:04:51 -0700 (PDT) Received-SPF: pass (google.com: domain of darrick.wong@oracle.com designates 156.151.31.85 as permitted sender) client-ip=156.151.31.85; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=tRqmVUCd; spf=pass (google.com: domain of darrick.wong@oracle.com designates 156.151.31.85 as permitted sender) smtp.mailfrom=darrick.wong@oracle.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from pps.filterd (userp2120.oracle.com [127.0.0.1]) by userp2120.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x3HIwxFG185859; Wed, 17 Apr 2019 19:04:50 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=subject : from : to : cc : date : message-id : in-reply-to : references : mime-version : content-type : content-transfer-encoding; s=corp-2018-07-02; bh=4IWcQHbcbjjSoElqhy/tH+JNcEGf6skHkkWEdbPjeHg=; b=tRqmVUCdtc64SZ25M9a40kcXY5x9K2C2RkhU0OLtxqr4uvK47U56Z9UQPb7P3W3p0kXF 4Sgqo2dYkSMmcm6KJVCx7wtK93sfJWaBP6/Si5OTuzRYeNg/hCaBMS4lTqvChmc1hG4N KQaIZE/OgssJkGJK6BvX4twk4hO+5rhCGG1RZ67r5mENkS5CQEINl5Fq2fWuteZk8hz/ UBTNGYgD//ZLqGGTs3JYnkwggNTr9iIDhqpvF3wJqKgRfUKTnH8ZeCo/b9n17zVZ2Nw2 XD9U2w96YrSciTMZ41Xc9IkdBmtNjmec05cVC5qhD9FZ7iq+KYmjKukYb71lc2KFGCMd tg== Received: from userp3030.oracle.com (userp3030.oracle.com [156.151.31.80]) by userp2120.oracle.com with ESMTP id 2rusnf2vgd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 17 Apr 2019 19:04:49 +0000 Received: from pps.filterd (userp3030.oracle.com [127.0.0.1]) by userp3030.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x3HJ34Zc081759; Wed, 17 Apr 2019 19:04:49 GMT Received: from userv0122.oracle.com (userv0122.oracle.com [156.151.31.75]) by userp3030.oracle.com with ESMTP id 2ru4vtyxrh-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 17 Apr 2019 19:04:49 +0000 Received: from abhmp0022.oracle.com (abhmp0022.oracle.com [141.146.116.28]) by userv0122.oracle.com (8.14.4/8.14.4) with ESMTP id x3HJ4mcK021504; Wed, 17 Apr 2019 19:04:48 GMT Received: from localhost (/67.169.218.210) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 17 Apr 2019 12:04:48 -0700 Subject: [PATCH 3/8] xfs: flush page mappings as part of setting immutable From: "Darrick J. Wong" To: darrick.wong@oracle.com Cc: linux-xfs@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org Date: Wed, 17 Apr 2019 12:04:47 -0700 Message-ID: <155552788742.20411.8968554209133632884.stgit@magnolia> In-Reply-To: <155552786671.20411.6442426840435740050.stgit@magnolia> References: <155552786671.20411.6442426840435740050.stgit@magnolia> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9230 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=3 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=834 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904170125 X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9230 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=3 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=858 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904170125 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Darrick J. Wong The chattr manpage has this to say about immutable files: "A file with the 'i' attribute cannot be modified: it cannot be deleted or renamed, no link can be created to this file, most of the file's metadata can not be modified, and the file can not be opened in write mode." This means that we need to flush the page cache when setting the immutable flag so that all mappings will become read-only again and therefore programs cannot continue to write to writable mappings. Signed-off-by: Darrick J. Wong --- fs/xfs/xfs_ioctl.c | 52 +++++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 45 insertions(+), 7 deletions(-) diff --git a/fs/xfs/xfs_ioctl.c b/fs/xfs/xfs_ioctl.c index 21d6f433c375..de35cf4469f6 100644 --- a/fs/xfs/xfs_ioctl.c +++ b/fs/xfs/xfs_ioctl.c @@ -1009,6 +1009,31 @@ xfs_diflags_to_linux( #endif } +/* + * Lock the inode against file io and page faults, then flush all dirty pages + * and wait for writeback and direct IO operations to finish. Returns with + * the relevant inode lock flags set in @join_flags. Caller is responsible for + * unlocking even on error return. + */ +static int +xfs_ioctl_setattr_flush( + struct xfs_inode *ip, + int *join_flags) +{ + struct inode *inode = VFS_I(ip); + + /* Already locked the inode from IO? Assume we're done. */ + if (((*join_flags) & (XFS_IOLOCK_EXCL | XFS_MMAPLOCK_EXCL)) == + (XFS_IOLOCK_EXCL | XFS_MMAPLOCK_EXCL)) + return 0; + + /* Lock and flush all mappings and IO in preparation for flag change */ + *join_flags = XFS_IOLOCK_EXCL | XFS_MMAPLOCK_EXCL; + xfs_ilock(ip, *join_flags); + inode_dio_wait(inode); + return filemap_write_and_wait(inode->i_mapping); +} + static int xfs_ioctl_setattr_xflags( struct xfs_trans *tp, @@ -1103,25 +1128,22 @@ xfs_ioctl_setattr_dax_invalidate( if (!(fa->fsx_xflags & FS_XFLAG_DAX) && !IS_DAX(inode)) return 0; - if (S_ISDIR(inode->i_mode)) + if (!S_ISREG(inode->i_mode)) return 0; /* lock, flush and invalidate mapping in preparation for flag change */ - xfs_ilock(ip, XFS_MMAPLOCK_EXCL | XFS_IOLOCK_EXCL); - error = filemap_write_and_wait(inode->i_mapping); + error = xfs_ioctl_setattr_flush(ip, join_flags); if (error) goto out_unlock; error = invalidate_inode_pages2(inode->i_mapping); if (error) goto out_unlock; - - *join_flags = XFS_MMAPLOCK_EXCL | XFS_IOLOCK_EXCL; return 0; out_unlock: - xfs_iunlock(ip, XFS_MMAPLOCK_EXCL | XFS_IOLOCK_EXCL); + xfs_iunlock(ip, *join_flags); + *join_flags = 0; return error; - } /* @@ -1367,6 +1389,22 @@ xfs_ioctl_setattr( if (code) goto error_free_dquots; + /* + * Wait for all pending directio and then flush all the dirty pages + * for this file. The flush marks all the pages readonly, so any + * subsequent attempt to write to the file (particularly mmap pages) + * will come through the filesystem and fail. + */ + if (S_ISREG(VFS_I(ip)->i_mode) && !IS_IMMUTABLE(VFS_I(ip)) && + (fa->fsx_xflags & FS_XFLAG_IMMUTABLE)) { + code = xfs_ioctl_setattr_flush(ip, &join_flags); + if (code) { + xfs_iunlock(ip, join_flags); + join_flags = 0; + goto error_free_dquots; + } + } + tp = xfs_ioctl_setattr_get_trans(ip, join_flags); if (IS_ERR(tp)) { code = PTR_ERR(tp); From patchwork Wed Apr 17 19:04:54 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Darrick J. Wong" X-Patchwork-Id: 10905929 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6CB8714DB for ; Wed, 17 Apr 2019 19:05:01 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 411432863F for ; Wed, 17 Apr 2019 19:05:01 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 3565028B96; Wed, 17 Apr 2019 19:05:01 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, SUSPICIOUS_RECIPS,UNPARSEABLE_RELAY autolearn=no version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0861628B81 for ; Wed, 17 Apr 2019 19:05:00 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 1B5156B0272; Wed, 17 Apr 2019 15:04:59 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 11B206B0274; Wed, 17 Apr 2019 15:04:59 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id ED4836B0275; Wed, 17 Apr 2019 15:04:58 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pl1-f199.google.com (mail-pl1-f199.google.com [209.85.214.199]) by kanga.kvack.org (Postfix) with ESMTP id AE7BD6B0272 for ; Wed, 17 Apr 2019 15:04:58 -0400 (EDT) Received: by mail-pl1-f199.google.com with SMTP id d10so15977112plo.12 for ; Wed, 17 Apr 2019 12:04:58 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:subject:from:to:cc:date :message-id:in-reply-to:references:user-agent:mime-version :content-transfer-encoding; bh=zgeFdbVmG1TK+fQkYDH0nD1tNP1Z0/Zd4X+7bdmp6NI=; b=mkXxZOIPCE/Od5vqediqezv9VOwJFc81DVunpzN3YOKLzR4zXplwMQrN/cGvI0Q6aU cJeYu3fV1w+/xPyB9cPb+DS8BBgvmlW7Hd90fQKpgvtgIQIKeIjPT6htYiJk/EwzlR7P MVGvvpfzGufDljowdVne16yNU1MmZZYQYjYwuEmYUPzXasToFlvz854vYRoZVKHCN5m5 70UjGA63V9niqwozIf/fEQuPP61qZ5HU7G4fBpHonBpfOkxCaXxiQzAhp7knIrt/r/vT 6gbSXyMk1U2OWG0HarwSbeqE2sEmBQp9GiL0d/6n7XQK8OjcWhXfqjpKJ3oERDQtmqP0 /mMw== X-Gm-Message-State: APjAAAVXfnjUplPKg0axobPgBsIBHnGP39RSkgINPM+DyDv1kQB0IPrz gFM09Eo2zUP/B3U3/ZQv52QmM7hBWC21JgQYCR5u0AXHsTRAIMW+5mdndG3G6dZBjhViLllOirN LkQAiolOB2JG+D3gCoSFxUpxiDjTlQPMWwakwK8qIM22JJ3/03NkB0sPaty5wEO0PGg== X-Received: by 2002:a62:ab14:: with SMTP id p20mr90990948pff.23.1555527898359; Wed, 17 Apr 2019 12:04:58 -0700 (PDT) X-Google-Smtp-Source: APXvYqx1g60HVA8lZSyqo3EXgi2bgx1EdZHpkIA+3gIhDVWgTqwvDNCrrLcXzNf2EXfem852l3Ty X-Received: by 2002:a62:ab14:: with SMTP id p20mr90990877pff.23.1555527897512; Wed, 17 Apr 2019 12:04:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555527897; cv=none; d=google.com; s=arc-20160816; b=qU2heQ8eIoXsJyVUxhSeurK1x7FpIIb8JStRW7UH+5i3GQVdxYOKIWizSEwxRfS0iA IonREPsqbg+RRl/5oc9eJEMqziZ5+D1Z0VEejGxuO5kIOt0DEetEdqoov8GIEI7iGyXm i2wnDfFHTrpv0/26iWLzIyebdtQKGUCKTt9dnHDUqYEMGQWJ9oPYhEZcJeEX3fkU0HMO IWcg3Hm8tb0UM0ed5o1pIKdpq/fXveljJZYKI71Ft+ObpcCZsUdv5UH23qJzRYzH6SOn gDa4k5rxzsm5rIBWbT/0/KSI5n6+0sgv8Shc2RCy4JDds2DGrMwTu7m/TbV4pwBncqLh +idg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:user-agent:references :in-reply-to:message-id:date:cc:to:from:subject:dkim-signature; bh=zgeFdbVmG1TK+fQkYDH0nD1tNP1Z0/Zd4X+7bdmp6NI=; b=gjAHtPwB6ZG3gZ9zlO/nvjr+8i6GMpqfW19Z49yNOsP3uM6hGyer9otAqEvyeCO4qN UlydooKBsr6njIgo77N8EbeymE9ODiB3OeX7MogHqYZvwNcQmEBF8D0PdbpjSQtmdj5z hx0ngl6yzeejM7BJPH6u35Yny7EOjQWyT7oGW9MImq3jvcgbU2nWV4l2uNITYXWI+iWf QmqbYpIcqHnJbgFSYEkE3jov6OoWY5MVDaVPixNXLgHaXiP/2IQrhIMN+Ru8Ery2anup DlZFiZ9l8O+MPOdaShb47CMJ4S1ArUnz6kI53YE/lf+OjKgabHC4nLaSlpcUBDZUjWbV qZVQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=Ty8ztUIv; spf=pass (google.com: domain of darrick.wong@oracle.com designates 156.151.31.85 as permitted sender) smtp.mailfrom=darrick.wong@oracle.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from userp2120.oracle.com (userp2120.oracle.com. [156.151.31.85]) by mx.google.com with ESMTPS id v5si50803534pfm.134.2019.04.17.12.04.57 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 17 Apr 2019 12:04:57 -0700 (PDT) Received-SPF: pass (google.com: domain of darrick.wong@oracle.com designates 156.151.31.85 as permitted sender) client-ip=156.151.31.85; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=Ty8ztUIv; spf=pass (google.com: domain of darrick.wong@oracle.com designates 156.151.31.85 as permitted sender) smtp.mailfrom=darrick.wong@oracle.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from pps.filterd (userp2120.oracle.com [127.0.0.1]) by userp2120.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x3HIwxfA185854; Wed, 17 Apr 2019 19:04:56 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=subject : from : to : cc : date : message-id : in-reply-to : references : mime-version : content-type : content-transfer-encoding; s=corp-2018-07-02; bh=zgeFdbVmG1TK+fQkYDH0nD1tNP1Z0/Zd4X+7bdmp6NI=; b=Ty8ztUIvKudlqlNWiWbmcrPv1zaTbL8/h4BynehDUGbyWK8a4eQ9U/wR6/a/JjzD+RZF rcOZeJAgmQMSl0b1rCoJefIFHrVi5gcXPW4Y8I0AcMdR2F/9wVLjT7mkp+JxnIxQ/e0j lll/WFWyyoJ9zWVX2Linfpjsv53NWCEvy8wkr4+71B7hNmuR1OAwDFfPXBmjqunNTPOM a7Xi8x52l23Xu2OZVOE8PsLXFd2m845UcujSw+Zgo6hoE+2E4W0hubYTWiU/ADlqMxr2 9Q2pD6lJqvxQP7hRUxpV8Rd/9a61A+mHWjttt4ClAASQeDV87hSKE8r+dZ6OY8iflMtB 8w== Received: from userp3030.oracle.com (userp3030.oracle.com [156.151.31.80]) by userp2120.oracle.com with ESMTP id 2rusnf2vh0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 17 Apr 2019 19:04:56 +0000 Received: from pps.filterd (userp3030.oracle.com [127.0.0.1]) by userp3030.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x3HJ34CP081722; Wed, 17 Apr 2019 19:04:56 GMT Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235]) by userp3030.oracle.com with ESMTP id 2ru4vtyxt0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 17 Apr 2019 19:04:56 +0000 Received: from abhmp0006.oracle.com (abhmp0006.oracle.com [141.146.116.12]) by aserv0121.oracle.com (8.14.4/8.13.8) with ESMTP id x3HJ4tG5020142; Wed, 17 Apr 2019 19:04:55 GMT Received: from localhost (/67.169.218.210) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 17 Apr 2019 12:04:54 -0700 Subject: [PATCH 4/8] xfs: refactor setflags to use setattr code directly From: "Darrick J. Wong" To: darrick.wong@oracle.com Cc: linux-xfs@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org Date: Wed, 17 Apr 2019 12:04:54 -0700 Message-ID: <155552789415.20411.7571353210034623032.stgit@magnolia> In-Reply-To: <155552786671.20411.6442426840435740050.stgit@magnolia> References: <155552786671.20411.6442426840435740050.stgit@magnolia> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9230 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=1 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904170125 X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9230 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904170125 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Darrick J. Wong Refactor the SETFLAGS implementation to use the SETXATTR code directly instead of partially constructing a struct fsxattr and calling bits and pieces of the setxattr code. This reduces code size and becomes necessary in the next patch to maintain the behavior of allowing userspace to set immutable on an immutable file so long as nothing /else/ about the attributes change. Signed-off-by: Darrick J. Wong --- fs/xfs/xfs_ioctl.c | 76 ++++++++++++++++++++-------------------------------- 1 file changed, 29 insertions(+), 47 deletions(-) diff --git a/fs/xfs/xfs_ioctl.c b/fs/xfs/xfs_ioctl.c index de35cf4469f6..fdabf47532ed 100644 --- a/fs/xfs/xfs_ioctl.c +++ b/fs/xfs/xfs_ioctl.c @@ -882,38 +882,46 @@ xfs_di2lxflags( return flags; } -STATIC int -xfs_ioc_fsgetxattr( - xfs_inode_t *ip, - int attr, - void __user *arg) +static inline void +xfs_inode_getfsxattr( + struct xfs_inode *ip, + bool attr, + struct fsxattr *fa) { - struct fsxattr fa; - - memset(&fa, 0, sizeof(struct fsxattr)); + memset(fa, 0, sizeof(struct fsxattr)); xfs_ilock(ip, XFS_ILOCK_SHARED); - fa.fsx_xflags = xfs_ip2xflags(ip); - fa.fsx_extsize = ip->i_d.di_extsize << ip->i_mount->m_sb.sb_blocklog; - fa.fsx_cowextsize = ip->i_d.di_cowextsize << - ip->i_mount->m_sb.sb_blocklog; - fa.fsx_projid = xfs_get_projid(ip); + fa->fsx_xflags = xfs_ip2xflags(ip); + fa->fsx_extsize = XFS_FSB_TO_B(ip->i_mount, ip->i_d.di_extsize); + fa->fsx_cowextsize = XFS_FSB_TO_B(ip->i_mount, ip->i_d.di_cowextsize); + fa->fsx_projid = xfs_get_projid(ip); if (attr) { if (ip->i_afp) { if (ip->i_afp->if_flags & XFS_IFEXTENTS) - fa.fsx_nextents = xfs_iext_count(ip->i_afp); + fa->fsx_nextents = xfs_iext_count(ip->i_afp); else - fa.fsx_nextents = ip->i_d.di_anextents; + fa->fsx_nextents = ip->i_d.di_anextents; } else - fa.fsx_nextents = 0; + fa->fsx_nextents = 0; } else { if (ip->i_df.if_flags & XFS_IFEXTENTS) - fa.fsx_nextents = xfs_iext_count(&ip->i_df); + fa->fsx_nextents = xfs_iext_count(&ip->i_df); else - fa.fsx_nextents = ip->i_d.di_nextents; + fa->fsx_nextents = ip->i_d.di_nextents; } xfs_iunlock(ip, XFS_ILOCK_SHARED); +} + +STATIC int +xfs_ioc_fsgetxattr( + xfs_inode_t *ip, + int attr, + void __user *arg) +{ + struct fsxattr fa; + + xfs_inode_getfsxattr(ip, attr, &fa); if (copy_to_user(arg, &fa, sizeof(fa))) return -EFAULT; @@ -1528,10 +1536,8 @@ xfs_ioc_setxflags( struct file *filp, void __user *arg) { - struct xfs_trans *tp; struct fsxattr fa; unsigned int flags; - int join_flags = 0; int error; if (copy_from_user(&flags, arg, sizeof(flags))) @@ -1542,37 +1548,13 @@ xfs_ioc_setxflags( FS_SYNC_FL)) return -EOPNOTSUPP; - fa.fsx_xflags = xfs_merge_ioc_xflags(flags, xfs_ip2xflags(ip)); + xfs_inode_getfsxattr(ip, false, &fa); + fa.fsx_xflags = xfs_merge_ioc_xflags(flags, fa.fsx_xflags); error = mnt_want_write_file(filp); if (error) return error; - - /* - * Changing DAX config may require inode locking for mapping - * invalidation. These need to be held all the way to transaction commit - * or cancel time, so need to be passed through to - * xfs_ioctl_setattr_get_trans() so it can apply them to the join call - * appropriately. - */ - error = xfs_ioctl_setattr_dax_invalidate(ip, &fa, &join_flags); - if (error) - goto out_drop_write; - - tp = xfs_ioctl_setattr_get_trans(ip, join_flags); - if (IS_ERR(tp)) { - error = PTR_ERR(tp); - goto out_drop_write; - } - - error = xfs_ioctl_setattr_xflags(tp, ip, &fa); - if (error) { - xfs_trans_cancel(tp); - goto out_drop_write; - } - - error = xfs_trans_commit(tp); -out_drop_write: + error = xfs_ioctl_setattr(ip, &fa); mnt_drop_write_file(filp); return error; } From patchwork Wed Apr 17 19:05:00 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Darrick J. Wong" X-Patchwork-Id: 10905937 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9BEB217E6 for ; Wed, 17 Apr 2019 19:05:07 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8DDB92863F for ; Wed, 17 Apr 2019 19:05:07 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8C39328B97; Wed, 17 Apr 2019 19:05:07 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, SUSPICIOUS_RECIPS,UNPARSEABLE_RELAY autolearn=no version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 305B228B91 for ; Wed, 17 Apr 2019 19:05:07 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 2EFDE6B0274; Wed, 17 Apr 2019 15:05:06 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 29DA66B0276; Wed, 17 Apr 2019 15:05:06 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 13FBB6B0277; Wed, 17 Apr 2019 15:05:06 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pg1-f197.google.com (mail-pg1-f197.google.com [209.85.215.197]) by kanga.kvack.org (Postfix) with ESMTP id C67676B0274 for ; Wed, 17 Apr 2019 15:05:05 -0400 (EDT) Received: by mail-pg1-f197.google.com with SMTP id a8so2231947pgq.22 for ; Wed, 17 Apr 2019 12:05:05 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:subject:from:to:cc:date :message-id:in-reply-to:references:user-agent:mime-version :content-transfer-encoding; bh=JSVLcxpxPXWyi1ygugKI5o1GQ+joQEvPfhYsIY2BSu4=; b=nVf3LF9Xq42Z4K9bzacul7TQQ/92oxxteqK3yyL5lmsn9wb3ajyJxbkQ2Q7s89+VQG jDc1aosmCAVWRkiRyqs/KDkT8suxAkiKwiI6XIqpn9qIzyNmOh1Q/SuVlkGKZUfGgvzu 5eNMHIlC6xkiuPCAh+j/ol+2h+am+K4p/0z5pYDCvF5ICtx+PuNUJ6ccyC7LjTOqCGfL +WVN/OdjEqS4ANaYrpHbfrHHN877me/qOsj+Eu9J4/NX7vGS/PrcS4LAftw+hRkUyV5i i+4rq2XlZKseSotL9uHNfopoRXUj5rjTSBiz3SnYUrboN67ni53VXxmFh0Mc/t3K1a0e IFgA== X-Gm-Message-State: APjAAAWDxdvdS/a/AWCb2u9YJsI7ebeGOfpYQGmSyE5i11mmpw0niQI5 LmjjHfTsYyGvNMpWVA53jxK6tww4Kbepv07g+IoRWSdZ5vvIB8B26dAxcxT5jK4ET1Ntj4GQUI7 +Hl7JrTVcDqSfg4rkRjpHcgzsc8AWrRWH1XZBbAfUTxRIBO/JNePlNIcAnA3zj1u7gg== X-Received: by 2002:a62:6e05:: with SMTP id j5mr88492279pfc.5.1555527905485; Wed, 17 Apr 2019 12:05:05 -0700 (PDT) X-Google-Smtp-Source: APXvYqw2RuylXnbAeAceQM4lBLA/mHVGqQphUo/oVSzkI42QABxcB7bMitvaKfLfYLH8BgP8SqQK X-Received: by 2002:a62:6e05:: with SMTP id j5mr88492211pfc.5.1555527904729; Wed, 17 Apr 2019 12:05:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555527904; cv=none; d=google.com; s=arc-20160816; b=JfuQOnmwGNEw02X/p7qI8y+WRIe5D4/byLRCCwkiUmgh3M61Ih6E/zIJ46IGyI5OQz zlZEzZCi1UO1aZP8Ys9mOrWNaHbKJNgGDX3n74dKMfLibjmWqzudXgQcAbMrQLZEAd81 pNdQaQsXOzb7qhrhppXUNKkngt+wQicByMkX2XVOP9zSwNYmYYoQmqgSsQK1fYdmjXz5 IAQNFCJvhBfz3zjzUOiF0aEvbUKt1hCQS1n1HVrt8BFXnmDyfKOzhRz7wLO4cfrKbN+r 3A0/uQPxYCHnguH+MTBVbe6fU+DsLSZS/SUgHPyfq6/r95ESBd+5onBPThmZn4o3eS1J Ujxg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:user-agent:references :in-reply-to:message-id:date:cc:to:from:subject:dkim-signature; bh=JSVLcxpxPXWyi1ygugKI5o1GQ+joQEvPfhYsIY2BSu4=; b=HC5OuZeuZPQz5vmhepxux/wAAAZeZOLWC9uyRoCvLEasvWRD1LG1zkWnDyh5Ucf3Yc moJp6+6iUU9GnTwY/i9k6cMsTPpAdzCiSDKkm/sggMgDV7o4cKYPgjXMaSvTFQAaE0fA KuSoiMzBQRBcPmX2EDN9CGLmoLigAUJ0RJfFjsz+mrZJWmoRb8eJ0DnimBQFZkm8+bkG RlbPNRtKhLlYlgNMI13YrCT9ToBnLSY5De6WM1lMFU0LADsVqK+9diRAcBpD44hXdQQT dR7u5BUbfuwU0Cy3Eu51k6X0KCg98mImxhGCAcxWiAig/JtPFTAbNBpGKBGFAK1y9/LV Liog== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=G4xFxM7r; spf=pass (google.com: domain of darrick.wong@oracle.com designates 156.151.31.86 as permitted sender) smtp.mailfrom=darrick.wong@oracle.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from userp2130.oracle.com (userp2130.oracle.com. [156.151.31.86]) by mx.google.com with ESMTPS id e7si52769270pfc.152.2019.04.17.12.05.04 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 17 Apr 2019 12:05:04 -0700 (PDT) Received-SPF: pass (google.com: domain of darrick.wong@oracle.com designates 156.151.31.86 as permitted sender) client-ip=156.151.31.86; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=G4xFxM7r; spf=pass (google.com: domain of darrick.wong@oracle.com designates 156.151.31.86 as permitted sender) smtp.mailfrom=darrick.wong@oracle.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from pps.filterd (userp2130.oracle.com [127.0.0.1]) by userp2130.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x3HIwq4I168713; Wed, 17 Apr 2019 19:05:04 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=subject : from : to : cc : date : message-id : in-reply-to : references : mime-version : content-type : content-transfer-encoding; s=corp-2018-07-02; bh=JSVLcxpxPXWyi1ygugKI5o1GQ+joQEvPfhYsIY2BSu4=; b=G4xFxM7r71qqe78JbXTHW4ZzrVHhjMKMrwmTw64/396HpK7/hjT+IN329tkrqq0ZG01n 0sHwQQLYcgN4oJh9DAwYa8qzXEqfVB5W5sMq1m5Xm3q1ZXsgUinS6OTXh/WJsB3urPDQ 7Mqx7wC94gFmj81duR6niXSi+/EzkJOaASuyzdt58KHP1LplnPoh1njZTG2Q8PqITwv4 orQbMhXqxmJc6cmBid11/5DloPP8GP3WIhdjz+xV6WFRaO3tiZajXN43XX4JbyGqSU8y 94QJh60JyIgqlK5lscTJx/LPUVDBq/tUmbDezNLwKF5M1kg04f/9L5GOeGkms0xZ5DmS bg== Received: from aserp3030.oracle.com (aserp3030.oracle.com [141.146.126.71]) by userp2130.oracle.com with ESMTP id 2rvwk3w0c2-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 17 Apr 2019 19:05:03 +0000 Received: from pps.filterd (aserp3030.oracle.com [127.0.0.1]) by aserp3030.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x3HJ48D5159042; Wed, 17 Apr 2019 19:05:02 GMT Received: from userv0121.oracle.com (userv0121.oracle.com [156.151.31.72]) by aserp3030.oracle.com with ESMTP id 2rwe7ak1nu-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 17 Apr 2019 19:05:02 +0000 Received: from abhmp0002.oracle.com (abhmp0002.oracle.com [141.146.116.8]) by userv0121.oracle.com (8.14.4/8.13.8) with ESMTP id x3HJ51of009324; Wed, 17 Apr 2019 19:05:01 GMT Received: from localhost (/67.169.218.210) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 17 Apr 2019 12:05:01 -0700 Subject: [PATCH 5/8] xfs: clean up xfs_merge_ioc_xflags From: "Darrick J. Wong" To: darrick.wong@oracle.com Cc: linux-xfs@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org Date: Wed, 17 Apr 2019 12:05:00 -0700 Message-ID: <155552790055.20411.3134851745045483842.stgit@magnolia> In-Reply-To: <155552786671.20411.6442426840435740050.stgit@magnolia> References: <155552786671.20411.6442426840435740050.stgit@magnolia> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9230 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=1 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=590 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904170125 X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9230 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=619 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904170125 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Darrick J. Wong Clean up the calling convention since we're editing the fsxattr struct anyway. Signed-off-by: Darrick J. Wong --- fs/xfs/xfs_ioctl.c | 32 ++++++++++++++------------------ 1 file changed, 14 insertions(+), 18 deletions(-) diff --git a/fs/xfs/xfs_ioctl.c b/fs/xfs/xfs_ioctl.c index fdabf47532ed..5862b7cead4c 100644 --- a/fs/xfs/xfs_ioctl.c +++ b/fs/xfs/xfs_ioctl.c @@ -832,35 +832,31 @@ xfs_ioc_ag_geometry( * Linux extended inode flags interface. */ -STATIC unsigned int +static inline void xfs_merge_ioc_xflags( - unsigned int flags, - unsigned int start) + struct fsxattr *fa, + unsigned int flags) { - unsigned int xflags = start; - if (flags & FS_IMMUTABLE_FL) - xflags |= FS_XFLAG_IMMUTABLE; + fa->fsx_xflags |= FS_XFLAG_IMMUTABLE; else - xflags &= ~FS_XFLAG_IMMUTABLE; + fa->fsx_xflags &= ~FS_XFLAG_IMMUTABLE; if (flags & FS_APPEND_FL) - xflags |= FS_XFLAG_APPEND; + fa->fsx_xflags |= FS_XFLAG_APPEND; else - xflags &= ~FS_XFLAG_APPEND; + fa->fsx_xflags &= ~FS_XFLAG_APPEND; if (flags & FS_SYNC_FL) - xflags |= FS_XFLAG_SYNC; + fa->fsx_xflags |= FS_XFLAG_SYNC; else - xflags &= ~FS_XFLAG_SYNC; + fa->fsx_xflags &= ~FS_XFLAG_SYNC; if (flags & FS_NOATIME_FL) - xflags |= FS_XFLAG_NOATIME; + fa->fsx_xflags |= FS_XFLAG_NOATIME; else - xflags &= ~FS_XFLAG_NOATIME; + fa->fsx_xflags &= ~FS_XFLAG_NOATIME; if (flags & FS_NODUMP_FL) - xflags |= FS_XFLAG_NODUMP; + fa->fsx_xflags |= FS_XFLAG_NODUMP; else - xflags &= ~FS_XFLAG_NODUMP; - - return xflags; + fa->fsx_xflags &= ~FS_XFLAG_NODUMP; } STATIC unsigned int @@ -1549,7 +1545,7 @@ xfs_ioc_setxflags( return -EOPNOTSUPP; xfs_inode_getfsxattr(ip, false, &fa); - fa.fsx_xflags = xfs_merge_ioc_xflags(flags, fa.fsx_xflags); + xfs_merge_ioc_xflags(&fa, flags); error = mnt_want_write_file(filp); if (error) From patchwork Wed Apr 17 19:05:07 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Darrick J. Wong" X-Patchwork-Id: 10905945 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A2DA217E0 for ; Wed, 17 Apr 2019 19:05:13 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 94E5628BAD for ; Wed, 17 Apr 2019 19:05:13 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 894F128BB0; Wed, 17 Apr 2019 19:05:13 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, SUSPICIOUS_RECIPS,UNPARSEABLE_RELAY autolearn=no version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 186DA28BAD for ; Wed, 17 Apr 2019 19:05:13 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 168D26B0276; Wed, 17 Apr 2019 15:05:12 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 1188E6B0278; Wed, 17 Apr 2019 15:05:12 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id EFAFD6B0279; Wed, 17 Apr 2019 15:05:11 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pf1-f198.google.com (mail-pf1-f198.google.com [209.85.210.198]) by kanga.kvack.org (Postfix) with ESMTP id B062B6B0276 for ; Wed, 17 Apr 2019 15:05:11 -0400 (EDT) Received: by mail-pf1-f198.google.com with SMTP id l74so16779984pfb.23 for ; Wed, 17 Apr 2019 12:05:11 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:subject:from:to:cc:date :message-id:in-reply-to:references:user-agent:mime-version :content-transfer-encoding; bh=8KLtIeEvuadXuqX+Q40mZMyqFOGgRptDXywqCa4tRUE=; b=NLkf1ytidaXsTzWIQgpZSg4kHCf5ZT8MI6ycrb8VyfpNTpT0Tgv0Pf2bXP0hTYNzq6 WsQiftLo/pzx/CPd/cxYXQcOS1yImVDaGktVy+8HjwZoGQl3EpIYGvINHqD7NX/FZdBw Xz9YOvvBfsuANAwZb5Yf7NPNnGZ9Iy8N/qPZwX82VRuMLfAW38oCGm0ZCQqfBWQoGD4k TH/pkjxrOlb/JSW8nzLrCWUQLliplPid1Z48eMPlP/RREWMJx9+OpFgFVWXZHvEbM/x+ ic3Rko04jYoglZwIp+vvnQw/9uNm38Pt9Pbsqr/Axqds3I8jE0LsKVo7rat0PLByLyVA Jnhg== X-Gm-Message-State: APjAAAVuPpl1TVaTFJ2J48DmOJE8pIGbq8A6kglviYrJ1wQlOYvvfTDv S/VbUqUMysIg61E6DcZMesELOW7aDv1/FE3iZCWkNPZDlfZE8n0JyC2Eayg6eQJY8nuqCjLpYpa y8ksZCjL4ev8qiCCIaCBwVSKraRY3pBUkHGC5HkddGjBaOq3LNnDAEu07JYZSh0W+nQ== X-Received: by 2002:a63:d444:: with SMTP id i4mr86153401pgj.149.1555527911371; Wed, 17 Apr 2019 12:05:11 -0700 (PDT) X-Google-Smtp-Source: APXvYqxOILbk7WsjoCE1poIlUdxzF3iG23XDZxD0WxKNExWAjDUpUL6PTv1StkcHdf5PSqk9duwL X-Received: by 2002:a63:d444:: with SMTP id i4mr86153322pgj.149.1555527910446; Wed, 17 Apr 2019 12:05:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555527910; cv=none; d=google.com; s=arc-20160816; b=vkEbwMA9T8vmBDGyw0G+1BNPzVaFSVWxISiVboWKli4sIDuwoIi7lsLRAuteKhVyX7 OiRf5WUn35LuquaB296RGHmAGIuR3smeVipxPDFOn9KLESA30MoGaX3kFV8HOLNZWZAi g0weW3SgFmvqfOtD6pDD+yB18rm+c6BjDEEeh48VvEH+SsVIqiB39lhvVqAV20zEXDXI Ml0zsLl2NpUAJFhD64sYVZwT1gI9wYXpYi1yq0gKoBonXRraETkI9OrnIDpGiVpvRRg9 UZr2K1nGY5Bgpt72bmgwkocD7RzcifN9COJjGTopN+qdhFgraXQs4ACxtATdVYYPURYZ m8jA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:user-agent:references :in-reply-to:message-id:date:cc:to:from:subject:dkim-signature; bh=8KLtIeEvuadXuqX+Q40mZMyqFOGgRptDXywqCa4tRUE=; b=dVQtdbEDt6+n8M9Kz+/QVeeZoP97E0hfyvcPsC3bf88HKXyBpE/Wt77faF6Pac4qUP hmFCYUsxA/IBlIWSlXcKzq1E4y+Z/JRVL2gUum8SEnQWsmbJlS3IGJjoTpw2yhxNTRSF rmImHThVSguOMn1ZrRYAtZ49PuME24mLxh/ZgwdEidOIqxehgW97Aeub+PBUh2dyl+5o /7WFK7X2sq9yFXnufJ0Xcbj+3mmNhg/0f6b+rFPqhelbp7fglSj9F/eTz8UMgG1Uds1n sasT9A+tSbOfqKY3NGRQeqlYXhDjTE4BKZfIKCDkhzpOKu+7K4ybU5u8hu/aUi47zzFc NL0Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=pX5N0Qwt; spf=pass (google.com: domain of darrick.wong@oracle.com designates 156.151.31.86 as permitted sender) smtp.mailfrom=darrick.wong@oracle.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from userp2130.oracle.com (userp2130.oracle.com. [156.151.31.86]) by mx.google.com with ESMTPS id g11si41166178plp.278.2019.04.17.12.05.10 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 17 Apr 2019 12:05:10 -0700 (PDT) Received-SPF: pass (google.com: domain of darrick.wong@oracle.com designates 156.151.31.86 as permitted sender) client-ip=156.151.31.86; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=pX5N0Qwt; spf=pass (google.com: domain of darrick.wong@oracle.com designates 156.151.31.86 as permitted sender) smtp.mailfrom=darrick.wong@oracle.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from pps.filterd (userp2130.oracle.com [127.0.0.1]) by userp2130.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x3HIwfsa168645; Wed, 17 Apr 2019 19:05:09 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=subject : from : to : cc : date : message-id : in-reply-to : references : mime-version : content-type : content-transfer-encoding; s=corp-2018-07-02; bh=8KLtIeEvuadXuqX+Q40mZMyqFOGgRptDXywqCa4tRUE=; b=pX5N0QwtrdKOdjejCm37pjx5aLZjkbVvvxFG51hoEsQrP/WBeozMU3nD+XgTrtEQCmoT OhD/Usm1zdetVkV/DFRhHHESWgtc3EV5Y+1ziSUQE0EzO7vGQ5CQ+7isOmg8IvkzL0CR aw9uiehD8X+kPo+ka6ADnfudtOtNDR+aoDwRIb9gmHgLnyOqU7JIf3YB8eBfLonZjPBO kQGBFTBGTtFIMdoHKVSRxjXBjZbtLEoe1MfdY3+ekHmvdBNt2FeULxsXQFL3FW3Ypo0c mbxoEIcrF3tlPGjoeH7IzGTeJWRavuyjeeLUu0MN05Vze8AiOB1goDRds1DtI722l02V 6w== Received: from aserp3030.oracle.com (aserp3030.oracle.com [141.146.126.71]) by userp2130.oracle.com with ESMTP id 2rvwk3w0ck-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 17 Apr 2019 19:05:09 +0000 Received: from pps.filterd (aserp3030.oracle.com [127.0.0.1]) by aserp3030.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x3HJ49Xt159119; Wed, 17 Apr 2019 19:05:08 GMT Received: from aserv0122.oracle.com (aserv0122.oracle.com [141.146.126.236]) by aserp3030.oracle.com with ESMTP id 2rwe7ak1rc-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 17 Apr 2019 19:05:08 +0000 Received: from abhmp0012.oracle.com (abhmp0012.oracle.com [141.146.116.18]) by aserv0122.oracle.com (8.14.4/8.14.4) with ESMTP id x3HJ57AX008626; Wed, 17 Apr 2019 19:05:07 GMT Received: from localhost (/67.169.218.210) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 17 Apr 2019 12:05:07 -0700 Subject: [PATCH 6/8] xfs: don't allow most setxattr to immutable files From: "Darrick J. Wong" To: darrick.wong@oracle.com Cc: linux-xfs@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org Date: Wed, 17 Apr 2019 12:05:07 -0700 Message-ID: <155552790705.20411.14086909835362619590.stgit@magnolia> In-Reply-To: <155552786671.20411.6442426840435740050.stgit@magnolia> References: <155552786671.20411.6442426840435740050.stgit@magnolia> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9230 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=1 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904170125 X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9230 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904170125 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Darrick J. Wong The chattr manpage has this to say about immutable files: "A file with the 'i' attribute cannot be modified: it cannot be deleted or renamed, no link can be created to this file, most of the file's metadata can not be modified, and the file can not be opened in write mode." However, we don't actually check the immutable flag in the setattr code, which means that we can update project ids and extent size hints on supposedly immutable files. Therefore, reject a setattr call on an immutable file except for the case where we're trying to unset IMMUTABLE. Signed-off-by: Darrick J. Wong --- fs/xfs/xfs_ioctl.c | 47 +++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 45 insertions(+), 2 deletions(-) diff --git a/fs/xfs/xfs_ioctl.c b/fs/xfs/xfs_ioctl.c index 5862b7cead4c..b5b50006e807 100644 --- a/fs/xfs/xfs_ioctl.c +++ b/fs/xfs/xfs_ioctl.c @@ -1038,6 +1038,41 @@ xfs_ioctl_setattr_flush( return filemap_write_and_wait(inode->i_mapping); } +/* + * If immutable is set and we are not clearing it, we're not allowed to change + * anything else in the inode. Don't error out if we're only trying to set + * immutable on an immutable file. + */ +static int +xfs_ioctl_setattr_immutable( + struct xfs_inode *ip, + struct fsxattr *fa, + uint16_t di_flags, + uint64_t di_flags2) +{ + struct xfs_mount *mp = ip->i_mount; + + if (!(ip->i_d.di_flags & XFS_DIFLAG_IMMUTABLE) || + !(di_flags & XFS_DIFLAG_IMMUTABLE)) + return 0; + + if ((ip->i_d.di_flags & ~XFS_DIFLAG_IMMUTABLE) != + (di_flags & ~XFS_DIFLAG_IMMUTABLE)) + return -EPERM; + if (ip->i_d.di_version >= 3 && ip->i_d.di_flags2 != di_flags2) + return -EPERM; + if (xfs_get_projid(ip) != fa->fsx_projid) + return -EPERM; + if ((di_flags & (XFS_DIFLAG_EXTSIZE | XFS_DIFLAG_EXTSZINHERIT)) && + ip->i_d.di_extsize != fa->fsx_extsize >> mp->m_sb.sb_blocklog) + return -EPERM; + if (ip->i_d.di_version >= 3 && (di_flags2 & XFS_DIFLAG2_COWEXTSIZE) && + ip->i_d.di_cowextsize != fa->fsx_cowextsize >> mp->m_sb.sb_blocklog) + return -EPERM; + + return 0; +} + static int xfs_ioctl_setattr_xflags( struct xfs_trans *tp, @@ -1045,7 +1080,9 @@ xfs_ioctl_setattr_xflags( struct fsxattr *fa) { struct xfs_mount *mp = ip->i_mount; + uint16_t di_flags; uint64_t di_flags2; + int error; /* Can't change realtime flag if any extents are allocated. */ if ((ip->i_d.di_nextents || ip->i_delayed_blks) && @@ -1076,12 +1113,18 @@ xfs_ioctl_setattr_xflags( !capable(CAP_LINUX_IMMUTABLE)) return -EPERM; - /* diflags2 only valid for v3 inodes. */ + /* Don't allow changes to an immutable inode. */ + di_flags = xfs_flags2diflags(ip, fa->fsx_xflags); di_flags2 = xfs_flags2diflags2(ip, fa->fsx_xflags); + error = xfs_ioctl_setattr_immutable(ip, fa, di_flags, di_flags2); + if (error) + return error; + + /* diflags2 only valid for v3 inodes. */ if (di_flags2 && ip->i_d.di_version < 3) return -EINVAL; - ip->i_d.di_flags = xfs_flags2diflags(ip, fa->fsx_xflags); + ip->i_d.di_flags = di_flags; ip->i_d.di_flags2 = di_flags2; xfs_diflags_to_linux(ip); From patchwork Wed Apr 17 19:05:13 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Darrick J. Wong" X-Patchwork-Id: 10905955 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C318C14DB for ; Wed, 17 Apr 2019 19:05:20 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B2BD3288E4 for ; Wed, 17 Apr 2019 19:05:20 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id A61DA28BAC; Wed, 17 Apr 2019 19:05:20 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, SUSPICIOUS_RECIPS,UNPARSEABLE_RELAY autolearn=no version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 79D08288E4 for ; Wed, 17 Apr 2019 19:05:19 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 53A976B0278; Wed, 17 Apr 2019 15:05:18 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 4E75E6B027A; Wed, 17 Apr 2019 15:05:18 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 389906B027B; Wed, 17 Apr 2019 15:05:18 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-qk1-f200.google.com (mail-qk1-f200.google.com [209.85.222.200]) by kanga.kvack.org (Postfix) with ESMTP id 12F8C6B0278 for ; Wed, 17 Apr 2019 15:05:18 -0400 (EDT) Received: by mail-qk1-f200.google.com with SMTP id m8so21581342qka.10 for ; Wed, 17 Apr 2019 12:05:18 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:subject:from:to:cc:date :message-id:in-reply-to:references:user-agent:mime-version :content-transfer-encoding; bh=wwH+dFPY/+6jiJ8mJY7n3VjQ63XBMb5dD4MTB8SRVYk=; b=FwD6OvDBe31R1KmD41B/w6NyRHKhd0u/yRzQLJDHCDcEMeY5ZZPsx7C0GbJfMpeEI2 drnCnGf2ZqZGI08VFHPjwGanTGoCHdsWxGdA+gHhknAut41bgv7//v/r375lRTRyxg0d To7KswW/bPNwYjsYZLf/P3iHOu+RsWbFFqCoPJRbEwcrfaaLmA+st3tkiT4Vkp6xe2U9 z9BRJzjLvvvKmX4tmB8Ld58u0HsNUQpsJc0+IPKPg+wNL5dnt/yLwOSURmkhTHZRjK9G bLWaD8o6Czb7mmgkn+dig85kDUam3l9cYcxVRgC1h5nLAJ+JMXwzYvOolzdBrqVPHS/G U7oQ== X-Gm-Message-State: APjAAAVYSbfO6VpjQ3k3fjiFN6RilH1CRpyL6S20lF2rKT/mq13vxSTF EMKusB2DHaZORd2Hxf7S8FYgfCtQsCKWxRN4PJD0WR6xM9fcn4tCp7XJh4s54EBqmZbAJCeRyX1 WBPNqAC4MjOFVfjbjcgstdbdDR9VwZM/ZZOPO1v1QrAgtYR+lRYz5eAW1WKBhgwXTfg== X-Received: by 2002:a0c:bc01:: with SMTP id j1mr74648440qvg.24.1555527917774; Wed, 17 Apr 2019 12:05:17 -0700 (PDT) X-Google-Smtp-Source: APXvYqwuSR7izadQeUl8USWzpIQraMyzigTNYqrrrWOYgA0jJhouyDY8I5XIv0mcl7Y8hXDNr5zA X-Received: by 2002:a0c:bc01:: with SMTP id j1mr74648359qvg.24.1555527916866; Wed, 17 Apr 2019 12:05:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555527916; cv=none; d=google.com; s=arc-20160816; b=gRSAkC64SUjXAb6yWbXxyTdGRE624HudqVhgdypuRPcKSle8+g05CsC7MqEWEZLQPP RR5Zdx2i7IEkA4rianc/9eOGeRLnLwewf9lkh0Sbne/uPEpdh62i6WuEc75c7FZBumGX CXpF8DW93lG12jvn6xemOxhohT/W4Fd/FZH/odkxq9wO3dFVhep1+nTw2sMJEkyjsIoj Azbp/vS4TMdZyytoBmQqLuifT5WhFKTnHMqbv+FE3xoqfptt28kGr7knO/b2tpc7jI3W z5+xy5aMgs0HmgTmVovQr2BcsMjexJk3gF67v8TzAWhIAlCBVvJb+GL2mNRpLU+E4f1H 8snA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:user-agent:references :in-reply-to:message-id:date:cc:to:from:subject:dkim-signature; bh=wwH+dFPY/+6jiJ8mJY7n3VjQ63XBMb5dD4MTB8SRVYk=; b=KLjf+HagnwAkDdwpkcoCqHbZH2oJb91maXHAXAPh5NjZ+/jxNnPqMa/B2AxHby4ylC SdShURoSfZupolvUxzc9G5o4W+Fa13EVqgoDLbCtS/CJkGH17rPiLnElXz0LOep4Rx3+ 6knhF48lz/Gpww0HuOpe5C+h5BM64sRLRnuCaV8rnrMejjMndq4i05FNh8BuQ602vGxg BZo76zDY1at0nBsTFljc5Dk75LICd5H0RfcDMu0QHJ/U+zvp+G86DEgtKjNRIRTcArR3 nzHYdiXxdlMTYwnrj1NhcUyajYWIUun7m+F+jAS71vewk+1Vt+hMa96ukCpMZFTVdahc gDyw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=IYcwQmYE; spf=pass (google.com: domain of darrick.wong@oracle.com designates 141.146.126.79 as permitted sender) smtp.mailfrom=darrick.wong@oracle.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from aserp2130.oracle.com (aserp2130.oracle.com. [141.146.126.79]) by mx.google.com with ESMTPS id k8si2907962qvj.219.2019.04.17.12.05.16 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 17 Apr 2019 12:05:16 -0700 (PDT) Received-SPF: pass (google.com: domain of darrick.wong@oracle.com designates 141.146.126.79 as permitted sender) client-ip=141.146.126.79; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=IYcwQmYE; spf=pass (google.com: domain of darrick.wong@oracle.com designates 141.146.126.79 as permitted sender) smtp.mailfrom=darrick.wong@oracle.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from pps.filterd (aserp2130.oracle.com [127.0.0.1]) by aserp2130.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x3HIwgMN174829; Wed, 17 Apr 2019 19:05:16 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=subject : from : to : cc : date : message-id : in-reply-to : references : mime-version : content-type : content-transfer-encoding; s=corp-2018-07-02; bh=wwH+dFPY/+6jiJ8mJY7n3VjQ63XBMb5dD4MTB8SRVYk=; b=IYcwQmYE6nVO+cuR70n2STHh5AXZROrMhXU4nDqDaRVNB0zL8AgySJ5GPkT0nt4x0xpR SPnf8/MA24T9qfGDC31M96gYa9DHK/3AfMd80K+VP0GftwosLLD+8Trl6wbxpC75F1xq FbqwC0MzZ2QyhzCA6aY7zMEnrBk4+WLXDYEQ4a+pZDvdWAfZScTgdfGXy9e1sLbqbvnQ TAlN5ywoCIwuFvmMQDsmyLCfNZoasXimNFTVZwrWmgUW1j1habantpoNoluqQM8VXpG3 ZmPulfllJv8nqT6wO2xI98mFf1jmdvRnDZohc6E92/UTbpH3qKASA0ik7/CxtC7gr94y HA== Received: from aserp3020.oracle.com (aserp3020.oracle.com [141.146.126.70]) by aserp2130.oracle.com with ESMTP id 2ru59dcx51-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 17 Apr 2019 19:05:16 +0000 Received: from pps.filterd (aserp3020.oracle.com [127.0.0.1]) by aserp3020.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x3HJ4BU8192873; Wed, 17 Apr 2019 19:05:15 GMT Received: from userv0121.oracle.com (userv0121.oracle.com [156.151.31.72]) by aserp3020.oracle.com with ESMTP id 2rv2tvj2rv-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 17 Apr 2019 19:05:15 +0000 Received: from abhmp0007.oracle.com (abhmp0007.oracle.com [141.146.116.13]) by userv0121.oracle.com (8.14.4/8.13.8) with ESMTP id x3HJ5ECV009461; Wed, 17 Apr 2019 19:05:14 GMT Received: from localhost (/67.169.218.210) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 17 Apr 2019 12:05:14 -0700 Subject: [PATCH 7/8] btrfs: don't allow any modifications to an immutable file From: "Darrick J. Wong" To: darrick.wong@oracle.com Cc: linux-xfs@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org Date: Wed, 17 Apr 2019 12:05:13 -0700 Message-ID: <155552791345.20411.13373076079148473736.stgit@magnolia> In-Reply-To: <155552786671.20411.6442426840435740050.stgit@magnolia> References: <155552786671.20411.6442426840435740050.stgit@magnolia> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9230 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=1 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=768 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904170125 X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9230 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=788 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904170125 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Darrick J. Wong Don't allow any modifications to a file that's marked immutable, which means that we have to flush all the writable pages to make the readonly and we have to check the setattr/setflags parameters more closely. Signed-off-by: Darrick J. Wong --- fs/btrfs/ioctl.c | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c index cd4e693406a0..632600e4be0a 100644 --- a/fs/btrfs/ioctl.c +++ b/fs/btrfs/ioctl.c @@ -180,6 +180,44 @@ static int check_fsflags(unsigned int flags) return 0; } +/* Do all the prep work to check immutable status and all that. */ +static int btrfs_ioctl_check_immutable(struct inode *inode, + unsigned int fsflags, + const unsigned int immutable_fsflag) +{ + struct btrfs_inode *binode = BTRFS_I(inode); + int ret; + + /* + * Wait for all pending directio and then flush all the dirty pages + * for this file. The flush marks all the pages readonly, so any + * subsequent attempt to write to the file (particularly mmap pages) + * will come through the filesystem and fail. + */ + if (S_ISREG(inode->i_mode) && !IS_IMMUTABLE(inode) && + (fsflags & immutable_fsflag)) { + inode_dio_wait(inode); + ret = filemap_write_and_wait(inode->i_mapping); + if (ret) + return ret; + } + + /* + * If immutable is set and we are not clearing it, we're not allowed to + * change anything else in the inode. Don't error out if we're only + * trying to set immutable on an immutable file. + */ + if (!(binode->flags & BTRFS_INODE_IMMUTABLE) || + !(fsflags & immutable_fsflag)) + return 0; + + if ((binode->flags & ~BTRFS_INODE_IMMUTABLE) != + (fsflags & ~immutable_fsflag)) + return -EPERM; + + return 0; +} + static int btrfs_ioctl_setflags(struct file *file, void __user *arg) { struct inode *inode = file_inode(file); @@ -225,6 +263,10 @@ static int btrfs_ioctl_setflags(struct file *file, void __user *arg) } } + ret = btrfs_ioctl_check_immutable(inode, fsflags, FS_IMMUTABLE_FL); + if (ret) + goto out_unlock; + if (fsflags & FS_SYNC_FL) binode->flags |= BTRFS_INODE_SYNC; else @@ -433,6 +475,11 @@ static int btrfs_ioctl_fssetxattr(struct file *file, void __user *arg) goto out_unlock; } + ret = btrfs_ioctl_check_immutable(inode, fa.fsx_xflags, + FS_XFLAG_IMMUTABLE); + if (ret) + goto out_unlock; + if (fa.fsx_xflags & FS_XFLAG_SYNC) binode->flags |= BTRFS_INODE_SYNC; else From patchwork Wed Apr 17 19:05:19 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Darrick J. Wong" X-Patchwork-Id: 10905961 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id B964114DB for ; Wed, 17 Apr 2019 19:05:26 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id AA95C28B94 for ; Wed, 17 Apr 2019 19:05:26 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 9EA9028B6D; Wed, 17 Apr 2019 19:05:26 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, SUSPICIOUS_RECIPS,UNPARSEABLE_RELAY autolearn=no version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7486528B94 for ; Wed, 17 Apr 2019 19:05:25 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6C0566B027A; Wed, 17 Apr 2019 15:05:24 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 66D986B027C; Wed, 17 Apr 2019 15:05:24 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 53C436B027D; Wed, 17 Apr 2019 15:05:24 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-qt1-f198.google.com (mail-qt1-f198.google.com [209.85.160.198]) by kanga.kvack.org (Postfix) with ESMTP id 281346B027A for ; Wed, 17 Apr 2019 15:05:24 -0400 (EDT) Received: by mail-qt1-f198.google.com with SMTP id n13so23481984qtn.6 for ; Wed, 17 Apr 2019 12:05:24 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:subject:from:to:cc:date :message-id:in-reply-to:references:user-agent:mime-version :content-transfer-encoding; bh=65zAMWNbUYxjRT2cZg/WO6PMiXob/jmyxtPBrDUR6D8=; b=GBO7FlNpAQj0JoCXTjY7sVV96U+2Yk2cWxzepmqEy/7aORSF3K2d1C5wDE9jBUtqSm oqjn0/IS7zqEBVe2Ah6BsRg9iEERv0FFvAiDEsf7ZG5rIR+AiMGOAqyLvyF/2msL++ed 3lGs1RNpzPDN1X6f//RMxWU/z0v4hjpmjMoh9et5HY4/7N887+eTNnjj60NhAh0yEzO7 MelH1TtgfjhzOjPXP3HJn46/ZLpL8CtqzJxKzHkfPCgQmCaAFtnLfYEqC9dP3KqyqmgA ayQ5Q79ARAcKz2oP4nODNl/3k/sqNfRAnRYM7y/7JNYzMhl/K0Hosys46fQbot/rOwlk Rxyw== X-Gm-Message-State: APjAAAUCsPdUsrrmWZXE48F0ya0T6gQBa8knEYgUtZKdtOZq2/Yw1kFF iczuRPCszm/s0DBDfk9EFl4GENvATBxi4q933R5prf1bW2M34azympxZR6RyCqfA3m/gIs2/3P4 01V78VH7Xb5dT7zz/wDGQ6wPoqUEJnkoRBqEsUCRITSFAhGnxhKzp0rrMHTO1EywduQ== X-Received: by 2002:a0c:9e68:: with SMTP id z40mr71250719qve.19.1555527923926; Wed, 17 Apr 2019 12:05:23 -0700 (PDT) X-Google-Smtp-Source: APXvYqz74inPMFdPbQZArRYMr9tDuPkPrPGxdjZ6aPZ50NVb+hH0g8VUbhJuZN3UEBHLR5rNixYB X-Received: by 2002:a0c:9e68:: with SMTP id z40mr71250669qve.19.1555527923167; Wed, 17 Apr 2019 12:05:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555527923; cv=none; d=google.com; s=arc-20160816; b=FJwB+hKvo96bCXvKvqzN/I7l0uO1QoBHJNkk3wK2nXkS1yxpSCTUtn4AU98xmJlk81 Y9Kq+kVzbRZQ5gJeYspLYCJbs+vwZlG3IHpo3Dj0Ro461/3I1jsF3TgMuYppi+CXRo0c V+qvT0avQSIOETP81dNBTGtUn+o6uiFZ3ue7csaAwz9k2g8pIlc0UQL2p+V6a2zTGFKv UAe2yTu7iPFoMEHN8BWrqbXhjF9cH/nB2Taz6o87z/5znX4l8SVV/66HdqC21KIvKnRj OdgAcpyh1qsABAb36qPhdfgHBFgnJE+rOj/uXCODrNwUohaUHS6nw0Fy54SYGpGKHmmY 5Yyg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:user-agent:references :in-reply-to:message-id:date:cc:to:from:subject:dkim-signature; bh=65zAMWNbUYxjRT2cZg/WO6PMiXob/jmyxtPBrDUR6D8=; b=H9ISOKoyJyFHGOjU3jJ2MWgkZiGyX3T3wSB3z1/fjQsPV/ZUrsOoVrEpM+CW8BbweB mW+ufr1OcpN6hgiZU045XnI8d1zjMzR9ML4KQoi4iiD8x0/tKc823Ue3fnlfwdFwtdHC VS0lEDT89aWMd9pYu0fbe/kPxfS+hwMxXGsIDgvahXq88ah/JAESsAExITlGN0SJIQ3E vcSJ0TcKL0nQuQS7l95io/xTPMrFoOZMltUxuWEzIBAwZPl651X2qSgMuKqQwxUNf311 CKb04bKAOiG+mixgMDaEpgRY/agKOg4FsimjT/SfNoSdeu+Xupuz8IsAOkag5YpiqHau Vhmw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=xFoILBd6; spf=pass (google.com: domain of darrick.wong@oracle.com designates 141.146.126.79 as permitted sender) smtp.mailfrom=darrick.wong@oracle.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from aserp2130.oracle.com (aserp2130.oracle.com. [141.146.126.79]) by mx.google.com with ESMTPS id j8si237336qtc.390.2019.04.17.12.05.23 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 17 Apr 2019 12:05:23 -0700 (PDT) Received-SPF: pass (google.com: domain of darrick.wong@oracle.com designates 141.146.126.79 as permitted sender) client-ip=141.146.126.79; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=xFoILBd6; spf=pass (google.com: domain of darrick.wong@oracle.com designates 141.146.126.79 as permitted sender) smtp.mailfrom=darrick.wong@oracle.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from pps.filterd (aserp2130.oracle.com [127.0.0.1]) by aserp2130.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x3HIwfwM174822; Wed, 17 Apr 2019 19:05:22 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=subject : from : to : cc : date : message-id : in-reply-to : references : mime-version : content-type : content-transfer-encoding; s=corp-2018-07-02; bh=65zAMWNbUYxjRT2cZg/WO6PMiXob/jmyxtPBrDUR6D8=; b=xFoILBd6NJ8C+0ltAFOAks1eAAGn4Z8ljn3Winqydz1TrtFh38bVmClNJLmGhYB5fJRC KANcJQgTNRiUXYWEuMtIGB4hJPugi21DMaQScUDNdi1JQ99C7DmxSSi+zEOmSBPv4gMw fvgR/O2lnjyXZEVXlQV39S5ETSVmFeqb2Entnoz8vg97kuVT05NPUK/Gow5qH+GivmV5 vAfEdhGuvKnd86bjckJTngZuHzRNhYElmcelQfzRsLE2rsciSUjxYnfOYTwnpSspqRg5 eQ27/2Fpswz7PFNMSOWvDP5d/NtjfAuQFY8A4X5XtsFVYsK2TkoYSDoUag4l5sq0m3W4 ew== Received: from userp3030.oracle.com (userp3030.oracle.com [156.151.31.80]) by aserp2130.oracle.com with ESMTP id 2ru59dcx5k-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 17 Apr 2019 19:05:22 +0000 Received: from pps.filterd (userp3030.oracle.com [127.0.0.1]) by userp3030.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x3HJ53Sh087410; Wed, 17 Apr 2019 19:05:21 GMT Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235]) by userp3030.oracle.com with ESMTP id 2ru4vtyy2g-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 17 Apr 2019 19:05:21 +0000 Received: from abhmp0016.oracle.com (abhmp0016.oracle.com [141.146.116.22]) by aserv0121.oracle.com (8.14.4/8.13.8) with ESMTP id x3HJ5KBK020437; Wed, 17 Apr 2019 19:05:20 GMT Received: from localhost (/67.169.218.210) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 17 Apr 2019 12:05:20 -0700 Subject: [PATCH 8/8] ext4: don't allow any modifications to an immutable file From: "Darrick J. Wong" To: darrick.wong@oracle.com Cc: linux-xfs@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org Date: Wed, 17 Apr 2019 12:05:19 -0700 Message-ID: <155552791984.20411.6785112966155823848.stgit@magnolia> In-Reply-To: <155552786671.20411.6442426840435740050.stgit@magnolia> References: <155552786671.20411.6442426840435740050.stgit@magnolia> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9230 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=1 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=594 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904170125 X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9230 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=618 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904170125 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Darrick J. Wong Don't allow any modifications to a file that's marked immutable, which means that we have to flush all the writable pages to make the readonly and we have to check the setattr/setflags parameters more closely. Signed-off-by: Darrick J. Wong --- fs/ext4/ioctl.c | 46 +++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 45 insertions(+), 1 deletion(-) diff --git a/fs/ext4/ioctl.c b/fs/ext4/ioctl.c index bab3da4f1e0d..abf3b88d5af7 100644 --- a/fs/ext4/ioctl.c +++ b/fs/ext4/ioctl.c @@ -269,6 +269,29 @@ static int uuid_is_zero(__u8 u[16]) } #endif +/* + * If immutable is set and we are not clearing it, we're not allowed to change + * anything else in the inode. Don't error out if we're only trying to set + * immutable on an immutable file. + */ +static int ext4_ioctl_check_immutable(struct inode *inode, __u32 new_projid, + unsigned int flags) +{ + struct ext4_inode_info *ei = EXT4_I(inode); + unsigned int oldflags = ei->i_flags; + + if (!(oldflags & EXT4_IMMUTABLE_FL) || !(flags & EXT4_IMMUTABLE_FL)) + return 0; + + if ((oldflags & ~EXT4_IMMUTABLE_FL) != (flags & ~EXT4_IMMUTABLE_FL)) + return -EPERM; + if (ext4_has_feature_project(inode->i_sb) && + __kprojid_val(ei->i_projid) != new_projid) + return -EPERM; + + return 0; +} + static int ext4_ioctl_setflags(struct inode *inode, unsigned int flags) { @@ -322,6 +345,20 @@ static int ext4_ioctl_setflags(struct inode *inode, goto flags_out; } + /* + * Wait for all pending directio and then flush all the dirty pages + * for this file. The flush marks all the pages readonly, so any + * subsequent attempt to write to the file (particularly mmap pages) + * will come through the filesystem and fail. + */ + if (S_ISREG(inode->i_mode) && !IS_IMMUTABLE(inode) && + (flags & EXT4_IMMUTABLE_FL)) { + inode_dio_wait(inode); + err = filemap_write_and_wait(inode->i_mapping); + if (err) + goto flags_out; + } + handle = ext4_journal_start(inode, EXT4_HT_INODE, 1); if (IS_ERR(handle)) { err = PTR_ERR(handle); @@ -751,7 +788,11 @@ long ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) return err; inode_lock(inode); - err = ext4_ioctl_setflags(inode, flags); + err = ext4_ioctl_check_immutable(inode, + from_kprojid(&init_user_ns, ei->i_projid), + flags); + if (!err) + err = ext4_ioctl_setflags(inode, flags); inode_unlock(inode); mnt_drop_write_file(filp); return err; @@ -1121,6 +1162,9 @@ long ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) goto out; flags = (ei->i_flags & ~EXT4_FL_XFLAG_VISIBLE) | (flags & EXT4_FL_XFLAG_VISIBLE); + err = ext4_ioctl_check_immutable(inode, fa.fsx_projid, flags); + if (err) + goto out; err = ext4_ioctl_setflags(inode, flags); if (err) goto out;