From: James Bottomley <James.Bottomley@HansenPartnership.com>
To: linux-fsdevel@vger.kernel.org, linux-efi@vger.kernel.org
Cc: Ard Biesheuvel <ardb@kernel.org>, Jeremy Kerr <jk@ozlabs.org>
Subject: [PATCH 6/6] efivarfs: fix error on write to new variable leaving remnants
Date: Tue, 10 Dec 2024 12:02:24 -0500 [thread overview]
Message-ID: <20241210170224.19159-7-James.Bottomley@HansenPartnership.com> (raw)
In-Reply-To: <20241210170224.19159-1-James.Bottomley@HansenPartnership.com>
Make variable cleanup go through the fops release mechanism and use
zero inode size as the indicator to delete the file. Since all EFI
variables must have an initial u32 attribute, zero size occurs either
because the update deleted the variable or because an unsuccessful
write after create caused the size never to be set in the first place.
Even though this fixes the bug that a create either not followed by a
write or followed by a write that errored would leave a remnant file
for the variable, the file will appear momentarily globally visible
until the close of the fd deletes it. This is safe because the normal
filesystem operations will mediate any races; however, it is still
possible for a directory listing at that instant between create and
close contain a variable that doesn't exist in the EFI table.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
---
fs/efivarfs/file.c | 31 ++++++++++++++++++++++---------
1 file changed, 22 insertions(+), 9 deletions(-)
diff --git a/fs/efivarfs/file.c b/fs/efivarfs/file.c
index 23c51d62f902..edf363f395f5 100644
--- a/fs/efivarfs/file.c
+++ b/fs/efivarfs/file.c
@@ -38,22 +38,24 @@ static ssize_t efivarfs_file_write(struct file *file,
bytes = efivar_entry_set_get_size(var, attributes, &datasize,
data, &set);
- if (!set && bytes) {
+ if (!set) {
if (bytes == -ENOENT)
bytes = -EIO;
goto out;
}
+ inode_lock(inode);
if (bytes == -ENOENT) {
- drop_nlink(inode);
- d_delete(file->f_path.dentry);
- dput(file->f_path.dentry);
+ /*
+ * zero size signals to release that the write deleted
+ * the variable
+ */
+ i_size_write(inode, 0);
} else {
- inode_lock(inode);
i_size_write(inode, datasize + sizeof(attributes));
inode_set_mtime_to_ts(inode, inode_set_ctime_current(inode));
- inode_unlock(inode);
}
+ inode_unlock(inode);
bytes = count;
@@ -106,8 +108,19 @@ static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf,
return size;
}
+static int efivarfs_file_release(struct inode *inode, struct file *file)
+{
+ if (i_size_read(inode) == 0) {
+ drop_nlink(inode);
+ d_delete(file->f_path.dentry);
+ dput(file->f_path.dentry);
+ }
+ return 0;
+}
+
const struct file_operations efivarfs_file_operations = {
- .open = simple_open,
- .read = efivarfs_file_read,
- .write = efivarfs_file_write,
+ .open = simple_open,
+ .read = efivarfs_file_read,
+ .write = efivarfs_file_write,
+ .release = efivarfs_file_release,
};
--
2.35.3
next prev parent reply other threads:[~2024-12-10 17:04 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-10 17:02 [PATCH 0/6] convert efivarfs to manage object data correctly James Bottomley
2024-12-10 17:02 ` [PATCH 1/6] efivarfs: remove unused efi_varaible.Attributes and .kobj James Bottomley
2024-12-10 17:02 ` [PATCH 2/6] efivarfs: add helper to convert from UC16 name and GUID to utf8 name James Bottomley
2024-12-10 17:02 ` [PATCH 3/6] efivarfs: make variable_is_present use dcache lookup James Bottomley
2024-12-10 17:14 ` Dionna Amalie Glaze
2024-12-10 17:27 ` James Bottomley
2024-12-23 20:20 ` Al Viro
2024-12-23 21:44 ` James Bottomley
2024-12-10 17:02 ` [PATCH 4/6] efivarfs: move freeing of variable entry into evict_inode James Bottomley
2024-12-11 11:19 ` Christian Brauner
2024-12-10 17:02 ` [PATCH 5/6] efivarfs: remove unused efivarfs_list James Bottomley
2024-12-10 17:02 ` James Bottomley [this message]
2024-12-11 11:16 ` [PATCH 6/6] efivarfs: fix error on write to new variable leaving remnants Christian Brauner
2024-12-11 12:39 ` James Bottomley
2024-12-23 19:52 ` James Bottomley
2024-12-23 20:05 ` Al Viro
2024-12-23 21:39 ` James Bottomley
2024-12-23 22:56 ` James Bottomley
2024-12-23 23:12 ` Al Viro
2024-12-24 4:04 ` James Bottomley
2024-12-24 4:44 ` Al Viro
2024-12-24 13:07 ` James Bottomley
2024-12-24 15:09 ` James Bottomley
2024-12-27 14:52 ` James Bottomley
2024-12-19 17:14 ` James Bottomley
2024-12-22 10:12 ` Christian Brauner
2024-12-23 19:44 ` James Bottomley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241210170224.19159-7-James.Bottomley@HansenPartnership.com \
--to=james.bottomley@hansenpartnership.com \
--cc=ardb@kernel.org \
--cc=jk@ozlabs.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox