Re: [PATCH v2 04/16] splice: move permission hook out of splice_file_to_pipe()

linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Jan Kara <jack@suse.cz>
To: Amir Goldstein <amir73il@gmail.com>
Cc: Christian Brauner <brauner@kernel.org>, Jan Kara <jack@suse.cz>,
	Josef Bacik <josef@toxicpanda.com>,
	David Howells <dhowells@redhat.com>, Jens Axboe <axboe@kernel.dk>,
	Miklos Szeredi <miklos@szeredi.hu>,
	Al Viro <viro@zeniv.linux.org.uk>,
	linux-fsdevel@vger.kernel.org
Subject: Re: [PATCH v2 04/16] splice: move permission hook out of splice_file_to_pipe()
Date: Thu, 23 Nov 2023 17:37:40 +0100	[thread overview]
Message-ID: <20231123163740.celnfvjpw3wbf5ev@quack3> (raw)
In-Reply-To: <20231122122715.2561213-5-amir73il@gmail.com>

On Wed 22-11-23 14:27:03, Amir Goldstein wrote:
> vfs_splice_read() has a permission hook inside rw_verify_area() and
> it is called from splice_file_to_pipe(), which is called from
> do_splice() and do_sendfile().
> 
> do_sendfile() already has a rw_verify_area() check for the entire range.
> do_splice() has a rw_verify_check() for the splice to file case, not for
> the splice from file case.
> 
> Add the rw_verify_area() check for splice from file case in do_splice()
> and use a variant of vfs_splice_read() without rw_verify_area() check
> in splice_file_to_pipe() to avoid the redundant rw_verify_area() checks.
> 
> This is needed for fanotify "pre content" events.
> 
> Reviewed-by: Josef Bacik <josef@toxicpanda.com>
> Signed-off-by: Amir Goldstein <amir73il@gmail.com>

Looks good. Feel free to add:

Reviewed-by: Jan Kara <jack@suse.cz>

								Honza

> ---
>  fs/splice.c | 6 +++++-
>  1 file changed, 5 insertions(+), 1 deletion(-)
> 
> diff --git a/fs/splice.c b/fs/splice.c
> index 6fc2c27e9520..d4fdd44c0b32 100644
> --- a/fs/splice.c
> +++ b/fs/splice.c
> @@ -1239,7 +1239,7 @@ long splice_file_to_pipe(struct file *in,
>  	pipe_lock(opipe);
>  	ret = wait_for_space(opipe, flags);
>  	if (!ret)
> -		ret = vfs_splice_read(in, offset, opipe, len, flags);
> +		ret = do_splice_read(in, offset, opipe, len, flags);
>  	pipe_unlock(opipe);
>  	if (ret > 0)
>  		wakeup_pipe_readers(opipe);
> @@ -1316,6 +1316,10 @@ long do_splice(struct file *in, loff_t *off_in, struct file *out,
>  			offset = in->f_pos;
>  		}
>  
> +		ret = rw_verify_area(READ, in, &offset, len);
> +		if (unlikely(ret < 0))
> +			return ret;
> +
>  		if (out->f_flags & O_NONBLOCK)
>  			flags |= SPLICE_F_NONBLOCK;
>  
> -- 
> 2.34.1
> 
-- 
Jan Kara <jack@suse.com>
SUSE Labs, CR

next prev parent reply	other threads:[~2023-11-24  4:18 UTC|newest]

Thread overview: 55+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-11-22 12:26 [PATCH v2 00/16] Tidy up file permission hooks Amir Goldstein
2023-11-22 12:27 ` [PATCH v2 01/16] ovl: add permission hooks outside of do_splice_direct() Amir Goldstein
2023-11-23  7:35   ` Christoph Hellwig
2023-11-23 16:28   ` Jan Kara
2023-11-22 12:27 ` [PATCH v2 02/16] splice: remove permission hook from do_splice_direct() Amir Goldstein
2023-11-23  7:36   ` Christoph Hellwig
2023-11-23 16:28   ` Jan Kara
2023-11-22 12:27 ` [PATCH v2 03/16] splice: move permission hook out of splice_direct_to_actor() Amir Goldstein
2023-11-23  7:36   ` Christoph Hellwig
2023-11-23 16:35   ` Jan Kara
2023-11-22 12:27 ` [PATCH v2 04/16] splice: move permission hook out of splice_file_to_pipe() Amir Goldstein
2023-11-23  7:38   ` Christoph Hellwig
2023-11-23 16:37   ` Jan Kara [this message]
2023-11-22 12:27 ` [PATCH v2 05/16] splice: remove permission hook from iter_file_splice_write() Amir Goldstein
2023-11-23  7:47   ` Christoph Hellwig
2023-11-23 11:20     ` Amir Goldstein
2023-11-23 15:14       ` Christoph Hellwig
2023-11-23 15:41         ` Amir Goldstein
2023-11-23 15:45           ` Christoph Hellwig
2023-11-23 16:22           ` Christian Brauner
2023-11-23 16:53             ` Amir Goldstein
2023-11-23 17:56               ` Christian Brauner
2023-11-22 12:27 ` [PATCH v2 06/16] remap_range: move permission hooks out of do_clone_file_range() Amir Goldstein
2023-11-23  7:47   ` Christoph Hellwig
2023-11-23 16:52   ` Jan Kara
2023-11-22 12:27 ` [PATCH v2 07/16] remap_range: move file_start_write() to after permission hook Amir Goldstein
2023-11-23  7:48   ` Christoph Hellwig
2023-11-23 16:53   ` Jan Kara
2023-11-22 12:27 ` [PATCH v2 08/16] btrfs: " Amir Goldstein
2023-11-23  7:48   ` Christoph Hellwig
2023-11-23 16:54   ` Jan Kara
2023-11-22 12:27 ` [PATCH v2 09/16] coda: change locking order in coda_file_write_iter() Amir Goldstein
2023-11-22 12:27 ` [PATCH v2 10/16] fs: move file_start_write() into vfs_iter_write() Amir Goldstein
2023-11-23  7:50   ` Christoph Hellwig
2023-11-23  8:04     ` Amir Goldstein
2023-11-22 12:27 ` [PATCH v2 11/16] fs: move permission hook out of do_iter_write() Amir Goldstein
2023-11-22 14:33   ` Christian Brauner
2023-11-22 15:25     ` Amir Goldstein
2023-11-23 17:08   ` Jan Kara
2023-11-24  8:45     ` Amir Goldstein
2023-11-22 12:27 ` [PATCH v2 12/16] fs: move permission hook out of do_iter_read() Amir Goldstein
2023-11-23 17:13   ` Jan Kara
2023-11-24  8:48     ` Amir Goldstein
2023-11-22 12:27 ` [PATCH v2 13/16] fs: move kiocb_start_write() into vfs_iocb_iter_write() Amir Goldstein
2023-11-23 17:30   ` Jan Kara
2023-11-22 12:27 ` [PATCH v2 14/16] fs: create __sb_write_started() helper Amir Goldstein
2023-11-23 17:31   ` Jan Kara
2023-11-24  9:14   ` Amir Goldstein
2023-11-22 12:27 ` [PATCH v2 15/16] fs: create file_write_started() helper Amir Goldstein
2023-11-22 12:27 ` [PATCH v2 16/16] fs: create {sb,file}_write_not_started() helpers Amir Goldstein
2023-11-23 17:35   ` Jan Kara
2023-11-24  8:20     ` Amir Goldstein
2023-12-01 10:11       ` Jan Kara
2023-11-22 14:06 ` [PATCH v2 00/16] Tidy up file permission hooks Josef Bacik
2023-11-22 15:04 ` Christian Brauner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20231123163740.celnfvjpw3wbf5ev@quack3 \
    --to=jack@suse.cz \
    --cc=amir73il@gmail.com \
    --cc=axboe@kernel.dk \
    --cc=brauner@kernel.org \
    --cc=dhowells@redhat.com \
    --cc=josef@toxicpanda.com \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=miklos@szeredi.hu \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).