From: Jeff Layton <jlayton@kernel.org>
To: Luis Henriques <lhenriques@suse.com>
Cc: Amir Goldstein <amir73il@gmail.com>,
Ilya Dryomov <idryomov@gmail.com>,
"Darrick J . Wong" <darrick.wong@oracle.com>,
Dave Chinner <david@fromorbit.com>,
Christoph Hellwig <hch@lst.de>,
linux-xfs@vger.kernel.org, Al Viro <viro@zeniv.linux.org.uk>,
linux-fsdevel@vger.kernel.org, ceph-devel@vger.kernel.org
Subject: Re: [PATCH] ceph: copy_file_range needs to strip setuid bits and update timestamps
Date: Fri, 14 Jun 2019 07:43:52 -0400 [thread overview]
Message-ID: <e9d51b85eef556f5ebe74bd581961953c5d9f2b4.camel@kernel.org> (raw)
In-Reply-To: <87v9x87dmi.fsf@suse.com>
On Fri, 2019-06-14 at 09:52 +0100, Luis Henriques wrote:
> So, do you think the patch below would be enough? It's totally
> untested, but I wanted to know if that would be acceptable before
> running some tests on it.
>
> Cheers,
> --
> Luis
>
> diff --git a/fs/ceph/file.c b/fs/ceph/file.c
> index c5517ffeb11c..f6b0683dd8dc 100644
> --- a/fs/ceph/file.c
> +++ b/fs/ceph/file.c
> @@ -1949,6 +1949,21 @@ static ssize_t __ceph_copy_file_range(struct file *src_file, loff_t src_off,
> goto out;
> }
>
> + ret = ceph_do_getattr(dst_inode, CEPH_CAP_AUTH_SHARED, false);
> + if (ret < 0) {
> + dout("failed to get auth caps on dst file (%zd)\n", ret);
> + goto out;
> + }
> +
I think this is still racy. You could lose As caps before file_modified
is called. IMO, this code should hold a reference to As caps until the
c_f_r operation is complete.
That may get tricky however if you do need to issue a setattr to change
the mode, as the MDS may try to recall As caps at that point. You won't
be able to release them until you drop the reference, so will that
deadlock? I'm not sure.
> + /* Should dst_inode lock be held throughout the copy operation? */
> + inode_lock(dst_inode);
> + ret = file_modified(dst_file);
> + inode_unlock(dst_inode);
> + if (ret < 0) {
> + dout("failed to modify dst file before copy (%zd)\n", ret);
> + goto out;
> + }
> +
> /*
> * We need FILE_WR caps for dst_ci and FILE_RD for src_ci as other
> * clients may have dirty data in their caches. And OSDs know nothing
--
Jeff Layton <jlayton@kernel.org>
next prev parent reply other threads:[~2019-06-14 11:43 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-10 17:40 [PATCH] ceph: copy_file_range needs to strip setuid bits and update timestamps Amir Goldstein
2019-06-10 19:24 ` Ilya Dryomov
2019-06-11 8:39 ` Luis Henriques
2019-06-13 12:03 ` Jeff Layton
2019-06-13 15:50 ` Luis Henriques
2019-06-13 17:48 ` Jeff Layton
2019-06-14 8:52 ` Luis Henriques
2019-06-14 11:43 ` Jeff Layton [this message]
2019-06-14 17:38 ` Jeff Layton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e9d51b85eef556f5ebe74bd581961953c5d9f2b4.camel@kernel.org \
--to=jlayton@kernel.org \
--cc=amir73il@gmail.com \
--cc=ceph-devel@vger.kernel.org \
--cc=darrick.wong@oracle.com \
--cc=david@fromorbit.com \
--cc=hch@lst.de \
--cc=idryomov@gmail.com \
--cc=lhenriques@suse.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-xfs@vger.kernel.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).