From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, "Darrick J. Wong" <djwong@kernel.org>,
Theodore Tso <tytso@mit.edu>,
stable@kernel.org
Subject: [PATCH 5.10 74/86] ext4: fix fallocate to use file_modified to update permissions consistently
Date: Tue, 26 Apr 2022 10:21:42 +0200 [thread overview]
Message-ID: <20220426081743.345737451@linuxfoundation.org> (raw)
In-Reply-To: <20220426081741.202366502@linuxfoundation.org>
From: Darrick J. Wong <djwong@kernel.org>
commit ad5cd4f4ee4d5fcdb1bfb7a0c073072961e70783 upstream.
Since the initial introduction of (posix) fallocate back at the turn of
the century, it has been possible to use this syscall to change the
user-visible contents of files. This can happen by extending the file
size during a preallocation, or through any of the newer modes (punch,
zero, collapse, insert range). Because the call can be used to change
file contents, we should treat it like we do any other modification to a
file -- update the mtime, and drop set[ug]id privileges/capabilities.
The VFS function file_modified() does all this for us if pass it a
locked inode, so let's make fallocate drop permissions correctly.
Signed-off-by: Darrick J. Wong <djwong@kernel.org>
Link: https://lore.kernel.org/r/20220308185043.GA117678@magnolia
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
fs/ext4/ext4.h | 2 +-
fs/ext4/extents.c | 32 +++++++++++++++++++++++++-------
fs/ext4/inode.c | 7 ++++++-
3 files changed, 32 insertions(+), 9 deletions(-)
--- a/fs/ext4/ext4.h
+++ b/fs/ext4/ext4.h
@@ -2870,7 +2870,7 @@ extern int ext4_inode_attach_jinode(stru
extern int ext4_can_truncate(struct inode *inode);
extern int ext4_truncate(struct inode *);
extern int ext4_break_layouts(struct inode *);
-extern int ext4_punch_hole(struct inode *inode, loff_t offset, loff_t length);
+extern int ext4_punch_hole(struct file *file, loff_t offset, loff_t length);
extern void ext4_set_inode_flags(struct inode *, bool init);
extern int ext4_alloc_da_blocks(struct inode *inode);
extern void ext4_set_aops(struct inode *inode);
--- a/fs/ext4/extents.c
+++ b/fs/ext4/extents.c
@@ -4498,9 +4498,9 @@ retry:
return ret > 0 ? ret2 : ret;
}
-static int ext4_collapse_range(struct inode *inode, loff_t offset, loff_t len);
+static int ext4_collapse_range(struct file *file, loff_t offset, loff_t len);
-static int ext4_insert_range(struct inode *inode, loff_t offset, loff_t len);
+static int ext4_insert_range(struct file *file, loff_t offset, loff_t len);
static long ext4_zero_range(struct file *file, loff_t offset,
loff_t len, int mode)
@@ -4571,6 +4571,10 @@ static long ext4_zero_range(struct file
/* Wait all existing dio workers, newcomers will block on i_mutex */
inode_dio_wait(inode);
+ ret = file_modified(file);
+ if (ret)
+ goto out_mutex;
+
/* Preallocate the range including the unaligned edges */
if (partial_begin || partial_end) {
ret = ext4_alloc_file_blocks(file,
@@ -4689,7 +4693,7 @@ long ext4_fallocate(struct file *file, i
ext4_fc_start_update(inode);
if (mode & FALLOC_FL_PUNCH_HOLE) {
- ret = ext4_punch_hole(inode, offset, len);
+ ret = ext4_punch_hole(file, offset, len);
goto exit;
}
@@ -4698,12 +4702,12 @@ long ext4_fallocate(struct file *file, i
goto exit;
if (mode & FALLOC_FL_COLLAPSE_RANGE) {
- ret = ext4_collapse_range(inode, offset, len);
+ ret = ext4_collapse_range(file, offset, len);
goto exit;
}
if (mode & FALLOC_FL_INSERT_RANGE) {
- ret = ext4_insert_range(inode, offset, len);
+ ret = ext4_insert_range(file, offset, len);
goto exit;
}
@@ -4739,6 +4743,10 @@ long ext4_fallocate(struct file *file, i
/* Wait all existing dio workers, newcomers will block on i_mutex */
inode_dio_wait(inode);
+ ret = file_modified(file);
+ if (ret)
+ goto out;
+
ret = ext4_alloc_file_blocks(file, lblk, max_blocks, new_size, flags);
if (ret)
goto out;
@@ -5241,8 +5249,9 @@ out:
* This implements the fallocate's collapse range functionality for ext4
* Returns: 0 and non-zero on error.
*/
-static int ext4_collapse_range(struct inode *inode, loff_t offset, loff_t len)
+static int ext4_collapse_range(struct file *file, loff_t offset, loff_t len)
{
+ struct inode *inode = file_inode(file);
struct super_block *sb = inode->i_sb;
ext4_lblk_t punch_start, punch_stop;
handle_t *handle;
@@ -5293,6 +5302,10 @@ static int ext4_collapse_range(struct in
/* Wait for existing dio to complete */
inode_dio_wait(inode);
+ ret = file_modified(file);
+ if (ret)
+ goto out_mutex;
+
/*
* Prevent page faults from reinstantiating pages we have released from
* page cache.
@@ -5387,8 +5400,9 @@ out_mutex:
* by len bytes.
* Returns 0 on success, error otherwise.
*/
-static int ext4_insert_range(struct inode *inode, loff_t offset, loff_t len)
+static int ext4_insert_range(struct file *file, loff_t offset, loff_t len)
{
+ struct inode *inode = file_inode(file);
struct super_block *sb = inode->i_sb;
handle_t *handle;
struct ext4_ext_path *path;
@@ -5444,6 +5458,10 @@ static int ext4_insert_range(struct inod
/* Wait for existing dio to complete */
inode_dio_wait(inode);
+ ret = file_modified(file);
+ if (ret)
+ goto out_mutex;
+
/*
* Prevent page faults from reinstantiating pages we have released from
* page cache.
--- a/fs/ext4/inode.c
+++ b/fs/ext4/inode.c
@@ -4028,8 +4028,9 @@ int ext4_break_layouts(struct inode *ino
* Returns: 0 on success or negative on failure
*/
-int ext4_punch_hole(struct inode *inode, loff_t offset, loff_t length)
+int ext4_punch_hole(struct file *file, loff_t offset, loff_t length)
{
+ struct inode *inode = file_inode(file);
struct super_block *sb = inode->i_sb;
ext4_lblk_t first_block, stop_block;
struct address_space *mapping = inode->i_mapping;
@@ -4091,6 +4092,10 @@ int ext4_punch_hole(struct inode *inode,
/* Wait all existing dio workers, newcomers will block on i_mutex */
inode_dio_wait(inode);
+ ret = file_modified(file);
+ if (ret)
+ goto out_mutex;
+
/*
* Prevent page faults from reinstantiating pages we have released from
* page cache.
next prev parent reply other threads:[~2022-04-26 8:43 UTC|newest]
Thread overview: 97+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-26 8:20 [PATCH 5.10 00/86] 5.10.113-rc1 review Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 01/86] etherdevice: Adjust ether_addr* prototypes to silence -Wstringop-overead Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 02/86] mm: page_alloc: fix building error on -Werror=array-compare Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 03/86] tracing: Dump stacktrace trigger to the corresponding instance Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 04/86] perf tools: Fix segfault accessing sample_id xyarray Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 05/86] gfs2: assign rgrp glock before compute_bitstructs Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 06/86] net/sched: cls_u32: fix netns refcount changes in u32_change() Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 07/86] ALSA: usb-audio: Clear MIDI port active flag after draining Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 08/86] ALSA: hda/realtek: Add quirk for Clevo NP70PNP Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 09/86] dm: fix mempool NULL pointer race when completing IO Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 10/86] ASoC: atmel: Remove system clock tree configuration for at91sam9g20ek Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 11/86] ASoC: msm8916-wcd-digital: Check failure for devm_snd_soc_register_component Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 12/86] ASoC: codecs: wcd934x: do not switch off SIDO Buck when codec is in use Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 13/86] dmaengine: imx-sdma: Fix error checking in sdma_event_remap Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 14/86] dmaengine: mediatek:Fix PM usage reference leak of mtk_uart_apdma_alloc_chan_resources Greg Kroah-Hartman
2022-04-27 20:28 ` Pavel Machek
2022-04-27 20:32 ` Pavel Machek
2022-04-26 8:20 ` [PATCH 5.10 15/86] spi: spi-mtk-nor: initialize spi controller after resume Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 16/86] esp: limit skb_page_frag_refill use to a single page Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 17/86] igc: Fix infinite loop in release_swfw_sync Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 18/86] igc: Fix BUG: scheduling while atomic Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 19/86] rxrpc: Restore removed timer deletion Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 20/86] net/smc: Fix sock leak when release after smc_shutdown() Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 21/86] net/packet: fix packet_sock xmit return value checking Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 22/86] ip6_gre: Avoid updating tunnel->tun_hlen in __gre6_xmit() Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 23/86] ip6_gre: Fix skb_under_panic " Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 24/86] net/sched: cls_u32: fix possible leak in u32_init_knode() Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 25/86] l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using netdev_master_upper_dev_get_rcu Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 26/86] ipv6: make ip6_rt_gc_expire an atomic_t Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 27/86] netlink: reset network and mac headers in netlink_dump() Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 28/86] net: stmmac: Use readl_poll_timeout_atomic() in atomic state Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 29/86] dmaengine: idxd: add RO check for wq max_batch_size write Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 30/86] dmaengine: idxd: add RO check for wq max_transfer_size write Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.10 31/86] selftests: mlxsw: vxlan_flooding: Prevent flooding of unwanted packets Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 32/86] arm64/mm: Remove [PUD|PMD]_TABLE_BIT from [pud|pmd]_bad() Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 33/86] arm64: mm: fix p?d_leaf() Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 34/86] ARM: vexpress/spc: Avoid negative array index when !SMP Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 35/86] reset: tegra-bpmp: Restore Handle errors in BPMP response Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 36/86] platform/x86: samsung-laptop: Fix an unsigned comparison which can never be negative Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 37/86] ALSA: usb-audio: Fix undefined behavior due to shift overflowing the constant Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 38/86] arm64: dts: imx: Fix imx8*-var-som touchscreen property sizes Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 39/86] vxlan: fix error return code in vxlan_fdb_append Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 40/86] cifs: Check the IOCB_DIRECT flag, not O_DIRECT Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 41/86] net: atlantic: Avoid out-of-bounds indexing Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 42/86] mt76: Fix undefined behavior due to shift overflowing the constant Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 43/86] brcmfmac: sdio: " Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 44/86] dpaa_eth: Fix missing of_node_put in dpaa_get_ts_info() Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 45/86] drm/msm/mdp5: check the return of kzalloc() Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 46/86] net: macb: Restart tx only if queue pointer is lagging Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 47/86] scsi: qedi: Fix failed disconnect handling Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 48/86] stat: fix inconsistency between struct stat and struct compat_stat Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 49/86] nvme: add a quirk to disable namespace identifiers Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 50/86] nvme-pci: disable namespace identifiers for Qemu controllers Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 51/86] EDAC/synopsys: Read the error count from the correct register Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 52/86] mm, hugetlb: allow for "high" userspace addresses Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 53/86] oom_kill.c: futex: delay the OOM reaper to allow time for proper futex cleanup Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 54/86] mm/mmu_notifier.c: fix race in mmu_interval_notifier_remove() Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 55/86] ata: pata_marvell: Check the bmdma_addr beforing reading Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 56/86] dma: at_xdmac: fix a missing check on list iterator Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 57/86] net: atlantic: invert deep par in pm functions, preventing null derefs Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 58/86] xtensa: patch_text: Fixup last cpu should be master Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 59/86] xtensa: fix a7 clobbering in coprocessor context load/store Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 60/86] openvswitch: fix OOB access in reserve_sfa_size() Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 61/86] gpio: Request interrupts after IRQ is initialized Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 62/86] ASoC: soc-dapm: fix two incorrect uses of list iterator Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 63/86] e1000e: Fix possible overflow in LTR decoding Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 64/86] ARC: entry: fix syscall_trace_exit argument Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 65/86] arm_pmu: Validate single/group leader events Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 66/86] sched/pelt: Fix attach_entity_load_avg() corner case Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 67/86] perf/core: Fix perf_mmap fail when CONFIG_PERF_USE_VMALLOC enabled Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 68/86] drm/panel/raspberrypi-touchscreen: Avoid NULL deref if not initialised Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 69/86] drm/panel/raspberrypi-touchscreen: Initialise the bridge in prepare Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 70/86] KVM: PPC: Fix TCE handling for VFIO Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 71/86] drm/vc4: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync() usage Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 72/86] powerpc/perf: Fix power9 event alternatives Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 73/86] perf report: Set PERF_SAMPLE_DATA_SRC bit for Arm SPE event Greg Kroah-Hartman
2022-04-26 8:21 ` Greg Kroah-Hartman [this message]
2022-04-26 8:21 ` [PATCH 5.10 75/86] ext4: fix symlink file size not match to file content Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 76/86] ext4: fix use-after-free in ext4_search_dir Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 77/86] ext4: limit length to bitmap_maxbytes - blocksize in punch_hole Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 78/86] ext4, doc: fix incorrect h_reserved size Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 79/86] ext4: fix overhead calculation to account for the reserved gdt blocks Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 80/86] ext4: force overhead calculation if the s_overhead_cluster makes no sense Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 81/86] can: isotp: stop timeout monitoring when no first frame was sent Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 82/86] jbd2: fix a potential race while discarding reserved buffers after an abort Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 83/86] spi: atmel-quadspi: Fix the buswidth adjustment between spi-mem and controller Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 84/86] staging: ion: Prevent incorrect reference counting behavour Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 85/86] block/compat_ioctl: fix range check in BLKGETSIZE Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.10 86/86] Revert "net: micrel: fix KS8851_MLL Kconfig" Greg Kroah-Hartman
2022-04-26 16:20 ` [PATCH 5.10 00/86] 5.10.113-rc1 review Jon Hunter
2022-04-26 17:12 ` Florian Fainelli
2022-04-26 19:58 ` Pavel Machek
2022-04-26 20:12 ` Guenter Roeck
2022-04-26 20:14 ` Shuah Khan
2022-04-27 1:54 ` Slade Watkins
2022-04-27 8:08 ` Naresh Kamboju
2022-04-27 11:09 ` Sudip Mukherjee
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220426081743.345737451@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=djwong@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@kernel.org \
--cc=stable@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox