vfs: allow FILE_EXTENT_SAME (dedupe_file_range) on a file opened ro
diff mbox

Message ID 1468793618-10496-1-git-send-email-kilobyte@angband.pl
State Not Applicable
Headers show

Commit Message

Adam Borowski July 17, 2016, 10:13 p.m. UTC
Instead of checking the mode of the file descriptor, let's check whether it
could have been opened rw.  This allows fixing intermittent exec failures
when deduping a live system: anyone trying to exec a file currently being
deduped gets ETXTBSY.

Issuing this ioctl on a ro file was already allowed for root/cap.

Tested on btrfs and not-yet-merged xfs, as only them implement this ioctl.

Signed-off-by: Adam Borowski <kilobyte@angband.pl>
---
 fs/read_write.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Adam Borowski July 17, 2016, 10:32 p.m. UTC | #1
On Mon, Jul 18, 2016 at 12:13:38AM +0200, Adam Borowski wrote:
> Instead of checking the mode of the file descriptor, let's check whether it
> could have been opened rw.  This allows fixing intermittent exec failures
> when deduping a live system: anyone trying to exec a file currently being
> deduped gets ETXTBSY.
> 
> Issuing this ioctl on a ro file was already allowed for root/cap.
> 
> Tested on btrfs and not-yet-merged xfs, as only them implement this ioctl.

This is a resend of a patch I've targetted at the wrong maintainer (btrfs
guys rather than Al Viro/vfs).  Since then, I've tested it on xfs-devel
(f0b34b677df10d9e3deffcd0b1c1aaaaf0234b80 atop of 4.7-rc5 and -rc7).

Review so far:
http://thread.gmane.org/gmane.comp.file-systems.btrfs/56563

An idea to relax the check and allow dedupe to everyone who can read the
file was shot down because of concerns that in some edge cases it might be
possible to clobber a targetted file.  Thus, we're back to the original
patch, requiring ro descriptor but rw permission.


Meow!
Mark Fasheh July 18, 2016, 7:51 p.m. UTC | #2
On Mon, Jul 18, 2016 at 12:13:38AM +0200, Adam Borowski wrote:
> Instead of checking the mode of the file descriptor, let's check whether it
> could have been opened rw.  This allows fixing intermittent exec failures
> when deduping a live system: anyone trying to exec a file currently being
> deduped gets ETXTBSY.
> 
> Issuing this ioctl on a ro file was already allowed for root/cap.
> 
> Tested on btrfs and not-yet-merged xfs, as only them implement this ioctl.
> 
> Signed-off-by: Adam Borowski <kilobyte@angband.pl>

Reviewed-by: Mark Fasheh <mfasheh@suse.de>
	--Mark

--
Mark Fasheh
--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Darrick J. Wong July 19, 2016, 2:41 a.m. UTC | #3
On Mon, Jul 18, 2016 at 12:13:38AM +0200, Adam Borowski wrote:
> Instead of checking the mode of the file descriptor, let's check whether it
> could have been opened rw.  This allows fixing intermittent exec failures
> when deduping a live system: anyone trying to exec a file currently being
> deduped gets ETXTBSY.
> 
> Issuing this ioctl on a ro file was already allowed for root/cap.
> 
> Tested on btrfs and not-yet-merged xfs, as only them implement this ioctl.
> 
> Signed-off-by: Adam Borowski <kilobyte@angband.pl>

Could you please send an xfstest to test this aspect of the dedupe ioctl?

--D

> ---
>  fs/read_write.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/fs/read_write.c b/fs/read_write.c
> index 933b53a..df59dc6 100644
> --- a/fs/read_write.c
> +++ b/fs/read_write.c
> @@ -1723,7 +1723,7 @@ int vfs_dedupe_file_range(struct file *file, struct file_dedupe_range *same)
>  
>  		if (info->reserved) {
>  			info->status = -EINVAL;
> -		} else if (!(is_admin || (dst_file->f_mode & FMODE_WRITE))) {
> +		} else if (!(is_admin || !inode_permission(dst, MAY_WRITE))) {
>  			info->status = -EINVAL;
>  		} else if (file->f_path.mnt != dst_file->f_path.mnt) {
>  			info->status = -EXDEV;
> -- 
> 2.8.1
> 
--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch
diff mbox

diff --git a/fs/read_write.c b/fs/read_write.c
index 933b53a..df59dc6 100644
--- a/fs/read_write.c
+++ b/fs/read_write.c
@@ -1723,7 +1723,7 @@  int vfs_dedupe_file_range(struct file *file, struct file_dedupe_range *same)
 
 		if (info->reserved) {
 			info->status = -EINVAL;
-		} else if (!(is_admin || (dst_file->f_mode & FMODE_WRITE))) {
+		} else if (!(is_admin || !inode_permission(dst, MAY_WRITE))) {
 			info->status = -EINVAL;
 		} else if (file->f_path.mnt != dst_file->f_path.mnt) {
 			info->status = -EXDEV;