From: "Darrick J. Wong" <djwong@kernel.org>
To: Christoph Hellwig <hch@lst.de>
Cc: Chandan Babu R <chandan.babu@oracle.com>,
Hugh Dickins <hughd@google.com>,
Andrew Morton <akpm@linux-foundation.org>,
linux-xfs@vger.kernel.org, linux-mm@kvack.org
Subject: Re: [PATCH 08/15] xfs: don't modify file and inode flags for shmem files
Date: Wed, 3 Jan 2024 16:01:45 -0800 [thread overview]
Message-ID: <20240104000145.GB361584@frogsfrogsfrogs> (raw)
In-Reply-To: <20240103084126.513354-9-hch@lst.de>
On Wed, Jan 03, 2024 at 08:41:19AM +0000, Christoph Hellwig wrote:
> shmem_file_setup is explicitly intended for a file that can be
> fully read and written by kernel users without restrictions. Don't
> poke into internals to change random flags in the file or inode.
>
> Signed-off-by: Christoph Hellwig <hch@lst.de>
> ---
> fs/xfs/scrub/xfile.c | 15 ---------------
> 1 file changed, 15 deletions(-)
>
> diff --git a/fs/xfs/scrub/xfile.c b/fs/xfs/scrub/xfile.c
> index ec1be08937977a..e872f4f0263f59 100644
> --- a/fs/xfs/scrub/xfile.c
> +++ b/fs/xfs/scrub/xfile.c
> @@ -74,22 +74,7 @@ xfile_create(
> goto out_xfile;
> }
>
> - /*
> - * We want a large sparse file that we can pread, pwrite, and seek.
> - * xfile users are responsible for keeping the xfile hidden away from
> - * all other callers, so we skip timestamp updates and security checks.
> - * Make the inode only accessible by root, just in case the xfile ever
> - * escapes.
> - */
> - xf->file->f_mode |= FMODE_PREAD | FMODE_PWRITE | FMODE_NOCMTIME |
> - FMODE_LSEEK;
> - xf->file->f_flags |= O_RDWR | O_LARGEFILE | O_NOATIME;
> inode = file_inode(xf->file);
> - inode->i_flags |= S_PRIVATE | S_NOCMTIME | S_NOATIME;
I actually want S_PRIVATE here to avoid interference from all the
security hooks and whatnot when scrub is using an xfile to stash a
large amount of data. Shouldn't this patch change xfile_create to call
shmem_kernel_file_setup instead?
> - inode->i_mode &= ~0177;
> - inode->i_uid = GLOBAL_ROOT_UID;
> - inode->i_gid = GLOBAL_ROOT_GID;
Also, I don't know if it matters that the default uid/gid are now going
to be whatever the defaults would be for a new file instead of root
only. That seems like it could invite problems, but otoh xfiles are
never installed in the fd table so userspace should never get access
anyway.
--D
> -
> lockdep_set_class(&inode->i_rwsem, &xfile_i_mutex_key);
>
> trace_xfile_create(xf);
> --
> 2.39.2
>
>
next prev parent reply other threads:[~2024-01-04 0:01 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-03 8:41 put the xfs xfile abstraction on a diet Christoph Hellwig
2024-01-03 8:41 ` [PATCH 01/15] shmem: move the shmem_mapping assert into shmem_get_folio_gfp Christoph Hellwig
2024-01-03 23:32 ` Darrick J. Wong
2024-01-03 8:41 ` [PATCH 02/15] shmem: export shmem_get_folio Christoph Hellwig
2024-01-03 8:41 ` [PATCH 03/15] shmem: document how to "persist" data when using shmem_*file_setup Christoph Hellwig
2024-01-04 0:21 ` Darrick J. Wong
2024-01-03 8:41 ` [PATCH 04/15] xfs: remove xfile_stat Christoph Hellwig
2024-01-03 23:45 ` Darrick J. Wong
2024-01-04 6:14 ` Christoph Hellwig
2024-01-04 6:55 ` Darrick J. Wong
2024-01-03 8:41 ` [PATCH 05/15] xfs: remove the xfile_pread/pwrite APIs Christoph Hellwig
2024-01-03 23:48 ` Darrick J. Wong
2024-01-04 6:15 ` Christoph Hellwig
2024-01-04 6:58 ` Darrick J. Wong
2024-01-03 8:41 ` [PATCH 06/15] xfs: don't try to handle non-update pages in xfile_obj_load Christoph Hellwig
2024-01-03 23:55 ` Darrick J. Wong
2024-01-04 6:21 ` Christoph Hellwig
2024-01-03 8:41 ` [PATCH 07/15] xfs: shmem_file_setup can't return NULL Christoph Hellwig
2024-01-03 23:56 ` Darrick J. Wong
2024-01-03 8:41 ` [PATCH 08/15] xfs: don't modify file and inode flags for shmem files Christoph Hellwig
2024-01-04 0:01 ` Darrick J. Wong [this message]
2024-01-04 6:23 ` Christoph Hellwig
2024-01-03 8:41 ` [PATCH 09/15] xfs: don't allow highmem pages in xfile mappings Christoph Hellwig
[not found] ` <20240104000324.GC361584@frogsfrogsfrogs>
2024-01-04 6:24 ` Christoph Hellwig
2024-01-04 7:01 ` Darrick J. Wong
2024-01-03 8:41 ` [PATCH 10/15] xfs: remove xfarray_sortinfo.page_kaddr Christoph Hellwig
2024-01-04 0:04 ` Darrick J. Wong
2024-01-03 8:41 ` [PATCH 11/15] xfs: use shmem_get_folio in xfile_get_page Christoph Hellwig
2024-01-04 0:12 ` Darrick J. Wong
2024-01-04 6:25 ` Christoph Hellwig
2024-01-03 8:41 ` [PATCH 12/15] xfs: remove struct xfile_page Christoph Hellwig
2024-01-10 22:42 ` Darrick J. Wong
2024-01-03 8:41 ` [PATCH 13/15] xfs: don't unconditionally allocate a new page in xfile_get_page Christoph Hellwig
2024-01-04 0:18 ` Darrick J. Wong
2024-01-03 8:41 ` [PATCH 14/15] xfs: use xfile_get_page and xfile_put_page in xfile_obj_store Christoph Hellwig
2024-01-04 0:20 ` Darrick J. Wong
2024-01-04 6:26 ` Christoph Hellwig
2024-01-03 8:41 ` [PATCH 15/15] xfs: use xfile_get_page and xfile_put_page in xfile_obj_load Christoph Hellwig
2024-01-04 0:21 ` Darrick J. Wong
2024-01-04 1:35 ` put the xfs xfile abstraction on a diet Darrick J. Wong
2024-01-04 6:26 ` Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240104000145.GB361584@frogsfrogsfrogs \
--to=djwong@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=chandan.babu@oracle.com \
--cc=hch@lst.de \
--cc=hughd@google.com \
--cc=linux-mm@kvack.org \
--cc=linux-xfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox