From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id BB5A6C3DA6E for ; Thu, 4 Jan 2024 00:01:49 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4842D6B027D; Wed, 3 Jan 2024 19:01:49 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 4348B6B02B5; Wed, 3 Jan 2024 19:01:49 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3070D6B0384; Wed, 3 Jan 2024 19:01:49 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 1E5766B027D for ; Wed, 3 Jan 2024 19:01:49 -0500 (EST) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id EB844A1D3D for ; Thu, 4 Jan 2024 00:01:48 +0000 (UTC) X-FDA: 81639675096.03.17BEAC6 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf10.hostedemail.com (Postfix) with ESMTP id 3DBCCC002D for ; Thu, 4 Jan 2024 00:01:47 +0000 (UTC) Authentication-Results: imf10.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=pfeSvWyr; spf=pass (imf10.hostedemail.com: domain of djwong@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=djwong@kernel.org; dmarc=pass (policy=none) header.from=kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1704326507; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=/0bKvcA9b0d3pIo4jL3E4OSoc5T4oxhRvZzODHlVUe0=; b=3QsI62JwRkZ+YqtoaNiiU6o587FS4EaVw5JEv5Np1iZOl+DYAalQlA17kxoWVEi1a7LrNh s+BeJFhJIq5qjBnTT/Ehq7nHcYnIiDsPKboRmHkKMCOVo/94PZRdsRPeD4UICzbEz89qDJ oo9AZYa6338zJdOBXFNf+QAKLEl+4zM= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1704326507; a=rsa-sha256; cv=none; b=4Ig/GdrDCEnr9KhQ2e4ID6iAfoaBYJBnkyumJu00W1jVVdfE8nvs2jB1GgFtcY0Pok57L8 w/RN3z05UjiEZcuQhe4VH8y0VJYFO9kv7CvN3wc1zxGfp7xv6NxsbM/Y/AHXfQ8yiF87ry E2G0/fuLxWaCt0LlXFGfAT4F9SJWgwE= ARC-Authentication-Results: i=1; imf10.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=pfeSvWyr; spf=pass (imf10.hostedemail.com: domain of djwong@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=djwong@kernel.org; dmarc=pass (policy=none) header.from=kernel.org Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id 0F9DD60C0D; Thu, 4 Jan 2024 00:01:46 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id A4F37C433C8; Thu, 4 Jan 2024 00:01:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1704326505; bh=/guVucB56dYF1ZTM5/O+gnhnb1I2Sv0x4haGwBSYi4o=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=pfeSvWyrKjHqw0tsODAjwQkN7uhWb3XW+NFYyPzEa8rt7klnkbvTusq/oyb713wsT LMb5QcskjHuuflcYK6R0k2ANAA/mDRJDTysMAbxUCCX5o2yFbKIhIsgkjFsLrB7x+9 gS8SBHe/C/NXVIxKiNJOWZD0tl+Q+iCPPWZfAF0tCJPhV+HwSwZw5imKjFakthpSCA /mznxgFmsk7MBGnZYw3beU+AW53J3d6kczLQWCcYf9kW3MH8d58p4YgPQhwbLUAqFW zZ9u3e0Ft+LsX9NY4wkCZbtK2CKvJbLX+4OYobk5YI3A4zD9yj/N9iIFlV1C/MDhu9 Hbc2Fl6jCIisA== Date: Wed, 3 Jan 2024 16:01:45 -0800 From: "Darrick J. Wong" To: Christoph Hellwig Cc: Chandan Babu R , Hugh Dickins , Andrew Morton , linux-xfs@vger.kernel.org, linux-mm@kvack.org Subject: Re: [PATCH 08/15] xfs: don't modify file and inode flags for shmem files Message-ID: <20240104000145.GB361584@frogsfrogsfrogs> References: <20240103084126.513354-1-hch@lst.de> <20240103084126.513354-9-hch@lst.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240103084126.513354-9-hch@lst.de> X-Rspamd-Queue-Id: 3DBCCC002D X-Rspam-User: X-Rspamd-Server: rspam11 X-Stat-Signature: essp1m5tr6p96ncrxr33cnxbm8hzzq89 X-HE-Tag: 1704326507-168848 X-HE-Meta: U2FsdGVkX18O0/+ispC9Jqw6uDRwkZfO6g90t2rtoBkgP+2p3Z3hFJEJul9T3hOfMCVPmPXlAHCaVcyK/J/sDQs70AnmlGYRLWqx1e8z0EtDV8Gz8zkd3pm4mfcBJnTPC9r6R0z0y7bz0JrHUuXID+s7aH/L2So8xOtE/b23Iz3IgLstxGFZEZRvS2UtyTX3wlO0aSvS9WYVtXxG6dpACdAV6QI9+XF+eoGSasMPoDg0vez4AEbecVYS0XLnC6GFAQDtCRiNBKp/zcBWblPqr++WsE6oE4BQnlro/+mFxOanC+6CU0eIJJ9Xd7MJRLu4kb7w41WgzMRU1RGSI1l//KwPQNgIqyATktqja5U37GN51xeHVUB7lIoZs0+lPkkKFiYMIDXg/zymhdSInONusgNPheyc1/EJwVjkSgoj76reRuFX+X6fabCCuOJwf5RXEN3KVnNzJQPfdj5uem4bmyG4OV9pF6ynOdv7lPAdZsKLEk9kglISHcxtjtkT3Zc0jBxNSQC4/jH6IV3pAazn6tQxUm1OTlA30d8562gt4YffJtHFwTWb2KX5MExxyAQhw+9RbejvU1SFZOJIb0zkPch7oys26OdzABfE24MfdcnXJiDr77DTDqV+OPICyin0mBfJVcQ4Y+U2gv2bHd5ghrDXpGeGgkQyXMV3kYmODtplmKjJdOv++k7bZaapYzD+wuYi3WmH8hnSXyLLFNbi8Kr0HvCgT/S/yN6nTNIi52ZIEHd+m64J0X2rZM1zWP0y1Swkx+arXLtzS89MbrqbkbsNFWuM/ErtY9cLWFXJ8fRohlEkX+ndvizV/WUl4vQCYJKztw8DvTmHGmpsQTl5FXEim5lH/JZPtkMfF/fOXtvJyrXFk75yU7TTZMBPlNx/n2AspAwA3RqOFQdwpU/JShRyCx470TPhEThSF3RpoiHf0HSOguYw0AqjoTBNjmxoRJO7qD3zRJExmpYT/Ln 7S9Mwvp8 bV4EDBDcGTKMB5MrPNCU0pB+jIZF9iLd0s8TYcl47h3Pqy9TdaW2w3JOxCXqG+/MyANurZ4RTlqXkE0Q0i/vg97U++UuAC/V5C6RxV8ZlgxI177YK1C6g7/uWy3ucwm3S2dPSAj2XvpBEGJpft2hG54oeD9yvubitFnjJuWxmLRqQxCfskw0nP9n+gQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Wed, Jan 03, 2024 at 08:41:19AM +0000, Christoph Hellwig wrote: > shmem_file_setup is explicitly intended for a file that can be > fully read and written by kernel users without restrictions. Don't > poke into internals to change random flags in the file or inode. > > Signed-off-by: Christoph Hellwig > --- > fs/xfs/scrub/xfile.c | 15 --------------- > 1 file changed, 15 deletions(-) > > diff --git a/fs/xfs/scrub/xfile.c b/fs/xfs/scrub/xfile.c > index ec1be08937977a..e872f4f0263f59 100644 > --- a/fs/xfs/scrub/xfile.c > +++ b/fs/xfs/scrub/xfile.c > @@ -74,22 +74,7 @@ xfile_create( > goto out_xfile; > } > > - /* > - * We want a large sparse file that we can pread, pwrite, and seek. > - * xfile users are responsible for keeping the xfile hidden away from > - * all other callers, so we skip timestamp updates and security checks. > - * Make the inode only accessible by root, just in case the xfile ever > - * escapes. > - */ > - xf->file->f_mode |= FMODE_PREAD | FMODE_PWRITE | FMODE_NOCMTIME | > - FMODE_LSEEK; > - xf->file->f_flags |= O_RDWR | O_LARGEFILE | O_NOATIME; > inode = file_inode(xf->file); > - inode->i_flags |= S_PRIVATE | S_NOCMTIME | S_NOATIME; I actually want S_PRIVATE here to avoid interference from all the security hooks and whatnot when scrub is using an xfile to stash a large amount of data. Shouldn't this patch change xfile_create to call shmem_kernel_file_setup instead? > - inode->i_mode &= ~0177; > - inode->i_uid = GLOBAL_ROOT_UID; > - inode->i_gid = GLOBAL_ROOT_GID; Also, I don't know if it matters that the default uid/gid are now going to be whatever the defaults would be for a new file instead of root only. That seems like it could invite problems, but otoh xfiles are never installed in the fd table so userspace should never get access anyway. --D > - > lockdep_set_class(&inode->i_rwsem, &xfile_i_mutex_key); > > trace_xfile_create(xf); > -- > 2.39.2 > >