linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Jianyong Wu <jianyong.wu@arm.com>
To: ericvh@gmail.com, lucho@ionkov.net, asmadeus@codewreck.org,
	v9fs-developer@lists.sourceforge.net
Cc: linux-kernel@vger.kernel.org, justin.he@arm.com,
	jianyong.wu@arm.com, Greg Kurz <groug@kaod.org>
Subject: [PATCH RFC 3/4] fs/9p: search open fids first
Date: Mon, 14 Sep 2020 11:37:53 +0800	[thread overview]
Message-ID: <20200914033754.29188-4-jianyong.wu@arm.com> (raw)
In-Reply-To: <20200914033754.29188-1-jianyong.wu@arm.com>

From: Greg Kurz <groug@kaod.org>

A previous patch fixed the "create-unlink-getattr" idiom: if getattr is
called on an unlinked file, we try to find an open fid attached to the
corresponding inode.

We have a similar issue with file permissions and setattr:

open("./test.txt", O_RDWR|O_CREAT, 0666) = 4
chmod("./test.txt", 0)                  = 0
truncate("./test.txt", 0)               = -1 EACCES (Permission denied)
ftruncate(4, 0)                         = -1 EACCES (Permission denied)

The failure is expected with truncate() but not with ftruncate().

This happens because the lookup code does find a matching fid in the
dentry list. Unfortunately, this is not an open fid and the server
will be forced to rely on the path name, rather than on an open file
descriptor. This is the case in QEMU: the setattr operation will use
truncate() and fail because of bad write permissions.

This patch changes the logic in the lookup code, so that we consider
open fids first. It gives a chance to the server to match this open
fid to an open file descriptor and use ftruncate() instead of truncate().
This does not change the current behaviour for truncate() and other
path name based syscalls, since file permissions are checked earlier
in the VFS layer.

With this patch, we get:

open("./test.txt", O_RDWR|O_CREAT, 0666) = 4
chmod("./test.txt", 0)                  = 0
truncate("./test.txt", 0)               = -1 EACCES (Permission denied)
ftruncate(4, 0)                         = 0

Change-Id: Icb657359493fc9c06956881551e83c7e1af4f024
Signed-off-by: Greg Kurz <groug@kaod.org>
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
---
 fs/9p/fid.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/fs/9p/fid.c b/fs/9p/fid.c
index d11dd430590d..0b23b0fe6c51 100644
--- a/fs/9p/fid.c
+++ b/fs/9p/fid.c
@@ -95,8 +95,12 @@ static struct p9_fid *v9fs_fid_find(struct dentry *dentry, kuid_t uid, int any)
 		 dentry, dentry, from_kuid(&init_user_ns, uid),
 		 any);
 	ret = NULL;
+
+	if (d_inode(dentry))
+		ret = v9fs_fid_find_inode(d_inode(dentry), uid);
+
 	/* we'll recheck under lock if there's anything to look in */
-	if (dentry->d_fsdata) {
+	if (!ret && dentry->d_fsdata) {
 		struct hlist_head *h = (struct hlist_head *)&dentry->d_fsdata;
 		spin_lock(&dentry->d_lock);
 		hlist_for_each_entry(fid, h, dlist) {
@@ -106,9 +110,6 @@ static struct p9_fid *v9fs_fid_find(struct dentry *dentry, kuid_t uid, int any)
 			}
 		}
 		spin_unlock(&dentry->d_lock);
-	} else {
-		if (dentry->d_inode)
-			ret = v9fs_fid_find_inode(dentry->d_inode, uid);
 	}
 
 	return ret;
-- 
2.17.1


  parent reply	other threads:[~2020-09-14  3:38 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-09-14  3:37 [PATCH RFC 0/4] 9p: fix open-unlink-f*syscall bug Jianyong Wu
2020-09-14  3:37 ` [PATCH RFC 1/4] fs/9p: fix create-unlink-getattr idiom Jianyong Wu
2020-09-14  6:00   ` Dominique Martinet
2020-09-14  8:11     ` Greg Kurz
2020-09-14  3:37 ` [PATCH RFC 2/4] fs/9p: track open fids Jianyong Wu
2020-09-14  3:37 ` Jianyong Wu [this message]
2020-09-14  3:37 ` [PATCH RFC 4/4] 9p: fix race issue in fid contention Jianyong Wu
2020-09-14  5:55   ` Dominique Martinet
2020-09-14  6:31     ` [V9fs-developer] " Dominique Martinet
2020-09-14  7:50       ` Jianyong Wu
2020-09-14  7:32     ` Jianyong Wu
2020-09-14  8:32       ` Dominique Martinet
2020-09-14 12:34         ` Jianyong Wu
2020-09-18  8:57         ` Jianyong Wu
2020-09-18  9:34           ` Dominique Martinet
2020-09-18 10:05             ` Jianyong Wu
2020-09-14  8:35 ` [V9fs-developer] [PATCH RFC 0/4] 9p: fix open-unlink-f*syscall bug Greg Kurz
2020-09-14 11:06   ` Christian Schoenebeck
2020-09-14 12:43     ` Greg Kurz
2020-09-14 15:19       ` Christian Schoenebeck
2020-09-14 15:46         ` Greg Kurz
2020-09-16 12:16           ` Greg Kurz
2020-09-17 10:07             ` Christian Schoenebeck
2020-09-14 12:36   ` Jianyong Wu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200914033754.29188-4-jianyong.wu@arm.com \
    --to=jianyong.wu@arm.com \
    --cc=asmadeus@codewreck.org \
    --cc=ericvh@gmail.com \
    --cc=groug@kaod.org \
    --cc=justin.he@arm.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lucho@ionkov.net \
    --cc=v9fs-developer@lists.sourceforge.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).