xfs
[Top] [All Lists]

Re: [PATCH v4 6/7] xfs: check that eofblocks ioctl caller can write matc

To: Dave Chinner <david@xxxxxxxxxxxxx>
Subject: Re: [PATCH v4 6/7] xfs: check that eofblocks ioctl caller can write matched inodes
From: Dwight Engen <dwight.engen@xxxxxxxxxx>
Date: Mon, 22 Jul 2013 12:00:07 -0400
Cc: xfs@xxxxxxxxxxx
Delivered-to: xfs@xxxxxxxxxxx
In-reply-to: <20130719060221.GX11674@dastard>
Organization: Oracle Corporation
References: <20130717114746.4e133042@xxxxxxxxxx> <20130719060221.GX11674@dastard>
On Fri, 19 Jul 2013 16:02:21 +1000
Dave Chinner <david@xxxxxxxxxxxxx> wrote:

[...]
> > diff --git a/fs/xfs/xfs_icache.c b/fs/xfs/xfs_icache.c
> > index d873ab9e..728283a 100644
> > --- a/fs/xfs/xfs_icache.c
> > +++ b/fs/xfs/xfs_icache.c
> > @@ -1247,6 +1247,10 @@ xfs_inode_free_eofblocks(
> >             if (!xfs_inode_match_id(ip, eofb))
> >                     return 0;
> >  
> > +           if (eofb->eof_flags & XFS_EOF_FLAGS_PERM_CHECK &&
> > +               inode_permission(VFS_I(ip), MAY_WRITE))
> > +                   return 0;
> 
> This assumes we are walking fully instantiated VFS inodes. That's
> not necessarily true - we may be walking inodes that have already
> been dropped from the VFS and are waiting for background reclaim to

Hi Dave, in looking at this a bit I don't see how they can be dropped
from the VFS since they are igrab()ed in the flow:

xfs_icache_free_eofblocks
  xfs_inode_ag_iterator_tag
    xfs_inode_ag_walk
      xfs_inode_ag_walk_grab
        igrab

and I don't see a way for xfs_inode_free_eofblocks() to be called other
than the ag_walk flow.

If there is a way to get into xfs_inode_free_eofblocks where we can't
use VFS_I(ip) then it will be a problem for the new code in
xfs_inode_match_id() as well.

<Prev in Thread] Current Thread [Next in Thread>