lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20220930111840.10695-10-jlayton@kernel.org>
Date:   Fri, 30 Sep 2022 07:18:40 -0400
From:   Jeff Layton <jlayton@...nel.org>
To:     tytso@....edu, adilger.kernel@...ger.ca, djwong@...nel.org,
        david@...morbit.com, trondmy@...merspace.com, neilb@...e.de,
        viro@...iv.linux.org.uk, zohar@...ux.ibm.com, xiubli@...hat.com,
        chuck.lever@...cle.com, lczerner@...hat.com, jack@...e.cz,
        bfields@...ldses.org, brauner@...nel.org, fweimer@...hat.com
Cc:     linux-btrfs@...r.kernel.org, linux-fsdevel@...r.kernel.org,
        linux-kernel@...r.kernel.org, ceph-devel@...r.kernel.org,
        linux-ext4@...r.kernel.org, linux-nfs@...r.kernel.org,
        linux-xfs@...r.kernel.org
Subject: [PATCH v6 9/9] ext4: update times after I/O in write codepaths

The times currently get updated before the data is copied (or the DIO is
issued) which is problematic for NFSv4. A READ+GETATTR could race with a
write in such a way to make the client associate the state of the file
with the wrong change attribute, and that association could persist
indefinitely if the file sees no further changes.

For this reason, it's better to bump the times and change attribute
after the data has been copied or the DIO write issued.

Signed-off-by: Jeff Layton <jlayton@...nel.org>
---
 fs/ext4/file.c | 20 +++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)

diff --git a/fs/ext4/file.c b/fs/ext4/file.c
index 109d07629f81..1fa8e0239856 100644
--- a/fs/ext4/file.c
+++ b/fs/ext4/file.c
@@ -246,7 +246,7 @@ static ssize_t ext4_write_checks(struct kiocb *iocb, struct iov_iter *from)
 	if (count <= 0)
 		return count;
 
-	ret = file_modified(iocb->ki_filp);
+	ret = file_remove_privs(iocb->ki_filp);
 	if (ret)
 		return ret;
 	return count;
@@ -269,7 +269,11 @@ static ssize_t ext4_buffered_write_iter(struct kiocb *iocb,
 	current->backing_dev_info = inode_to_bdi(inode);
 	ret = generic_perform_write(iocb, from);
 	current->backing_dev_info = NULL;
-
+	if (ret > 0) {
+		ssize_t ret2 = file_update_time(iocb->ki_filp);
+		if (ret2)
+			ret = ret2;
+	}
 out:
 	inode_unlock(inode);
 	if (likely(ret > 0)) {
@@ -455,7 +459,7 @@ static ssize_t ext4_dio_write_checks(struct kiocb *iocb, struct iov_iter *from,
 		goto restart;
 	}
 
-	ret = file_modified(file);
+	ret = file_remove_privs(file);
 	if (ret < 0)
 		goto out;
 
@@ -572,6 +576,11 @@ static ssize_t ext4_dio_write_iter(struct kiocb *iocb, struct iov_iter *from)
 	if (extend)
 		ret = ext4_handle_inode_extension(inode, offset, ret, count);
 
+	if (ret > 0) {
+		ssize_t ret2 = file_update_time(iocb->ki_filp);
+		if (ret2)
+			ret = ret2;
+	}
 out:
 	if (ilock_shared)
 		inode_unlock_shared(inode);
@@ -653,6 +662,11 @@ ext4_dax_write_iter(struct kiocb *iocb, struct iov_iter *from)
 
 	if (extend)
 		ret = ext4_handle_inode_extension(inode, offset, ret, count);
+	if (ret > 0) {
+		ssize_t ret2 = file_update_time(iocb->ki_filp);
+		if (ret2)
+			ret = ret2;
+	}
 out:
 	inode_unlock(inode);
 	if (ret > 0)
-- 
2.37.3

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ