On Fri 07-12-18 11:24:47, Alexander Lochmann wrote: > Am 05.12.18 um 16:32 schrieb Jan Kara: > > > > Thinking more about this I'm not sure if this is actually the right > > solution. Because for example the write(2) can set S_NOSEC flag wrongly > > when it would race with chmod adding SUID bit. So probably we rather need > > to acquire i_rwsem in blkdev_write_iter() if file does not have S_NOSEC set > > (we don't want to acquire it unconditionally as that would heavily impact > > scalability of block device writes). > > > > Honza > > > Trying to implement your suggestion, I'm not sure which inode to use: > In blkdev_write_iter() there is the "bd_inode = bdev_file_inode(file)". > file_remove_privs() uses "inode = file_inode(file)" as a parameter for > inode_has_no_xattr(). > So, do file->f_mapping->host and f->f_inode refer to the identical inode? Ah, that's a good question and I forgot to warn you. Sorry for that and my respect for noticing this yourself :). For block devices f->f_inode refers to the device inode in the filesystem (i.e., where xattrs are attached to, permissions are stored, etc.). file->f_mapping->host refers to the inode carrying data - this split is needed so that if there are more instances of device inode in the system for the same block device, they see data coherently. So you need to use file_inode(file) for the locking. Thanks! Honza -- Jan Kara <jack@xxxxxxxx> SUSE Labs, CR