On Sat, Nov 18, 2023 at 8:59 AM Amir Goldstein <amir73il@xxxxxxxxx> wrote: > > On Fri, Nov 17, 2023 at 9:44 PM Josef Bacik <josef@xxxxxxxxxxxxxx> wrote: > > > > On Tue, Nov 14, 2023 at 05:32:39PM +0200, Amir Goldstein wrote: > > > Hi Christian, > > > > > > I realize you won't have time to review this week, but wanted to get > > > this series out for review for a wider audience soon. > > > > > > During my work on fanotify "pre content" events [1], Jan and I noticed > > > some inconsistencies in the call sites of security_file_permission() > > > hooks inside rw_verify_area() and remap_verify_area(). > > > > > > The majority of call sites are before file_start_write(), which is how > > > we want them to be for fanotify "pre content" events. > > > > > > For splice code, there are many duplicate calls to rw_verify_area() > > > for the entire range as well as for partial ranges inside iterator. > > > > > > This cleanup series, mostly following Jan's suggestions, moves all > > > the security_file_permission() hooks before file_start_write() and > > > eliminates duplicate permission hook calls in the same call chain. > > > > > > The last 3 patches are helpers that I used in fanotify patches to > > > assert that permission hooks are called with expected locking scope. > > > > > > My hope is to get this work reviewed and staged in the vfs tree > > > for the 6.8 cycle, so that I can send Jan fanotify patches for > > > "pre content" events based on a stable branch in the vfs tree. > > > > > > Thanks, > > > Amir. > > > > Amir, > > > > The last 3 patches didn't make it onto lore for some reason, so I can't review > > the last 3. Thanks, > > > > Sorry for the mishap. > The entire series was re-posted shortly after to fsdevel: > https://lore.kernel.org/linux-fsdevel/20231114153321.1716028-1-amir73il@xxxxxxxxx/ > > > You can add > > Reviewed-by: Josef Bacik <josef@xxxxxxxxxxxxxx> > > to patches 1-11. > Christian, Here is a status update on this patch set. 1. Patches 1-11 reviewed by Josef - if you can take a look and see they look fine before v2 that would be great 2. Patch 3 ACKed by Chuck [1] 3. Patch 9 should be preceded by this prep patch [2] that was ACKed by coda maintainer 4. Patch 12 is self NACKed by me. I am testing an alternative patch 5. Patches 13-15 (start_write assert helpers) have not been reviewed - they were posted to fsdevel [3] I'll appreciate if you or someone could take a look Once I get your feedback on patched 1-11,13-15 I can post v2 with the patch 9 prep patch and the alternative fix for patch 12. Thanks, Amir. [1] https://lore.kernel.org/linux-unionfs/ZVObiRlwcKgT0e53@xxxxxxxxxxxxxxxxxxxxxx/ [2] https://lore.kernel.org/linux-fsdevel/20231120095110.2199218-1-amir73il@xxxxxxxxx/ [3] https://lore.kernel.org/linux-fsdevel/20231114153321.1716028-1-amir73il@xxxxxxxxx/
