Hi Christian, During my work on fanotify "pre content" events [1], Jan and I noticed some inconsistencies in the call sites of security_file_permission() hooks inside rw_verify_area() and remap_verify_area(). The majority of call sites are before file_start_write(), which is how we want them to be for fanotify "pre content" events. For splice code, there are many duplicate calls to rw_verify_area() for the entire range as well as for partial ranges inside iterator. This cleanup series, mostly following Jan's suggestions, moves all the security_file_permission() hooks before file_start_write() and eliminates duplicate permission hook calls in the same call chain. The last 3 patches are helpers that I used in fanotify patches to assert that permission hooks are called with expected locking scope. Please stage this work on a stable branch in the vfs tree, so that I will be able to send Jan fanotify patches for "pre content" events based on the stable vfs branch. Thanks, Amir. Changes since v1: - Split coda locking reorder patch (jaharkes) - Fix vfs_iocb_iter_write() file_end_write() bug (Josef) - Fix subtle allow_file_dedupe() bug (+rename) (brauner) - Fix some minor review nits (brauner) - Added RVB from Josef and Chuck [1] https://github.com/amir73il/linux/commits/fan_pre_content Amir Goldstein (16): ovl: add permission hooks outside of do_splice_direct() splice: remove permission hook from do_splice_direct() splice: move permission hook out of splice_direct_to_actor() splice: move permission hook out of splice_file_to_pipe() splice: remove permission hook from iter_file_splice_write() remap_range: move permission hooks out of do_clone_file_range() remap_range: move file_start_write() to after permission hook btrfs: move file_start_write() to after permission hook coda: change locking order in coda_file_write_iter() fs: move file_start_write() into vfs_iter_write() fs: move permission hook out of do_iter_write() fs: move permission hook out of do_iter_read() fs: move kiocb_start_write() into vfs_iocb_iter_write() fs: create __sb_write_started() helper fs: create file_write_started() helper fs: create {sb,file}_write_not_started() helpers drivers/block/loop.c | 2 - fs/btrfs/ioctl.c | 12 +-- fs/cachefiles/io.c | 5 +- fs/coda/file.c | 2 - fs/internal.h | 8 +- fs/nfsd/vfs.c | 7 +- fs/overlayfs/copy_up.c | 26 +++++- fs/overlayfs/file.c | 10 +-- fs/read_write.c | 177 ++++++++++++++++++++++++++++------------- fs/remap_range.c | 37 +++++---- fs/splice.c | 78 ++++++++++-------- include/linux/fs.h | 62 ++++++++++++++- 12 files changed, 297 insertions(+), 129 deletions(-) -- 2.34.1
