From: Darrick J. Wong <darrick.wong@xxxxxxxxxx> Create a new VFS helper to handle inode metadata updates when remapping into a file. If the operation can possibly alter the file contents, we must update the ctime and mtime and remove security privileges, just like we do for regular file writes. Wire up ocfs2 to ensure consistent behavior. Signed-off-by: Darrick J. Wong <darrick.wong@xxxxxxxxxx> Reviewed-by: Amir Goldstein <amir73il@xxxxxxxxx> --- fs/read_write.c | 28 ++++++++++++++++++++++++++++ fs/xfs/xfs_reflink.c | 23 ----------------------- 2 files changed, 28 insertions(+), 23 deletions(-) diff --git a/fs/read_write.c b/fs/read_write.c index ebcbfc4f2907..3f6392f1d5d4 100644 --- a/fs/read_write.c +++ b/fs/read_write.c @@ -1737,6 +1737,30 @@ static int generic_remap_check_len(struct inode *inode_in, return 0; } +/* Update inode timestamps and remove security privileges when remapping. */ +static int generic_remap_file_range_target(struct file *file, + unsigned int remap_flags) +{ + int ret; + + /* If can't alter the file contents, we're done. */ + if (remap_flags & REMAP_FILE_DEDUP) + return 0; + + /* Update the timestamps, since we can alter file contents. */ + if (!(file->f_mode & FMODE_NOCMTIME)) { + ret = file_update_time(file); + if (ret) + return ret; + } + + /* + * Clear the security bits if the process is not being run by root. + * This keeps people from modifying setuid and setgid binaries. + */ + return file_remove_privs(file); +} + /* * Check that the two inodes are eligible for cloning, the ranges make * sense, and then flush all dirty data. Caller must ensure that the @@ -1820,6 +1844,10 @@ int generic_remap_file_range_prep(struct file *file_in, loff_t pos_in, if (ret) return ret; + ret = generic_remap_file_range_target(file_out, remap_flags); + if (ret) + return ret; + return 1; } EXPORT_SYMBOL(generic_remap_file_range_prep); diff --git a/fs/xfs/xfs_reflink.c b/fs/xfs/xfs_reflink.c index 29aab196ce7e..2d7dd8b28d7c 100644 --- a/fs/xfs/xfs_reflink.c +++ b/fs/xfs/xfs_reflink.c @@ -1372,29 +1372,6 @@ xfs_reflink_remap_prep( truncate_inode_pages_range(&inode_out->i_data, pos_out, PAGE_ALIGN(pos_out + *len) - 1); - /* If we're altering the file contents... */ - if (!(remap_flags & REMAP_FILE_DEDUP)) { - /* - * ...update the timestamps (which will grab the ilock again - * from xfs_fs_dirty_inode, so we have to call it before we - * take the ilock). - */ - if (!(file_out->f_mode & FMODE_NOCMTIME)) { - ret = file_update_time(file_out); - if (ret) - goto out_unlock; - } - - /* - * ...clear the security bits if the process is not being run - * by root. This keeps people from modifying setuid and setgid - * binaries. - */ - ret = file_remove_privs(file_out); - if (ret) - goto out_unlock; - } - return 1; out_unlock: xfs_reflink_remap_unlock(file_in, file_out);