[PATCH] cachefiles: Fix non-taking of sb_writers around set/removexattr

From: David Howells
Date: Wed Jul 24 2024 - 05:33:54 EST

Next message: Konrad Dybcio: "Re: [PATCH v2 3/3] ARM: dts: qcom: pma8084: add pon node"
Previous message: Thomas Weißschuh: "Re: [PATCH v2] sysctl: treewide: constify the ctl_table argument of proc_handlers"
Next in thread: David Howells: "Re: [PATCH] cachefiles: Fix non-taking of sb_writers around set/removexattr"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Unlike other vfs_xxxx() calls, vfs_setxattr() and vfs_removexattr() don't
take the sb_writers lock, so the caller should do it for them.

Fix cachefiles to do this.

Signed-off-by: David Howells <dhowells@xxxxxxxxxx>
cc: Christian Brauner <brauner@xxxxxxxxxx>
cc: Gao Xiang <xiang@xxxxxxxxxx>
cc: netfs@xxxxxxxxxxxxxxx
cc: linux-erofs@xxxxxxxxxxxxxxxx
cc: linux-fsdevel@xxxxxxxxxxxxxxx
---
fs/cachefiles/xattr.c | 34 ++++++++++++++++++++++++++--------
1 file changed, 26 insertions(+), 8 deletions(-)

diff --git a/fs/cachefiles/xattr.c b/fs/cachefiles/xattr.c
index 4dd8a993c60a..7c6f260a3be5 100644
--- a/fs/cachefiles/xattr.c
+++ b/fs/cachefiles/xattr.c
@@ -64,9 +64,15 @@ int cachefiles_set_object_xattr(struct cachefiles_object *object)
memcpy(buf->data, fscache_get_aux(object->cookie), len);

ret = cachefiles_inject_write_error();
- if (ret == 0)
- ret = vfs_setxattr(&nop_mnt_idmap, dentry, cachefiles_xattr_cache,
- buf, sizeof(struct cachefiles_xattr) + len, 0);
+ if (ret == 0) {
+ ret = mnt_want_write_file(file);
+ if (ret == 0) {
+ ret = vfs_setxattr(&nop_mnt_idmap, dentry,
+ cachefiles_xattr_cache, buf,
+ sizeof(struct cachefiles_xattr) + len, 0);
+ mnt_drop_write_file(file);
+ }
+ }
if (ret < 0) {
trace_cachefiles_vfs_error(object, file_inode(file), ret,
cachefiles_trace_setxattr_error);
@@ -151,8 +157,14 @@ int cachefiles_remove_object_xattr(struct cachefiles_cache *cache,
int ret;

ret = cachefiles_inject_remove_error();
- if (ret == 0)
- ret = vfs_removexattr(&nop_mnt_idmap, dentry, cachefiles_xattr_cache);
+ if (ret == 0) {
+ ret = mnt_want_write(cache->mnt);
+ if (ret == 0) {
+ ret = vfs_removexattr(&nop_mnt_idmap, dentry,
+ cachefiles_xattr_cache);
+ mnt_drop_write(cache->mnt);
+ }
+ }
if (ret < 0) {
trace_cachefiles_vfs_error(object, d_inode(dentry), ret,
cachefiles_trace_remxattr_error);
@@ -208,9 +220,15 @@ bool cachefiles_set_volume_xattr(struct cachefiles_volume *volume)
memcpy(buf->data, p, volume->vcookie->coherency_len);

ret = cachefiles_inject_write_error();
- if (ret == 0)
- ret = vfs_setxattr(&nop_mnt_idmap, dentry, cachefiles_xattr_cache,
- buf, len, 0);
+ if (ret == 0) {
+ ret = mnt_want_write(volume->cache->mnt);
+ if (ret == 0) {
+ ret = vfs_setxattr(&nop_mnt_idmap, dentry,
+ cachefiles_xattr_cache,
+ buf, len, 0);
+ mnt_drop_write(volume->cache->mnt);
+ }
+ }
if (ret < 0) {
trace_cachefiles_vfs_error(NULL, d_inode(dentry), ret,
cachefiles_trace_setxattr_error);

Next message: Konrad Dybcio: "Re: [PATCH v2 3/3] ARM: dts: qcom: pma8084: add pon node"
Previous message: Thomas Weißschuh: "Re: [PATCH v2] sysctl: treewide: constify the ctl_table argument of proc_handlers"
Next in thread: David Howells: "Re: [PATCH] cachefiles: Fix non-taking of sb_writers around set/removexattr"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]