tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

splice: move permission hook out of splice_file_to_pipe()

vfs_splice_read() has a permission hook inside rw_verify_area() and
it is called from splice_file_to_pipe(), which is called from
do_splice() and do_sendfile().

do_sendfile() already has a rw_verify_area() check for the entire range.
do_splice() has a rw_verify_check() for the splice to file case, not for
the splice from file case.

Add the rw_verify_area() check for splice from file case in do_splice()
and use a variant of vfs_splice_read() without rw_verify_area() check
in splice_file_to_pipe() to avoid the redundant rw_verify_area() checks.

This is needed for fanotify "pre content" events.

Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Link: https://lore.kernel.org/r/20231122122715.2561213-5-amir73il@gmail.com
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Jan Kara <jack@suse.cz>
Signed-off-by: Christian Brauner <brauner@kernel.org>

authored by

Amir Goldstein and committed by
Christian Brauner b70d8e2b feebea75

+5 -1
+5 -1
fs/splice.c
··· 1239 1239 pipe_lock(opipe); 1240 1240 ret = wait_for_space(opipe, flags); 1241 1241 if (!ret) 1242 - ret = vfs_splice_read(in, offset, opipe, len, flags); 1242 + ret = do_splice_read(in, offset, opipe, len, flags); 1243 1243 pipe_unlock(opipe); 1244 1244 if (ret > 0) 1245 1245 wakeup_pipe_readers(opipe); ··· 1315 1315 } else { 1316 1316 offset = in->f_pos; 1317 1317 } 1318 + 1319 + ret = rw_verify_area(READ, in, &offset, len); 1320 + if (unlikely(ret < 0)) 1321 + return ret; 1318 1322 1319 1323 if (out->f_flags & O_NONBLOCK) 1320 1324 flags |= SPLICE_F_NONBLOCK;