git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Amir Goldstein <amir73il@gmail.com>
	Wed, 22 Nov 2023 12:27:00 +0000 (14:27 +0200)
committer	Christian Brauner <brauner@kernel.org>
	Fri, 24 Nov 2023 08:22:27 +0000 (09:22 +0100)
commit	ca7ab482401cf0a7497dad05f4918dc64115538b
tree	dff3708b4be563be90cd742e5c69a50bd053ffd3	tree \| snapshot
parent	0db1d53937fafa8bb96e077375691e16902f4899	commit \| diff

ovl: add permission hooks outside of do_splice_direct()

The main callers of do_splice_direct() also call rw_verify_area() for
the entire range that is being copied, e.g. by vfs_copy_file_range()
or do_sendfile() before calling do_splice_direct().

The only caller that does not have those checks for entire range is
ovl_copy_up_file(). In preparation for removing the checks inside
do_splice_direct(), add rw_verify_area() call in ovl_copy_up_file().

For extra safety, perform minimal sanity checks from rw_verify_area()
for non negative offsets also in the copy up do_splice_direct() loop
without calling the file permission hooks.

This is needed for fanotify "pre content" events.

Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Link: https://lore.kernel.org/r/20231122122715.2561213-2-amir73il@gmail.com
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Jan Kara <jack@suse.cz>
Signed-off-by: Christian Brauner <brauner@kernel.org>