git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Amir Goldstein <amir73il@gmail.com>
	Wed, 22 Nov 2023 12:27:02 +0000 (14:27 +0200)
committer	Christian Brauner <brauner@kernel.org>
	Fri, 24 Nov 2023 08:22:28 +0000 (09:22 +0100)
commit	feebea75bdf499aefd11d0df7b02d384a9f92fc1
tree	37614e8252ee18bc4931d95e8ed8491fdf7e292a	tree \| snapshot
parent	2a33e2ddc6ebf9b5468091aded8a38f57de9a580	commit \| diff

splice: move permission hook out of splice_direct_to_actor()

vfs_splice_read() has a permission hook inside rw_verify_area() and
it is called from do_splice_direct() -> splice_direct_to_actor().

The callers of do_splice_direct() (e.g. vfs_copy_file_range()) already
call rw_verify_area() for the entire range, but the other caller of
splice_direct_to_actor() (nfsd) does not.

Add the rw_verify_area() checks in nfsd_splice_read() and use a
variant of vfs_splice_read() without rw_verify_area() check in
splice_direct_to_actor() to avoid the redundant rw_verify_area() checks.

This is needed for fanotify "pre content" events.

Acked-by: Chuck Lever <chuck.lever@oracle.com>
Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Link: https://lore.kernel.org/r/20231122122715.2561213-4-amir73il@gmail.com
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Jan Kara <jack@suse.cz>
Signed-off-by: Christian Brauner <brauner@kernel.org>

fs/nfsd/vfs.c		diff \| blob \| blame \| history
fs/splice.c		diff \| blob \| blame \| history