diff options
author | Darrick J. Wong <darrick.wong@oracle.com> | 2018-10-05 11:05:41 +0200 |
---|---|---|
committer | Dave Chinner <david@fromorbit.com> | 2018-10-05 11:05:41 +0200 |
commit | 7debbf015f580693680f3d2a3cef0cf99dcef688 (patch) | |
tree | 2eb677c3e75003c186aeb04b3d02017db1139117 /fs/xfs | |
parent | xfs: zero posteof blocks when cloning above eof (diff) | |
download | linux-7debbf015f580693680f3d2a3cef0cf99dcef688.tar.xz linux-7debbf015f580693680f3d2a3cef0cf99dcef688.zip |
xfs: update ctime and remove suid before cloning files
Before cloning into a file, update the ctime and remove sensitive
attributes like suid, just like we'd do for a regular file write.
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Reviewed-by: Dave Chinner <dchinner@redhat.com>
Signed-off-by: Dave Chinner <david@fromorbit.com>
Diffstat (limited to 'fs/xfs')
-rw-r--r-- | fs/xfs/xfs_reflink.c | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/fs/xfs/xfs_reflink.c b/fs/xfs/xfs_reflink.c index f135748d8282..59da9708e9c1 100644 --- a/fs/xfs/xfs_reflink.c +++ b/fs/xfs/xfs_reflink.c @@ -1264,6 +1264,7 @@ xfs_reflink_zero_posteof( * Prepare two files for range cloning. Upon a successful return both inodes * will have the iolock and mmaplock held, the page cache of the out file * will be truncated, and any leases on the out file will have been broken. + * This function borrows heavily from xfs_file_aio_write_checks. */ STATIC int xfs_reflink_remap_prep( @@ -1327,6 +1328,30 @@ xfs_reflink_remap_prep( /* Zap any page cache for the destination file's range. */ truncate_inode_pages_range(&inode_out->i_data, pos_out, PAGE_ALIGN(pos_out + *len) - 1); + + /* If we're altering the file contents... */ + if (!is_dedupe) { + /* + * ...update the timestamps (which will grab the ilock again + * from xfs_fs_dirty_inode, so we have to call it before we + * take the ilock). + */ + if (!(file_out->f_mode & FMODE_NOCMTIME)) { + ret = file_update_time(file_out); + if (ret) + goto out_unlock; + } + + /* + * ...clear the security bits if the process is not being run + * by root. This keeps people from modifying setuid and setgid + * binaries. + */ + ret = file_remove_privs(file_out); + if (ret) + goto out_unlock; + } + return 1; out_unlock: xfs_reflink_remap_unlock(file_in, file_out); |