Received: by 2002:ab2:7b86:0:b0:1f7:5705:b850 with SMTP id q6csp229370lqh; Fri, 3 May 2024 21:49:59 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCXawL2BXc+ky05YAVjf+rlF7xC2T+ZVUwPvRC2VZF/E0zNzwUYC9QUhRcZ9JRqbFseAmtYUknDmkfXir6wiIzNbwFXOQFDxYgAaGFi6GA== X-Google-Smtp-Source: AGHT+IHGVRuquu6HBV321LhFB0TGhSk3K1WF1QHsSjB16ZMZeuNVcwky3kVEcDUxuiGzL5o7O3++ X-Received: by 2002:a05:6808:612:b0:3c8:7057:eb1b with SMTP id y18-20020a056808061200b003c87057eb1bmr4878077oih.40.1714798198983; Fri, 03 May 2024 21:49:58 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1714798198; cv=pass; d=google.com; s=arc-20160816; b=SDDOxHtK2tok/y5lCuDSOY8XFfN9n+oAJ6WoULEqkX5E+2gkV0QI/NkoIrWFutBnAA pgE1JA19PjRUXvwDIURoWXB+OOkIPTqgEHi6aTb1SMGrrkLSNGa0Zih+1YigE1CxqwWK 47l27VP6QLVsmuBVcrb+44kMHbeLLP2gu+iZ9U4FVUdAxNC/X9cVkrnfEGW+5xb7Xu28 HOQs4cYdibTiTeVyqwqBni8g96T++JR1wf8hJ8Xj+A6iRAQkEHW1XHw78VLyPAiwB99R f455VEhg+T0ycJqonE+tRbjM9cO8uODie2cRudpC3H02Ps2SYbyVO/+BGdiMTAmdlxqx cQXw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=to:subject:message-id:date:from:mime-version:list-unsubscribe :list-subscribe:list-id:precedence; bh=vHLa8FlW4Yvbca+CsP0omcGEpUmDjfstJmGOttvUc+k=; fh=gwC3kDpGGzqBJoiS+S5hsmO9XlngFg7bAu+l2VDYa3A=; b=ynLWhmhrpLxL+Gcid+/JF1B2sSI7mVUp/5VCf2BSHvnqZHujAb+HzI0bmx1xy19Dik hN63COSgsXYgvOr9kBg8rrb9RFVOqL+Oz7lE7Uvjm+CAzTrihgrrhYFTz7+WtZUcqlrs IYyqDDA/ZJnmpOw3kEON2Gq2w6TYdgPqAbFnzyNczhBZKdrm4cLCfWVVIetvQFK/DT7f scFE4qPKLamRxLzecbiapGRjJ9+aq9E36/aLkE5hEcamzuY7UXYZI/UDaWJFCZ4LpmwL YcM0orYUYR7fZR5bp3RJ6bKXNL19e45ITwZivcNzl1xFBwuGab/fV1dGppSg8TidowM5 I/Fg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1 spf=pass spfdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-168520-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-168520-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=valtier.fr Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id w18-20020a634752000000b005f8008f7174si4059764pgk.674.2024.05.03.21.49.58 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 03 May 2024 21:49:58 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-168520-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; arc=pass (i=1 spf=pass spfdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-168520-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-168520-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=valtier.fr Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 22A43283912 for ; Sat, 4 May 2024 04:49:58 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id EBF5F5234; Sat, 4 May 2024 04:49:49 +0000 (UTC) Received: from mail-yb1-f182.google.com (mail-yb1-f182.google.com [209.85.219.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1215E368; Sat, 4 May 2024 04:49:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.182 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714798189; cv=none; b=tWcHee1EQJ2WEYk19TnjYgNA0E4wloWMoOLv3bLqDV3QHW9Dsv7WDgriY19aDoFDcR8zLsJcOg278AX+//hW0cseJcypvPMILIdqfXtKWYY3nWPPPdkckqXPDYizFWYGrcnwapXX1TdMP2pucgcdlK+jtD8pUa/sVORlDUPRJ0k= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714798189; c=relaxed/simple; bh=AZVXknqp80uNFd8VybaljWByNK6UQCNehWnnHaS7G0A=; h=MIME-Version:From:Date:Message-ID:Subject:To:Content-Type; b=swsAi+5xakTY0cDL+tZfFX0uHHW+F4PP66QFbKu/oSAV3444YFiMsalOl5ofT6ocr1LKLEIdg+Lzwj95Go3+TbUggA/w07VxX64LErqJ5h/jxBA12MCXw/QCzp93dM5QpEWOxv8Qyq5wQjFXa5lU5O+j61xPjo+zN7mitU8tf+M= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=valtier.fr; spf=pass smtp.mailfrom=gmail.com; arc=none smtp.client-ip=209.85.219.182 Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=valtier.fr Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-yb1-f182.google.com with SMTP id 3f1490d57ef6-de60380c04aso407723276.2; Fri, 03 May 2024 21:49:47 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714798187; x=1715402987; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=vHLa8FlW4Yvbca+CsP0omcGEpUmDjfstJmGOttvUc+k=; b=vh5BevOAcGJ0Qdn5kZhx0IVZ+KGxFhITEQh/pagsKUUzUuR+/AgIW2sSKPomDOiewb 6qdp33HUYzltlyQBoXue8XP/R8NJUcdFCzU+JmpwiUFzlsrtuDXvulIZH+6h+uZx9Th1 DaoAaMBWIRx10Y14Jh7EDxVJ4RKK6o4U/oxZQweC5IPU/ZjzaUVExmOOxIeCiZrt1UNM Om2XMPX/GP9NaPUGuBjT+DtIiY4BeUYx/pqCaYyFuepOPVnwPeGA1wp26fmemTwfkNrc T0ykoDxhAY/Tdnw9YxG3gKwMoSkDPEUPNdSurQccJWTWGkTSh4PkY6zXf7pLTwUL70Xz CxNg== X-Forwarded-Encrypted: i=1; AJvYcCVSAnxiSbNunU7l5tgX2xVWdRHPEhN9us4EWpe4H27bOGWh1EKXFEDi1bLri7Y7ECt0s+yEXDYCi2s16dOQUNeIgNCnl9pCLOMp9L3zwoYKAI6wADQ7TIBf0mYq2gctjAN8Yn9no8oQUUhgtQ== X-Gm-Message-State: AOJu0Yy7URl1cxYTrHcl9GmdWKFHZZz93613uKqrgaTjMvjZ9m+RYlCL 8d1FMYSuR09q78wrmu6oxp7B6s1s6/AGSmUI/gzNtxkU/tBpIF/9NtlyZ7JsY0LuuPZORw1BXLL xpoaJtPDUloN5LfqBIqHyl/h0o5w= X-Received: by 2002:a25:c74e:0:b0:de5:4b25:8054 with SMTP id w75-20020a25c74e000000b00de54b258054mr4466918ybe.65.1714798187040; Fri, 03 May 2024 21:49:47 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Hugo Valtier Date: Sat, 4 May 2024 06:49:16 +0200 Message-ID: Subject: bug in may_dedupe_file allows to deduplicate files we aren't allowed to write to To: mfasheh@suse.de, viro@zeniv.linux.org.uk, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" For context I am making a file based deduplication tool. I found that in this commit 5de4480ae7f8 ("vfs: allow dedupe of user owned read-only files") it states: > - the process could get write access However the behavior added in allow_file_dedupe now may_dedupe_file is opposite: > + if (!inode_permission(file_inode(file), MAY_WRITE)) > + return true I've tested that I can create an other readonly file as root and have my unprivileged user deduplicate it however if I then make the file other writeable I cannot anymore*. It doesn't make sense to me why giving write permissions on a file should remove the permission to deduplicate*. I'm not sure on how to fix this, flipping the condition would work but that is a breaking change and idk if this is ok here. Adding a check to also users who have write access to the file would remove all the logic here since you would always be allowed to dedup FDs you managed to get your hands on. Any input on this welcome, thx *without opening the file in write mode which I don't want to do because it can prevent execution of files which is the exact thing is 5de4480ae7f8 were trying to address in the first place