From nobody Mon Sep 26 21:22:58 2022 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Mbwhf5FGCz4V6R1; Mon, 26 Sep 2022 21:22:58 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Mbwhf4Nsvz3pRP; Mon, 26 Sep 2022 21:22:58 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1664227378; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=KauRFZA9y04+zegixVhd2GGx3C/1FTF/4ucgcyRdb7U=; b=K3HNbvfxkuSWjqSn4x1roxs7kj3AOwSPPKx5i5Ud4hduKK3saxxXjNoBilbXrWbrtziegp lUP1HZR0AKXkcgP/j7lu0Dz2GIu1xnK/jY0MJZIF80a12wnxuFEHepYvKQsifDnrRhLB8w zJfMWi1BP8/GeA+wAtmPJvvGRpdYy7FIvVjKZp/dBN/WJ7cNweXat+Cb1CAWSgY/hdZalh sTxAscuqfENFMyPNiRwDMzmm30HdxW8bfna0BJ/LtOP//wHtOAvwoCobWjDZ5j27YBKmMp FOl9yf4QFLa+OXYsfAC80BHDiYgkiJbtR84hK8LWYd/fGvdy3MQCo55Xwammew== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Mbwhf3RN4ztx0; Mon, 26 Sep 2022 21:22:58 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 28QLMw2a087337; Mon, 26 Sep 2022 21:22:58 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 28QLMw4r087336; Mon, 26 Sep 2022 21:22:58 GMT (envelope-from git) Date: Mon, 26 Sep 2022 21:22:58 GMT Message-Id: <202209262122.28QLMw4r087336@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Alan Somers Subject: git: 52360ca32ff9 - main - copy_file_range: truncate write if it would exceed RLIMIT_FSIZE List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: asomers X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 52360ca32ff90b605ac7481fd79e6a251e8b5116 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1664227378; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=KauRFZA9y04+zegixVhd2GGx3C/1FTF/4ucgcyRdb7U=; b=Y6w09/MFnRzvBxUY2ey+rFLgHsOl9mcf6vCltkAk/vlDxJcYR/XFA5O+GPIPV3LJXMTn11 qLHPSLuo/oKXRn270yx5ewCnmlv1tNhxuRgPXr5GKM6dqDzdPXhbUCqeYBqeBLRweRb3DT O/ZS92TpmQ8OJEsslAua4ALcGSZRxuC9AZOQsef1ZIEJ22k6P61rpoEnJiDkyHq05zezCr wbn2eRWw+m4VJDwnTLDG0F/tqcAEBNFnTGYkTY6w44+9IjeT+K5sAkNlG46PqeAnFMcqNd lPT6IwinxvO+f7KxCoXV8mxUwKRCrJFLMkDFJINpZA221+qYzGySqduKgyhxlg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1664227378; a=rsa-sha256; cv=none; b=oBjitQUWtgrjvzzhk855WMuUHVYBqsJlY2A/3aFzHQ1jQBuo6jmDyBPISgppWBLZ7XSYaB VLny5+ZUOEGWacZuIds/2f6P56tLFQntR7CcHghTFgwULGjlSzkD8OAngyySbYNz+aCdZh 0nyYXoTPljL/7Fgn7oF/FjjilT8YtGejjNQqqiDJU+oDm0d6Gql3+oAvOrAnqwl+E9Hu3M +O9sGrA2AlDLZYbAwEx8kMQxWbJzO6KV04FBN2Uz34sLhdKdAir+elTulaF7jhYVSFkV0G 2QGGoN2roMD5ZZiUSs7xDPHzyGSnAsMpUdGbwXXIp5j8Opb+wTxk4YucWkYcOA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by asomers: URL: https://cgit.FreeBSD.org/src/commit/?id=52360ca32ff90b605ac7481fd79e6a251e8b5116 commit 52360ca32ff90b605ac7481fd79e6a251e8b5116 Author: Alan Somers AuthorDate: 2022-09-25 22:53:36 +0000 Commit: Alan Somers CommitDate: 2022-09-26 21:22:29 +0000 copy_file_range: truncate write if it would exceed RLIMIT_FSIZE PR: 266611 MFC after: 2 weeks Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D36706 --- sys/fs/fuse/fuse_vnops.c | 15 +++-- sys/fs/nfsclient/nfs_clvnops.c | 8 ++- sys/kern/vfs_vnops.c | 14 ++-- tests/sys/fs/fusefs/copy_file_range.cc | 113 +++++++++++++++++++++++++-------- 4 files changed, 115 insertions(+), 35 deletions(-) diff --git a/sys/fs/fuse/fuse_vnops.c b/sys/fs/fuse/fuse_vnops.c index 6fa9a2b248c6..f96fc95dba30 100644 --- a/sys/fs/fuse/fuse_vnops.c +++ b/sys/fs/fuse/fuse_vnops.c @@ -811,6 +811,7 @@ fuse_vnop_copy_file_range(struct vop_copy_file_range_args *ap) struct thread *td; struct uio io; off_t outfilesize; + ssize_t r = 0; pid_t pid; int err; @@ -858,11 +859,11 @@ fuse_vnop_copy_file_range(struct vop_copy_file_range_args *ap) if (err) goto unlock; + io.uio_resid = *ap->a_lenp; if (ap->a_fsizetd) { io.uio_offset = *ap->a_outoffp; - io.uio_resid = *ap->a_lenp; - err = vn_rlimit_fsize(outvp, &io, ap->a_fsizetd); - if (err) + err = vn_rlimit_fsizex(outvp, &io, 0, &r, ap->a_fsizetd); + if (err != 0) goto unlock; } @@ -871,7 +872,7 @@ fuse_vnop_copy_file_range(struct vop_copy_file_range_args *ap) goto unlock; err = fuse_inval_buf_range(outvp, outfilesize, *ap->a_outoffp, - *ap->a_outoffp + *ap->a_lenp); + *ap->a_outoffp + io.uio_resid); if (err) goto unlock; @@ -883,7 +884,7 @@ fuse_vnop_copy_file_range(struct vop_copy_file_range_args *ap) fcfri->nodeid_out = VTOI(outvp); fcfri->fh_out = outfufh->fh_id; fcfri->off_out = *ap->a_outoffp; - fcfri->len = *ap->a_lenp; + fcfri->len = io.uio_resid; fcfri->flags = 0; err = fdisp_wait_answ(&fdi); @@ -915,6 +916,10 @@ fallback: ap->a_incred, ap->a_outcred, ap->a_fsizetd); } + /* + * No need to call vn_rlimit_fsizex_res before return, since the uio is + * local. + */ return (err); } diff --git a/sys/fs/nfsclient/nfs_clvnops.c b/sys/fs/nfsclient/nfs_clvnops.c index 817c1093374c..4c6a3b527049 100644 --- a/sys/fs/nfsclient/nfs_clvnops.c +++ b/sys/fs/nfsclient/nfs_clvnops.c @@ -3889,6 +3889,7 @@ nfs_copy_file_range(struct vop_copy_file_range_args *ap) struct uio io; struct nfsmount *nmp; size_t len, len2; + ssize_t r; int error, inattrflag, outattrflag, ret, ret2; off_t inoff, outoff; bool consecutive, must_commit, tryoutcred; @@ -3937,7 +3938,12 @@ nfs_copy_file_range(struct vop_copy_file_range_args *ap) */ io.uio_offset = *ap->a_outoffp; io.uio_resid = *ap->a_lenp; - error = vn_rlimit_fsize(outvp, &io, ap->a_fsizetd); + error = vn_rlimit_fsizex(outvp, &io, 0, &r, ap->a_fsizetd); + *ap->a_lenp = io.uio_resid; + /* + * No need to call vn_rlimit_fsizex_res before return, since the uio is + * local. + */ /* * Flush the input file so that the data is up to date before diff --git a/sys/kern/vfs_vnops.c b/sys/kern/vfs_vnops.c index 21f3f99a6741..1c7db3852776 100644 --- a/sys/kern/vfs_vnops.c +++ b/sys/kern/vfs_vnops.c @@ -3261,12 +3261,11 @@ vn_generic_copy_file_range(struct vnode *invp, off_t *inoffp, { struct vattr va, inva; struct mount *mp; - struct uio io; off_t startoff, endoff, xfer, xfer2; u_long blksize; int error, interrupted; bool cantseek, readzeros, eof, lastblock, holetoeof; - ssize_t aresid; + ssize_t aresid, r = 0; size_t copylen, len, rem, savlen; char *dat; long holein, holeout; @@ -3295,13 +3294,20 @@ vn_generic_copy_file_range(struct vnode *invp, off_t *inoffp, error = vn_lock(outvp, LK_EXCLUSIVE); if (error == 0) { /* - * If fsize_td != NULL, do a vn_rlimit_fsize() call, + * If fsize_td != NULL, do a vn_rlimit_fsizex() call, * now that outvp is locked. */ if (fsize_td != NULL) { + struct uio io; + io.uio_offset = *outoffp; io.uio_resid = len; - error = vn_rlimit_fsize(outvp, &io, fsize_td); + error = vn_rlimit_fsizex(outvp, &io, 0, &r, fsize_td); + len = savlen = io.uio_resid; + /* + * No need to call vn_rlimit_fsizex_res before return, + * since the uio is local. + */ } if (VOP_PATHCONF(outvp, _PC_MIN_HOLE_SIZE, &holeout) != 0) holeout = 0; diff --git a/tests/sys/fs/fusefs/copy_file_range.cc b/tests/sys/fs/fusefs/copy_file_range.cc index 7e1189648de3..84101ca6c984 100644 --- a/tests/sys/fs/fusefs/copy_file_range.cc +++ b/tests/sys/fs/fusefs/copy_file_range.cc @@ -44,22 +44,6 @@ using namespace testing; class CopyFileRange: public FuseTest { public: -static sig_atomic_t s_sigxfsz; - -void SetUp() { - s_sigxfsz = 0; - FuseTest::SetUp(); -} - -void TearDown() { - struct sigaction sa; - - bzero(&sa, sizeof(sa)); - sa.sa_handler = SIG_DFL; - sigaction(SIGXFSZ, &sa, NULL); - - FuseTest::TearDown(); -} void expect_maybe_lseek(uint64_t ino) { @@ -114,12 +98,6 @@ void expect_write(uint64_t ino, uint64_t offset, uint64_t isize, }; -sig_atomic_t CopyFileRange::s_sigxfsz = 0; - -void sigxfsz_handler(int __unused sig) { - CopyFileRange::s_sigxfsz = 1; -} - class CopyFileRange_7_27: public CopyFileRange { public: @@ -137,6 +115,37 @@ virtual void SetUp() { } }; +class CopyFileRangeRlimitFsize: public CopyFileRange { +public: +static sig_atomic_t s_sigxfsz; +struct rlimit m_initial_limit; + +virtual void SetUp() { + s_sigxfsz = 0; + getrlimit(RLIMIT_FSIZE, &m_initial_limit); + CopyFileRange::SetUp(); +} + +void TearDown() { + struct sigaction sa; + + setrlimit(RLIMIT_FSIZE, &m_initial_limit); + + bzero(&sa, sizeof(sa)); + sa.sa_handler = SIG_DFL; + sigaction(SIGXFSZ, &sa, NULL); + + FuseTest::TearDown(); +} + +}; + +sig_atomic_t CopyFileRangeRlimitFsize::s_sigxfsz = 0; + +void sigxfsz_handler(int __unused sig) { + CopyFileRangeRlimitFsize::s_sigxfsz = 1; +} + TEST_F(CopyFileRange, eio) { const char FULLPATH1[] = "mountpoint/src.txt"; @@ -313,8 +322,11 @@ TEST_F(CopyFileRange, fallback) ASSERT_EQ(len, copy_file_range(fd1, &start1, fd2, &start2, len, 0)); } -/* fusefs should respect RLIMIT_FSIZE */ -TEST_F(CopyFileRange, rlimit_fsize) +/* + * copy_file_range should send SIGXFSZ and return EFBIG when the operation + * would exceed the limit imposed by RLIMIT_FSIZE. + */ +TEST_F(CopyFileRangeRlimitFsize, signal) { const char FULLPATH1[] = "mountpoint/src.txt"; const char RELPATH1[] = "src.txt"; @@ -344,7 +356,7 @@ TEST_F(CopyFileRange, rlimit_fsize) ).Times(0); rl.rlim_cur = fsize2; - rl.rlim_max = 10 * fsize2; + rl.rlim_max = m_initial_limit.rlim_max; ASSERT_EQ(0, setrlimit(RLIMIT_FSIZE, &rl)) << strerror(errno); ASSERT_NE(SIG_ERR, signal(SIGXFSZ, sigxfsz_handler)) << strerror(errno); @@ -355,6 +367,57 @@ TEST_F(CopyFileRange, rlimit_fsize) EXPECT_EQ(1, s_sigxfsz); } +/* + * When crossing the RLIMIT_FSIZE boundary, writes should be truncated, not + * aborted. + * https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=266611 + */ +TEST_F(CopyFileRangeRlimitFsize, truncate) +{ + const char FULLPATH1[] = "mountpoint/src.txt"; + const char RELPATH1[] = "src.txt"; + const char FULLPATH2[] = "mountpoint/dst.txt"; + const char RELPATH2[] = "dst.txt"; + struct rlimit rl; + const uint64_t ino1 = 42; + const uint64_t ino2 = 43; + const uint64_t fh1 = 0xdeadbeef1a7ebabe; + const uint64_t fh2 = 0xdeadc0de88c0ffee; + off_t fsize1 = 1 << 20; /* 1 MiB */ + off_t fsize2 = 1 << 19; /* 512 KiB */ + off_t start1 = 1 << 18; + off_t start2 = fsize2; + ssize_t len = 65536; + off_t limit = start2 + len / 2; + int fd1, fd2; + + expect_lookup(RELPATH1, ino1, S_IFREG | 0644, fsize1, 1); + expect_lookup(RELPATH2, ino2, S_IFREG | 0644, fsize2, 1); + expect_open(ino1, 0, 1, fh1); + expect_open(ino2, 0, 1, fh2); + EXPECT_CALL(*m_mock, process( + ResultOf([=](auto in) { + return (in.header.opcode == FUSE_COPY_FILE_RANGE && + (off_t)in.body.copy_file_range.off_out == start2 && + in.body.copy_file_range.len == (size_t)len / 2 + ); + }, Eq(true)), + _) + ).WillOnce(Invoke(ReturnImmediate([=](auto in __unused, auto& out) { + SET_OUT_HEADER_LEN(out, write); + out.body.write.size = len / 2; + }))); + + rl.rlim_cur = limit; + rl.rlim_max = m_initial_limit.rlim_max; + ASSERT_EQ(0, setrlimit(RLIMIT_FSIZE, &rl)) << strerror(errno); + ASSERT_NE(SIG_ERR, signal(SIGXFSZ, sigxfsz_handler)) << strerror(errno); + + fd1 = open(FULLPATH1, O_RDONLY); + fd2 = open(FULLPATH2, O_WRONLY); + ASSERT_EQ(len / 2, copy_file_range(fd1, &start1, fd2, &start2, len, 0)); +} + TEST_F(CopyFileRange, ok) { const char FULLPATH1[] = "mountpoint/src.txt";