diff options
| author | Dave Chinner <dchinner@redhat.com> | 2015-02-01 18:17:51 -0500 |
|---|---|---|
| committer | Dave Chinner <david@fromorbit.com> | 2015-02-01 18:17:51 -0500 |
| commit | 41c145271d79eae508321340b727d3e3c9a66664 (patch) | |
| tree | c22e4607190bca41d2e45445ec41277d41be0aca | |
| parent | fd179b9c3bdab682ae5bb3e10380a31853be179a (diff) | |
xfs: XFS_IOCTL_SETXATTR can run in user namespaces
Currently XFS_IOCTL_SETXATTR will fail if run in a user namespace as
it it not allowed to change project IDs. The current code, however,
also prevents any other change being made as well, so things like
extent size hints cannot be set in user namespaces. This is wrong,
so only disallow access to project IDs and related flags from inside
the init namespace.
Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Brian Foster <bfoster@redhat.com>
Signed-off-by: Dave Chinner <david@fromorbit.com>
| -rw-r--r-- | fs/xfs/xfs_ioctl.c | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/fs/xfs/xfs_ioctl.c b/fs/xfs/xfs_ioctl.c index a1f285411b74..b65817cbc318 100644 --- a/fs/xfs/xfs_ioctl.c +++ b/fs/xfs/xfs_ioctl.c | |||
| @@ -1120,6 +1120,19 @@ xfs_ioctl_setattr( | |||
| 1120 | return -EINVAL; | 1120 | return -EINVAL; |
| 1121 | 1121 | ||
| 1122 | /* | 1122 | /* |
| 1123 | * Project Quota ID state is only allowed to change from within the init | ||
| 1124 | * namespace. Enforce that restriction only if we are trying to change | ||
| 1125 | * the quota ID state. Everything else is allowed in user namespaces. | ||
| 1126 | */ | ||
| 1127 | if (current_user_ns() != &init_user_ns) { | ||
| 1128 | if (xfs_get_projid(ip) != fa->fsx_projid) | ||
| 1129 | return -EINVAL; | ||
| 1130 | if ((fa->fsx_xflags & XFS_XFLAG_PROJINHERIT) != | ||
| 1131 | (ip->i_d.di_flags & XFS_DIFLAG_PROJINHERIT)) | ||
| 1132 | return -EINVAL; | ||
| 1133 | } | ||
| 1134 | |||
| 1135 | /* | ||
| 1123 | * If disk quotas is on, we make sure that the dquots do exist on disk, | 1136 | * If disk quotas is on, we make sure that the dquots do exist on disk, |
| 1124 | * before we start any other transactions. Trying to do this later | 1137 | * before we start any other transactions. Trying to do this later |
| 1125 | * is messy. We don't care to take a readlock to look at the ids | 1138 | * is messy. We don't care to take a readlock to look at the ids |
| @@ -1141,15 +1154,6 @@ xfs_ioctl_setattr( | |||
| 1141 | goto error_free_dquots; | 1154 | goto error_free_dquots; |
| 1142 | } | 1155 | } |
| 1143 | 1156 | ||
| 1144 | /* | ||
| 1145 | * Do a quota reservation only if projid is actually going to change. | ||
| 1146 | * Only allow changing of projid from init_user_ns since it is a | ||
| 1147 | * non user namespace aware identifier. | ||
| 1148 | */ | ||
| 1149 | if (current_user_ns() != &init_user_ns) { | ||
| 1150 | code = -EINVAL; | ||
| 1151 | goto error_return; | ||
| 1152 | } | ||
| 1153 | 1157 | ||
| 1154 | if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_PQUOTA_ON(mp) && | 1158 | if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_PQUOTA_ON(mp) && |
| 1155 | xfs_get_projid(ip) != fa->fsx_projid) { | 1159 | xfs_get_projid(ip) != fa->fsx_projid) { |