aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMarco Stornelli <marco.stornelli@gmail.com>2011-03-05 05:10:19 -0500
committerAl Viro <viro@zeniv.linux.org.uk>2011-03-10 04:22:15 -0500
commit1ca551c6caae7b52178555cdedea6ca26444be46 (patch)
treecbe1a838712a092f7abe49920a09188ec2403578
parent991ac30d8b30ab6051dff5a7b07d84e6f5efa3a6 (diff)
Check for immutable/append flag in fallocate path
In the fallocate path the kernel doesn't check for the immutable/append flag. It's possible to have a race condition in this scenario: an application open a file in read/write and it does something, meanwhile root set the immutable flag on the file, the application at that point can call fallocate with success. In addition, we don't allow to do any unreserve operation on an append only file but only the reserve one. Signed-off-by: Marco Stornelli <marco.stornelli@gmail.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-rw-r--r--fs/open.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/fs/open.c b/fs/open.c
index 5a2c6ebc22b5..b47aab39c057 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -233,6 +233,14 @@ int do_fallocate(struct file *file, int mode, loff_t offset, loff_t len)
233 233
234 if (!(file->f_mode & FMODE_WRITE)) 234 if (!(file->f_mode & FMODE_WRITE))
235 return -EBADF; 235 return -EBADF;
236
237 /* It's not possible punch hole on append only file */
238 if (mode & FALLOC_FL_PUNCH_HOLE && IS_APPEND(inode))
239 return -EPERM;
240
241 if (IS_IMMUTABLE(inode))
242 return -EPERM;
243
236 /* 244 /*
237 * Revalidate the write permissions, in case security policy has 245 * Revalidate the write permissions, in case security policy has
238 * changed since the files were opened. 246 * changed since the files were opened.