fanotify: limit number of listeners per user

fanotify currently has no limit on the number of listeners a given user can
have open.  This patch limits the total number of listeners per user to
128.  This is the same as the inotify default limit.

Signed-off-by: Eric Paris <eparis@redhat.com>

4 files changed, 25 insertions, 1 deletions

diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c
index 85366c78cc37..60c11c306fd9 100644
--- a/fs/notify/fanotify/fanotify.c
+++ b/fs/notify/fanotify/fanotify.c
@@ -200,10 +200,19 @@ static bool fanotify_should_send_event(struct fsnotify_group *group,
         return false;
 }
 
+static void fanotify_free_group_priv(struct fsnotify_group *group)
+{
+        struct user_struct *user;
+
+        user = group->fanotify_data.user;
+        atomic_dec(&user->fanotify_listeners);
+        free_uid(user);
+}
+
 const struct fsnotify_ops fanotify_fsnotify_ops = {
         .handle_event = fanotify_handle_event,
         .should_send_event = fanotify_should_send_event,
-        .free_group_priv = NULL,
+        .free_group_priv = fanotify_free_group_priv,
         .free_event_priv = NULL,
         .freeing_mark = NULL,
 };
diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c
index f9216102b426..a7d9369482d5 100644
--- a/fs/notify/fanotify/fanotify_user.c
+++ b/fs/notify/fanotify/fanotify_user.c
@@ -18,6 +18,7 @@
 
 #define FANOTIFY_DEFAULT_MAX_EVENTS     16384
 #define FANOTIFY_DEFAULT_MAX_MARKS      8192
+#define FANOTIFY_DEFAULT_MAX_LISTENERS  128
 
 extern const struct fsnotify_ops fanotify_fsnotify_ops;
 
@@ -656,6 +657,7 @@ SYSCALL_DEFINE2(fanotify_init, unsigned int, flags, unsigned int, event_f_flags)
 {
         struct fsnotify_group *group;
         int f_flags, fd;
+        struct user_struct *user;
 
         pr_debug("%s: flags=%d event_f_flags=%d\n",
                 __func__, flags, event_f_flags);
@@ -666,6 +668,12 @@ SYSCALL_DEFINE2(fanotify_init, unsigned int, flags, unsigned int, event_f_flags)
         if (flags & ~FAN_ALL_INIT_FLAGS)
                 return -EINVAL;
 
+        user = get_current_user();
+        if (atomic_read(&user->fanotify_listeners) > FANOTIFY_DEFAULT_MAX_LISTENERS) {
+                free_uid(user);
+                return -EMFILE;
+        }
+
         f_flags = O_RDWR | FMODE_NONOTIFY;
         if (flags & FAN_CLOEXEC)
                 f_flags |= O_CLOEXEC;
@@ -677,6 +685,9 @@ SYSCALL_DEFINE2(fanotify_init, unsigned int, flags, unsigned int, event_f_flags)
         if (IS_ERR(group))
                 return PTR_ERR(group);
 
+        group->fanotify_data.user = user;
+        atomic_inc(&user->fanotify_listeners);
+
         group->fanotify_data.f_flags = event_f_flags;
 #ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS
         mutex_init(&group->fanotify_data.access_mutex);
diff --git a/include/linux/fsnotify_backend.h b/include/linux/fsnotify_backend.h
index 49ceed6e92b1..4366f458a86a 100644
--- a/include/linux/fsnotify_backend.h
+++ b/include/linux/fsnotify_backend.h
@@ -170,6 +170,7 @@ struct fsnotify_group {
 #endif /* CONFIG_FANOTIFY_ACCESS_PERMISSIONS */
                         int f_flags;
                         unsigned int max_marks;
+                        struct user_struct *user;
                 } fanotify_data;
 #endif /* CONFIG_FANOTIFY */
         };
diff --git a/include/linux/sched.h b/include/linux/sched.h
index be7adb7588e5..6f420baf37ca 100644
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@@ -672,6 +672,9 @@ struct user_struct {
         atomic_t inotify_watches; /* How many inotify watches does this user have? */
         atomic_t inotify_devs;  /* How many inotify devs does this user have opened? */
 #endif
+#ifdef CONFIG_FANOTIFY
+        atomic_t fanotify_listeners;
+#endif
 #ifdef CONFIG_EPOLL
         atomic_t epoll_watches; /* The number of file descriptors currently watched */
 #endif