diff options
-rw-r--r-- | kernel/sys.c | 16 |
1 files changed, 4 insertions, 12 deletions
diff --git a/kernel/sys.c b/kernel/sys.c index e7dc0e10a485..f145c415bc16 100644 --- a/kernel/sys.c +++ b/kernel/sys.c | |||
@@ -1525,22 +1525,14 @@ SYSCALL_DEFINE2(setrlimit, unsigned int, resource, struct rlimit __user *, rlim) | |||
1525 | return -EINVAL; | 1525 | return -EINVAL; |
1526 | if (copy_from_user(&new_rlim, rlim, sizeof(*rlim))) | 1526 | if (copy_from_user(&new_rlim, rlim, sizeof(*rlim))) |
1527 | return -EFAULT; | 1527 | return -EFAULT; |
1528 | if (new_rlim.rlim_cur > new_rlim.rlim_max) | ||
1529 | return -EINVAL; | ||
1528 | old_rlim = current->signal->rlim + resource; | 1530 | old_rlim = current->signal->rlim + resource; |
1529 | if ((new_rlim.rlim_max > old_rlim->rlim_max) && | 1531 | if ((new_rlim.rlim_max > old_rlim->rlim_max) && |
1530 | !capable(CAP_SYS_RESOURCE)) | 1532 | !capable(CAP_SYS_RESOURCE)) |
1531 | return -EPERM; | 1533 | return -EPERM; |
1532 | 1534 | if (resource == RLIMIT_NOFILE && new_rlim.rlim_max > sysctl_nr_open) | |
1533 | if (resource == RLIMIT_NOFILE) { | 1535 | return -EPERM; |
1534 | if (new_rlim.rlim_max == RLIM_INFINITY) | ||
1535 | new_rlim.rlim_max = sysctl_nr_open; | ||
1536 | if (new_rlim.rlim_cur == RLIM_INFINITY) | ||
1537 | new_rlim.rlim_cur = sysctl_nr_open; | ||
1538 | if (new_rlim.rlim_max > sysctl_nr_open) | ||
1539 | return -EPERM; | ||
1540 | } | ||
1541 | |||
1542 | if (new_rlim.rlim_cur > new_rlim.rlim_max) | ||
1543 | return -EINVAL; | ||
1544 | 1536 | ||
1545 | retval = security_task_setrlimit(resource, &new_rlim); | 1537 | retval = security_task_setrlimit(resource, &new_rlim); |
1546 | if (retval) | 1538 | if (retval) |