1 files changed, 4 insertions, 12 deletions
diff --git a/kernel/sys.c b/kernel/sys.c
index 87ca037dc03a..c5e7dec4966e 100644
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -1526,22 +1526,14 @@ SYSCALL_DEFINE2(setrlimit, unsigned int, resource, struct rlimit __user *, rlim)
                return -EINVAL;
        if (copy_from_user(&new_rlim, rlim, sizeof(*rlim)))
                return -EFAULT;
+        if (new_rlim.rlim_cur > new_rlim.rlim_max)
+                return -EINVAL;
        old_rlim = current->signal->rlim + resource;
        if ((new_rlim.rlim_max > old_rlim->rlim_max) &&
            !capable(CAP_SYS_RESOURCE))
                return -EPERM;
+        if (resource == RLIMIT_NOFILE && new_rlim.rlim_max > sysctl_nr_open)
-        if (resource == RLIMIT_NOFILE) {
+                return -EPERM;
-                if (new_rlim.rlim_max == RLIM_INFINITY)
-                        new_rlim.rlim_max = sysctl_nr_open;
-                if (new_rlim.rlim_cur == RLIM_INFINITY)
-                        new_rlim.rlim_cur = sysctl_nr_open;
-                if (new_rlim.rlim_max > sysctl_nr_open)
-                        return -EPERM;
-        }
-        if (new_rlim.rlim_cur > new_rlim.rlim_max)
-                return -EINVAL;
        retval = security_task_setrlimit(resource, &new_rlim);
        if (retval)

diff --git a/kernel/sys.c b/kernel/sys.c index 87ca037dc03a..c5e7dec4966e 100644 --- a/kernel/sys.c +++ b/kernel/sys.c
@@ -1526,22 +1526,14 @@ SYSCALL_DEFINE2(setrlimit, unsigned int, resource, struct rlimit __user *, rlim)
1526	return -EINVAL;	1526	return -EINVAL;
1527	if (copy_from_user(&new_rlim, rlim, sizeof(*rlim)))	1527	if (copy_from_user(&new_rlim, rlim, sizeof(*rlim)))
1528	return -EFAULT;	1528	return -EFAULT;
		1529	if (new_rlim.rlim_cur > new_rlim.rlim_max)
		1530	return -EINVAL;
1529	old_rlim = current->signal->rlim + resource;	1531	old_rlim = current->signal->rlim + resource;
1530	if ((new_rlim.rlim_max > old_rlim->rlim_max) &&	1532	if ((new_rlim.rlim_max > old_rlim->rlim_max) &&
1531	!capable(CAP_SYS_RESOURCE))	1533	!capable(CAP_SYS_RESOURCE))
1532	return -EPERM;	1534	return -EPERM;
1533		1535	if (resource == RLIMIT_NOFILE && new_rlim.rlim_max > sysctl_nr_open)
1534	if (resource == RLIMIT_NOFILE) {	1536	return -EPERM;
1535	if (new_rlim.rlim_max == RLIM_INFINITY)
1536	new_rlim.rlim_max = sysctl_nr_open;
1537	if (new_rlim.rlim_cur == RLIM_INFINITY)
1538	new_rlim.rlim_cur = sysctl_nr_open;
1539	if (new_rlim.rlim_max > sysctl_nr_open)
1540	return -EPERM;
1541	}
1542
1543	if (new_rlim.rlim_cur > new_rlim.rlim_max)
1544	return -EINVAL;
1545		1537
1546	retval = security_task_setrlimit(resource, &new_rlim);	1538	retval = security_task_setrlimit(resource, &new_rlim);
1547	if (retval)	1539	if (retval)