xfs
[Top] [All Lists]

Re: [PATCH v7 6/7] xfs: add capable check to free eofblocks ioctl

To: Dwight Engen <dwight.engen@xxxxxxxxxx>
Subject: Re: [PATCH v7 6/7] xfs: add capable check to free eofblocks ioctl
From: Dave Chinner <david@xxxxxxxxxxxxx>
Date: Wed, 31 Jul 2013 09:16:06 +1000
Cc: xfs@xxxxxxxxxxx
Delivered-to: xfs@xxxxxxxxxxx
In-reply-to: <20130729230705.128e4509@xxxxxxxxxx>
References: <20130729230705.128e4509@xxxxxxxxxx>
User-agent: Mutt/1.5.21 (2010-09-15)
On Mon, Jul 29, 2013 at 11:07:05PM -0400, Dwight Engen wrote:
> Check for CAP_SYS_ADMIN since the caller can truncate preallocated
> blocks from files they do not own nor have write access to. A more
> fine grained access check was considered: require the caller to
> specify their own uid/gid and to use inode_permission to check for
> write, but this would not catch the case of an inode not reachable
> via path traversal from the callers mount namespace.
> 
> Add check for read-only filesystem to free eofblocks ioctl.
> 
> Signed-off-by: Dwight Engen <dwight.engen@xxxxxxxxxx>
> ---
>  fs/xfs/xfs_ioctl.c | 6 ++++++
>  1 file changed, 6 insertions(+)
> 
> diff --git a/fs/xfs/xfs_ioctl.c b/fs/xfs/xfs_ioctl.c
> index 6e72eff..b1990ac 100644
> --- a/fs/xfs/xfs_ioctl.c
> +++ b/fs/xfs/xfs_ioctl.c
> @@ -1613,6 +1613,12 @@ xfs_file_ioctl(
>               struct xfs_fs_eofblocks eofb;
>               struct xfs_eofblocks keofb;
>  
> +             if (!capable(CAP_SYS_ADMIN))
> +                     return -EPERM;
> +
> +             if (IS_RDONLY(inode))
> +                     return -XFS_ERROR(EROFS);
> +
>               if (copy_from_user(&eofb, arg, sizeof(eofb)))
>                       return -XFS_ERROR(EFAULT);

Looks fine.

Reviewed-by: Dave Chinner <dchinner@xxxxxxxxxx>
-- 
Dave Chinner
david@xxxxxxxxxxxxx

<Prev in Thread] Current Thread [Next in Thread>