| From 8c567a7fab6e086a0284eee2db82348521e7120c Mon Sep 17 00:00:00 2001 |
| From: Dwight Engen <dwight.engen@oracle.com> |
| Date: Thu, 15 Aug 2013 14:08:03 -0400 |
| Subject: xfs: add capability check to free eofblocks ioctl |
| |
| From: Dwight Engen <dwight.engen@oracle.com> |
| |
| commit 8c567a7fab6e086a0284eee2db82348521e7120c upstream. |
| |
| Check for CAP_SYS_ADMIN since the caller can truncate preallocated |
| blocks from files they do not own nor have write access to. A more |
| fine grained access check was considered: require the caller to |
| specify their own uid/gid and to use inode_permission to check for |
| write, but this would not catch the case of an inode not reachable |
| via path traversal from the callers mount namespace. |
| |
| Add check for read-only filesystem to free eofblocks ioctl. |
| |
| Reviewed-by: Brian Foster <bfoster@redhat.com> |
| Reviewed-by: Dave Chinner <dchinner@redhat.com> |
| Reviewed-by: Gao feng <gaofeng@cn.fujitsu.com> |
| Signed-off-by: Dwight Engen <dwight.engen@oracle.com> |
| Signed-off-by: Ben Myers <bpm@sgi.com> |
| Cc: Kees Cook <keescook@google.com> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| |
| --- |
| fs/xfs/xfs_ioctl.c | 6 ++++++ |
| 1 file changed, 6 insertions(+) |
| |
| --- a/fs/xfs/xfs_ioctl.c |
| +++ b/fs/xfs/xfs_ioctl.c |
| @@ -1612,6 +1612,12 @@ xfs_file_ioctl( |
| case XFS_IOC_FREE_EOFBLOCKS: { |
| struct xfs_eofblocks eofb; |
| |
| + if (!capable(CAP_SYS_ADMIN)) |
| + return -EPERM; |
| + |
| + if (mp->m_flags & XFS_MOUNT_RDONLY) |
| + return -XFS_ERROR(EROFS); |
| + |
| if (copy_from_user(&eofb, arg, sizeof(eofb))) |
| return -XFS_ERROR(EFAULT); |
| |