| Message ID | 20210710143959.58077-1-wangshilong1991@gmail.com |
|---|---|
| State | Not Applicable |
| Headers | show |
| Series | [v4] fs: forbid invalid project ID | expand |
On Jul 10, 2021, at 8:39 AM, Wang Shilong <wangshilong1991@gmail.com> wrote: > > From: Wang Shilong <wshilong@ddn.com> > > fileattr_set_prepare() should check if project ID > is valid, otherwise dqget() will return NULL for > such project ID quota. > > Signed-off-by: Wang Shilong <wshilong@ddn.com> Reviewed-by: Andreas Dilger <adilger@dilger.ca> > --- > v3->v3: > only check project Id if caller is allowed > to change and being changed. > > v2->v3: move check before @fsx_projid is accessed > and use make_kprojid() helper. > > v1->v2: try to fix in the VFS > fs/ioctl.c | 8 ++++++++ > 1 file changed, 8 insertions(+) > > diff --git a/fs/ioctl.c b/fs/ioctl.c > index 1e2204fa9963..d4fabb5421cd 100644 > --- a/fs/ioctl.c > +++ b/fs/ioctl.c > @@ -817,6 +817,14 @@ static int fileattr_set_prepare(struct inode *inode, > if ((old_ma->fsx_xflags ^ fa->fsx_xflags) & > FS_XFLAG_PROJINHERIT) > return -EINVAL; > + } else { > + /* > + * Caller is allowed to change the project ID. If it is being > + * changed, make sure that the new value is valid. > + */ > + if (old_ma->fsx_projid != fa->fsx_projid && > + !projid_valid(make_kprojid(&init_user_ns, fa->fsx_projid))) > + return -EINVAL; > } > > /* Check extent size hints. */ > -- > 2.27.0 > Cheers, Andreas
On Sat, Jul 10, 2021 at 10:39:59PM +0800, Wang Shilong wrote: > From: Wang Shilong <wshilong@ddn.com> > > fileattr_set_prepare() should check if project ID > is valid, otherwise dqget() will return NULL for > such project ID quota. > > Signed-off-by: Wang Shilong <wshilong@ddn.com> > --- > v3->v3: > only check project Id if caller is allowed > to change and being changed. > > v2->v3: move check before @fsx_projid is accessed > and use make_kprojid() helper. > > v1->v2: try to fix in the VFS > fs/ioctl.c | 8 ++++++++ > 1 file changed, 8 insertions(+) > > diff --git a/fs/ioctl.c b/fs/ioctl.c > index 1e2204fa9963..d4fabb5421cd 100644 > --- a/fs/ioctl.c > +++ b/fs/ioctl.c > @@ -817,6 +817,14 @@ static int fileattr_set_prepare(struct inode *inode, > if ((old_ma->fsx_xflags ^ fa->fsx_xflags) & > FS_XFLAG_PROJINHERIT) > return -EINVAL; > + } else { > + /* > + * Caller is allowed to change the project ID. If it is being > + * changed, make sure that the new value is valid. > + */ > + if (old_ma->fsx_projid != fa->fsx_projid && > + !projid_valid(make_kprojid(&init_user_ns, fa->fsx_projid))) > + return -EINVAL; > } > > /* Check extent size hints. */ Looks good. Thanks! Reviewed-by: Dave Chinner <dchinner@redhat.com>
On Sat, Jul 10, 2021 at 10:39:59PM +0800, Wang Shilong wrote: > From: Wang Shilong <wshilong@ddn.com> > > fileattr_set_prepare() should check if project ID > is valid, otherwise dqget() will return NULL for > such project ID quota. > > Signed-off-by: Wang Shilong <wshilong@ddn.com> > --- > v3->v3: > only check project Id if caller is allowed > to change and being changed. > > v2->v3: move check before @fsx_projid is accessed > and use make_kprojid() helper. > > v1->v2: try to fix in the VFS > fs/ioctl.c | 8 ++++++++ > 1 file changed, 8 insertions(+) > > diff --git a/fs/ioctl.c b/fs/ioctl.c > index 1e2204fa9963..d4fabb5421cd 100644 > --- a/fs/ioctl.c > +++ b/fs/ioctl.c > @@ -817,6 +817,14 @@ static int fileattr_set_prepare(struct inode *inode, > if ((old_ma->fsx_xflags ^ fa->fsx_xflags) & > FS_XFLAG_PROJINHERIT) > return -EINVAL; > + } else { > + /* > + * Caller is allowed to change the project ID. If it is being > + * changed, make sure that the new value is valid. > + */ > + if (old_ma->fsx_projid != fa->fsx_projid && > + !projid_valid(make_kprojid(&init_user_ns, fa->fsx_projid))) > + return -EINVAL; Hmm, for XFS this is sort of a userspace-breaking change in the sense that (technically) we've never rejected -1 before. xfs_quota won't have anything to do with that, and (assuming I read the helper/macro gooeyness correctly) the vfs quota code won't either, so Reviewed-by: Darrick J. Wong <djwong@kernel.org> --D > } > > /* Check extent size hints. */ > -- > 2.27.0 >
Anyone take this patch to the tree? maybe Al Viro? On Sat, Jul 10, 2021 at 10:40 PM Wang Shilong <wangshilong1991@gmail.com> wrote: > > From: Wang Shilong <wshilong@ddn.com> > > fileattr_set_prepare() should check if project ID > is valid, otherwise dqget() will return NULL for > such project ID quota. > > Signed-off-by: Wang Shilong <wshilong@ddn.com> > --- > v3->v3: > only check project Id if caller is allowed > to change and being changed. > > v2->v3: move check before @fsx_projid is accessed > and use make_kprojid() helper. > > v1->v2: try to fix in the VFS > fs/ioctl.c | 8 ++++++++ > 1 file changed, 8 insertions(+) > > diff --git a/fs/ioctl.c b/fs/ioctl.c > index 1e2204fa9963..d4fabb5421cd 100644 > --- a/fs/ioctl.c > +++ b/fs/ioctl.c > @@ -817,6 +817,14 @@ static int fileattr_set_prepare(struct inode *inode, > if ((old_ma->fsx_xflags ^ fa->fsx_xflags) & > FS_XFLAG_PROJINHERIT) > return -EINVAL; > + } else { > + /* > + * Caller is allowed to change the project ID. If it is being > + * changed, make sure that the new value is valid. > + */ > + if (old_ma->fsx_projid != fa->fsx_projid && > + !projid_valid(make_kprojid(&init_user_ns, fa->fsx_projid))) > + return -EINVAL; > } > > /* Check extent size hints. */ > -- > 2.27.0 >
diff --git a/fs/ioctl.c b/fs/ioctl.c index 1e2204fa9963..d4fabb5421cd 100644 --- a/fs/ioctl.c +++ b/fs/ioctl.c @@ -817,6 +817,14 @@ static int fileattr_set_prepare(struct inode *inode, if ((old_ma->fsx_xflags ^ fa->fsx_xflags) & FS_XFLAG_PROJINHERIT) return -EINVAL; + } else { + /* + * Caller is allowed to change the project ID. If it is being + * changed, make sure that the new value is valid. + */ + if (old_ma->fsx_projid != fa->fsx_projid && + !projid_valid(make_kprojid(&init_user_ns, fa->fsx_projid))) + return -EINVAL; } /* Check extent size hints. */