Commit 8c567a7f authored by Dwight Engen's avatar Dwight Engen Committed by Ben Myers

xfs: add capability check to free eofblocks ioctl

Check for CAP_SYS_ADMIN since the caller can truncate preallocated
blocks from files they do not own nor have write access to. A more
fine grained access check was considered: require the caller to
specify their own uid/gid and to use inode_permission to check for
write, but this would not catch the case of an inode not reachable
via path traversal from the callers mount namespace.

Add check for read-only filesystem to free eofblocks ioctl.
Reviewed-by: default avatarBrian Foster <bfoster@redhat.com>
Reviewed-by: default avatarDave Chinner <dchinner@redhat.com>
Reviewed-by: default avatarGao feng <gaofeng@cn.fujitsu.com>
Signed-off-by: default avatarDwight Engen <dwight.engen@oracle.com>
Signed-off-by: default avatarBen Myers <bpm@sgi.com>
parent b9fe5052
......@@ -1723,6 +1723,12 @@ xfs_file_ioctl(
struct xfs_fs_eofblocks eofb;
struct xfs_eofblocks keofb;
if (!capable(CAP_SYS_ADMIN))
return -EPERM;
if (mp->m_flags & XFS_MOUNT_RDONLY)
return -XFS_ERROR(EROFS);
if (copy_from_user(&eofb, arg, sizeof(eofb)))
return -XFS_ERROR(EFAULT);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment