From: "Theodore Y. Ts'o" <tytso@mit.edu>
To: Wang Shilong <wangshilong1991@gmail.com>
Cc: linux-ext4@vger.kernel.org, dchinner@redhat.com,
adilger@dilger.ca, wshilong@ddn.com
Subject: Re: [PATCH v4 1/2] ext4: fix setattr project check upon fssetxattr ioctl
Date: Wed, 3 Oct 2018 10:34:05 -0400 [thread overview]
Message-ID: <20181003143405.GA4555@thunk.org> (raw)
In-Reply-To: <1537258530-4435-1-git-send-email-wshilong1991@gmail.com>
On Tue, Sep 18, 2018 at 05:15:29PM +0900, Wang Shilong wrote:
> From: Wang Shilong <wangshilong1991@gmail.com>
>
> Currently, project quota could be changed by fssetxattr
> ioctl, and existed permission check inode_owner_or_capable()
> is obviously not enough, just think that common users could
> change project id of file, that could make users to
> break project quota easily.
>
> This patch try to follow same regular of xfs project
> quota:
>
> "Project Quota ID state is only allowed to change from
> within the init namespace. Enforce that restriction only
> if we are trying to change the quota ID state.
> Everything else is allowed in user namespaces."
>
> Besides that, check and set project id'state should
> be an atomic operation, protect whole operation with
> inode lock, ext4_ioctl_setproject() is only used for
> ioctl EXT4_IOC_FSSETXATTR, we have held mnt_want_write_file()
> before ext4_ioctl_setflags(), and ext4_ioctl_setproject()
> is called after ext4_ioctl_setflags(), we could share
> codes, so remove it inside ext4_ioctl_setproject().
>
> Signed-off-by: Wang Shilong <wshilong@ddn.com>
> Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Applied, thanks.
- Ted
next parent reply other threads:[~2018-10-03 21:22 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1537258530-4435-1-git-send-email-wshilong1991@gmail.com>
2018-10-03 14:34 ` Theodore Y. Ts'o [this message]
[not found] ` <1537258530-4435-2-git-send-email-wshilong1991@gmail.com>
2018-10-03 16:23 ` [PATCH v2 RESEND 2/2] ext4: fix to detect failure of dquot_initialize in project ioctl Theodore Y. Ts'o
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181003143405.GA4555@thunk.org \
--to=tytso@mit.edu \
--cc=adilger@dilger.ca \
--cc=dchinner@redhat.com \
--cc=linux-ext4@vger.kernel.org \
--cc=wangshilong1991@gmail.com \
--cc=wshilong@ddn.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.