CAP_SYS_RESOURCE allows users to "override disk quota limits". Most filesystems have a CAP_SYS_RESOURCE check in all quota check code paths, but Ceph currently does not. This patch implements the feature. Signed-off-by: Max Kellermann <max.kellermann@xxxxxxxxx> --- fs/ceph/quota.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/fs/ceph/quota.c b/fs/ceph/quota.c index 06ee397e0c3a..666315ec74d3 100644 --- a/fs/ceph/quota.c +++ b/fs/ceph/quota.c @@ -429,6 +429,9 @@ bool ceph_quota_is_max_files_exceeded(struct inode *inode) WARN_ON(!S_ISDIR(inode->i_mode)); + if (capable(CAP_SYS_RESOURCE)) + return false; + return check_quota_exceeded(inode, QUOTA_CHECK_MAX_FILES_OP, 1); } @@ -451,6 +454,9 @@ bool ceph_quota_is_max_bytes_exceeded(struct inode *inode, loff_t newsize) if (newsize <= size) return false; + if (capable(CAP_SYS_RESOURCE)) + return false; + return check_quota_exceeded(inode, QUOTA_CHECK_MAX_BYTES_OP, (newsize - size)); } @@ -473,6 +479,9 @@ bool ceph_quota_is_max_bytes_approaching(struct inode *inode, loff_t newsize) if (newsize <= size) return false; + if (capable(CAP_SYS_RESOURCE)) + return false; + return check_quota_exceeded(inode, QUOTA_CHECK_MAX_BYTES_APPROACHING_OP, (newsize - size)); } -- 2.45.2
