On Mon, Jul 29, 2013 at 11:07:05PM -0400, Dwight Engen wrote: > Check for CAP_SYS_ADMIN since the caller can truncate preallocated > blocks from files they do not own nor have write access to. A more > fine grained access check was considered: require the caller to > specify their own uid/gid and to use inode_permission to check for > write, but this would not catch the case of an inode not reachable > via path traversal from the callers mount namespace. > > Add check for read-only filesystem to free eofblocks ioctl. > > Signed-off-by: Dwight Engen <dwight.engen@xxxxxxxxxx> > --- > fs/xfs/xfs_ioctl.c | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/fs/xfs/xfs_ioctl.c b/fs/xfs/xfs_ioctl.c > index 6e72eff..b1990ac 100644 > --- a/fs/xfs/xfs_ioctl.c > +++ b/fs/xfs/xfs_ioctl.c > @@ -1613,6 +1613,12 @@ xfs_file_ioctl( > struct xfs_fs_eofblocks eofb; > struct xfs_eofblocks keofb; > > + if (!capable(CAP_SYS_ADMIN)) > + return -EPERM; > + > + if (IS_RDONLY(inode)) > + return -XFS_ERROR(EROFS); > + > if (copy_from_user(&eofb, arg, sizeof(eofb))) > return -XFS_ERROR(EFAULT); Looks fine. Reviewed-by: Dave Chinner <dchinner@xxxxxxxxxx> -- Dave Chinner david@xxxxxxxxxxxxx _______________________________________________ xfs mailing list xfs@xxxxxxxxxxx http://oss.sgi.com/mailman/listinfo/xfs
