| Message ID | 20160706181212.16267-10-ebiederm@xmission.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Wed 06-07-16 13:12:10, Eric W. Biederman wrote: > Mostly supporting filesystems outside of init_user_ns is > s/&init_usre_ns/dquot->dq_sb->s_user_ns/. An actual need for > supporting quotas on filesystems outside of s_user_ns is quite a ways > away and to be done responsibily needs an audit on what can happen > with hostile quota files. Until that audit is complete don't attempt > to support quota files on filesystems outside of s_user_ns. > > Cc: Jan Kara <jack@suse.cz> > Acked-by: Seth Forshee <seth.forshee@canonical.com> > Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Looks good. You can add: Acked-by: Jan Kara <jack@suse.cz> Honza > --- > fs/quota/dquot.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/fs/quota/dquot.c b/fs/quota/dquot.c > index 74706b6aa747..87197d13cc76 100644 > --- a/fs/quota/dquot.c > +++ b/fs/quota/dquot.c > @@ -2271,6 +2271,11 @@ static int vfs_load_quota_inode(struct inode *inode, int type, int format_id, > error = -EINVAL; > goto out_fmt; > } > + /* Filesystems outside of init_user_ns not yet supported */ > + if (sb->s_user_ns != &init_user_ns) { > + error = -EINVAL; > + goto out_fmt; > + } > /* Usage always has to be set... */ > if (!(flags & DQUOT_USAGE_ENABLED)) { > error = -EINVAL; > -- > 2.8.3 >
diff --git a/fs/quota/dquot.c b/fs/quota/dquot.c index 74706b6aa747..87197d13cc76 100644 --- a/fs/quota/dquot.c +++ b/fs/quota/dquot.c @@ -2271,6 +2271,11 @@ static int vfs_load_quota_inode(struct inode *inode, int type, int format_id, error = -EINVAL; goto out_fmt; } + /* Filesystems outside of init_user_ns not yet supported */ + if (sb->s_user_ns != &init_user_ns) { + error = -EINVAL; + goto out_fmt; + } /* Usage always has to be set... */ if (!(flags & DQUOT_USAGE_ENABLED)) { error = -EINVAL;