[3.8.y.z extended stable] Patch "xfs: add capability check to free eofblocks ioctl" has been added to staging queue

Kamal Mostafa kamal at canonical.com
Wed Dec 11 20:09:26 UTC 2013 

This is a note to let you know that I have just added a patch titled

    xfs: add capability check to free eofblocks ioctl

to the linux-3.8.y-queue branch of the 3.8.y.z extended stable tree 
which can be found at:

 http://kernel.ubuntu.com/git?p=ubuntu/linux.git;a=shortlog;h=refs/heads/linux-3.8.y-queue

This patch is scheduled to be released in version 3.8.13.15.

If you, or anyone else, feels it should not be added to this tree, please 
reply to this email.

For more information about the 3.8.y.z tree, see
https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable

Thanks.
-Kamal

------

>From 392bd47d7ddca7bffa9efa782a50c26b9c223f61 Mon Sep 17 00:00:00 2001
From: Dwight Engen <dwight.engen at oracle.com>
Date: Thu, 15 Aug 2013 14:08:03 -0400
Subject: xfs: add capability check to free eofblocks ioctl

commit 8c567a7fab6e086a0284eee2db82348521e7120c upstream.

Check for CAP_SYS_ADMIN since the caller can truncate preallocated
blocks from files they do not own nor have write access to. A more
fine grained access check was considered: require the caller to
specify their own uid/gid and to use inode_permission to check for
write, but this would not catch the case of an inode not reachable
via path traversal from the callers mount namespace.

Add check for read-only filesystem to free eofblocks ioctl.

Reviewed-by: Brian Foster <bfoster at redhat.com>
Reviewed-by: Dave Chinner <dchinner at redhat.com>
Reviewed-by: Gao feng <gaofeng at cn.fujitsu.com>
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Signed-off-by: Ben Myers <bpm at sgi.com>
Cc: Kees Cook <keescook at google.com>
Signed-off-by: Kamal Mostafa <kamal at canonical.com>
---
 fs/xfs/xfs_ioctl.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/fs/xfs/xfs_ioctl.c b/fs/xfs/xfs_ioctl.c
index c1c3ef8..2fe3eb3 100644
--- a/fs/xfs/xfs_ioctl.c
+++ b/fs/xfs/xfs_ioctl.c
@@ -1606,6 +1606,12 @@ xfs_file_ioctl(
 	case XFS_IOC_FREE_EOFBLOCKS: {
 		struct xfs_eofblocks eofb;

+		if (!capable(CAP_SYS_ADMIN))
+			return -EPERM;
+
+		if (mp->m_flags & XFS_MOUNT_RDONLY)
+			return -XFS_ERROR(EROFS);
+
 		if (copy_from_user(&eofb, arg, sizeof(eofb)))
 			return -XFS_ERROR(EFAULT);

--
1.8.3.2

More information about the kernel-team mailing list