[Devel,2/2] ext4/mfsync: Prevent resource abuse

Submitted by Dmitry Monakhov on March 15, 2017, 8:43 a.m.

Details

Message ID 1489567390-10495-2-git-send-email-dmonakhov@openvz.org
State New
Series "Series without cover letter"
Headers show

Commit Message

Dmitry Monakhov March 15, 2017, 8:43 a.m.
- Mfsync is not standard interface let's hide it from VEs
- Limit number of files in single request.


https://jira.sw.ru/browse/PSBM-59965
https://jira.sw.ru/browse/PSBM-59966
Signed-off-by: Dmitry Monakhov <dmonakhov@openvz.org>
---
 fs/ext4/ioctl.c | 5 +++++
 1 file changed, 5 insertions(+)

Patch hide | download patch | download mbox

diff --git a/fs/ext4/ioctl.c b/fs/ext4/ioctl.c
index cd831d5..9232330 100644
--- a/fs/ext4/ioctl.c
+++ b/fs/ext4/ioctl.c
@@ -783,12 +783,17 @@  resize_out:
 		__u32 __user *usr_fd;
 		int i, err;
 
+		if (!ve_is_super(get_exec_env()))
+			return -ENOTSUPP;
 		if (copy_from_user(&mfsync, (struct ext4_ioc_mfsync_info *)arg,
 				   sizeof(mfsync)))
 			return -EFAULT;
 
 		if (mfsync.size == 0)
 			return 0;
+		if (mfsync.size > NR_FILE)
+			return -ENFILE;
+
 		usr_fd = (__u32 __user *) (arg + sizeof(__u32));
 
 		filpp = kzalloc(mfsync.size * sizeof(*filp), GFP_KERNEL);