| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240911142452.4110190-1-max.kellermann@ionos.com> Date: Wed, 11 Sep 2024 16:24:51 +0200 From: Max Kellermann <max.kellermann@...os.com> To: xiubli@...hat.com, idryomov@...il.com, ceph-devel@...r.kernel.org Cc: linux-kernel@...r.kernel.org, Max Kellermann <max.kellermann@...os.com> Subject: [PATCH v2] fs/ceph/quota: ignore quota with CAP_SYS_RESOURCE CAP_SYS_RESOURCE allows users to "override disk quota limits". Most filesystems have a CAP_SYS_RESOURCE check in all quota check code paths, but Ceph currently does not. This patch implements the feature. Signed-off-by: Max Kellermann <max.kellermann@...os.com> --- v1 -> v2: moved capable check to check_quota_exceeded() --- fs/ceph/quota.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/ceph/quota.c b/fs/ceph/quota.c index 06ee397e0c3a..c428dc8e8f23 100644 --- a/fs/ceph/quota.c +++ b/fs/ceph/quota.c @@ -334,6 +334,9 @@ static bool check_quota_exceeded(struct inode *inode, enum quota_check_op op, u64 max, rvalue; bool exceeded = false; + if (capable(CAP_SYS_RESOURCE)) + return false; + if (ceph_snap(inode) != CEPH_NOSNAP) return false; -- 2.45.2
Powered by blists - more mailing lists