Luís Henriques
2023-May-29  15:26 UTC
[Ocfs2-devel] [PATCH] ocfs2: check new file size on fallocate call
When changing a file size with fallocate() the new size isn't being
checked.  In particular, the FSIZE ulimit isn't being checked, which makes
fstest generic/228 fail.  Simply adding a call to inode_newsize_ok() fixes
this issue.
Signed-off-by: Lu?s Henriques <lhenriques at suse.de>
---
 fs/ocfs2/file.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/fs/ocfs2/file.c b/fs/ocfs2/file.c
index efb09de4343d..b173c36bcab3 100644
--- a/fs/ocfs2/file.c
+++ b/fs/ocfs2/file.c
@@ -2100,14 +2100,20 @@ static long ocfs2_fallocate(struct file *file, int mode,
loff_t offset,
 	struct ocfs2_space_resv sr;
 	int change_size = 1;
 	int cmd = OCFS2_IOC_RESVSP64;
+	int ret = 0;
 
 	if (mode & ~(FALLOC_FL_KEEP_SIZE | FALLOC_FL_PUNCH_HOLE))
 		return -EOPNOTSUPP;
 	if (!ocfs2_writes_unwritten_extents(osb))
 		return -EOPNOTSUPP;
 
-	if (mode & FALLOC_FL_KEEP_SIZE)
+	if (mode & FALLOC_FL_KEEP_SIZE) {
 		change_size = 0;
+	} else {
+		ret = inode_newsize_ok(inode, offset + len);
+		if (ret)
+			return ret;
+	}
 
 	if (mode & FALLOC_FL_PUNCH_HOLE)
 		cmd = OCFS2_IOC_UNRESVSP64;
Mark Fasheh
2023-May-31  03:32 UTC
[Ocfs2-devel] [PATCH] ocfs2: check new file size on fallocate call
On Mon, May 29, 2023 at 8:26?AM Lu?s Henriques <lhenriques at suse.de> wrote:> > When changing a file size with fallocate() the new size isn't being > checked. In particular, the FSIZE ulimit isn't being checked, which makes > fstest generic/228 fail. Simply adding a call to inode_newsize_ok() fixes > this issue. > > Signed-off-by: Lu?s Henriques <lhenriques at suse.de>Looks good, thanks Luis. Reviewed-by: Mark Fasheh <mark at fasheh.com>
Joseph Qi
2023-May-31  06:00 UTC
[Ocfs2-devel] [PATCH] ocfs2: check new file size on fallocate call
On 5/29/23 11:26 PM, Lu?s Henriques wrote:> When changing a file size with fallocate() the new size isn't being > checked. In particular, the FSIZE ulimit isn't being checked, which makes > fstest generic/228 fail. Simply adding a call to inode_newsize_ok() fixes > this issue. > > Signed-off-by: Lu?s Henriques <lhenriques at suse.de> > --- > fs/ocfs2/file.c | 8 +++++++- > 1 file changed, 7 insertions(+), 1 deletion(-) > > diff --git a/fs/ocfs2/file.c b/fs/ocfs2/file.c > index efb09de4343d..b173c36bcab3 100644 > --- a/fs/ocfs2/file.c > +++ b/fs/ocfs2/file.c > @@ -2100,14 +2100,20 @@ static long ocfs2_fallocate(struct file *file, int mode, loff_t offset, > struct ocfs2_space_resv sr; > int change_size = 1; > int cmd = OCFS2_IOC_RESVSP64; > + int ret = 0; > > if (mode & ~(FALLOC_FL_KEEP_SIZE | FALLOC_FL_PUNCH_HOLE)) > return -EOPNOTSUPP;This means we only support keep-size and pouch_hole. And it seems pouch_hole will also imply keep-size.> if (!ocfs2_writes_unwritten_extents(osb)) > return -EOPNOTSUPP; > > - if (mode & FALLOC_FL_KEEP_SIZE) > + if (mode & FALLOC_FL_KEEP_SIZE) { > change_size = 0; > + } else {Seems this will be a dead branch? Thanks, Joseph> + ret = inode_newsize_ok(inode, offset + len); > + if (ret) > + return ret; > + } > > if (mode & FALLOC_FL_PUNCH_HOLE) > cmd = OCFS2_IOC_UNRESVSP64;
Joseph Qi
2023-May-31  08:32 UTC
[Ocfs2-devel] [PATCH] ocfs2: check new file size on fallocate call
On 5/29/23 11:26 PM, Lu?s Henriques wrote:> When changing a file size with fallocate() the new size isn't being > checked. In particular, the FSIZE ulimit isn't being checked, which makes > fstest generic/228 fail. Simply adding a call to inode_newsize_ok() fixes > this issue. > > Signed-off-by: Lu?s Henriques <lhenriques at suse.de>Reviewed-by: Joseph Qi <joseph.qi at linux.alibaba.com>> --- > fs/ocfs2/file.c | 8 +++++++- > 1 file changed, 7 insertions(+), 1 deletion(-) > > diff --git a/fs/ocfs2/file.c b/fs/ocfs2/file.c > index efb09de4343d..b173c36bcab3 100644 > --- a/fs/ocfs2/file.c > +++ b/fs/ocfs2/file.c > @@ -2100,14 +2100,20 @@ static long ocfs2_fallocate(struct file *file, int mode, loff_t offset, > struct ocfs2_space_resv sr; > int change_size = 1; > int cmd = OCFS2_IOC_RESVSP64; > + int ret = 0; > > if (mode & ~(FALLOC_FL_KEEP_SIZE | FALLOC_FL_PUNCH_HOLE)) > return -EOPNOTSUPP; > if (!ocfs2_writes_unwritten_extents(osb)) > return -EOPNOTSUPP; > > - if (mode & FALLOC_FL_KEEP_SIZE) > + if (mode & FALLOC_FL_KEEP_SIZE) { > change_size = 0; > + } else { > + ret = inode_newsize_ok(inode, offset + len); > + if (ret) > + return ret; > + } > > if (mode & FALLOC_FL_PUNCH_HOLE) > cmd = OCFS2_IOC_UNRESVSP64;
Andrew Morton
2023-May-31  22:11 UTC
[Ocfs2-devel] [PATCH] ocfs2: check new file size on fallocate call
On Mon, 29 May 2023 16:26:45 +0100 Lu?s Henriques via Ocfs2-devel <ocfs2-devel at oss.oracle.com> wrote:> When changing a file size with fallocate() the new size isn't being > checked. In particular, the FSIZE ulimit isn't being checked, which makes > fstest generic/228 fail. Simply adding a call to inode_newsize_ok() fixes > this issue. > > ... > > --- a/fs/ocfs2/file.c > +++ b/fs/ocfs2/file.c > @@ -2100,14 +2100,20 @@ static long ocfs2_fallocate(struct file *file, int mode, loff_t offset, > struct ocfs2_space_resv sr; > int change_size = 1; > int cmd = OCFS2_IOC_RESVSP64; > + int ret = 0; > > if (mode & ~(FALLOC_FL_KEEP_SIZE | FALLOC_FL_PUNCH_HOLE)) > return -EOPNOTSUPP; > if (!ocfs2_writes_unwritten_extents(osb)) > return -EOPNOTSUPP; > > - if (mode & FALLOC_FL_KEEP_SIZE) > + if (mode & FALLOC_FL_KEEP_SIZE) { > change_size = 0; > + } else { > + ret = inode_newsize_ok(inode, offset + len); > + if (ret) > + return ret; > + } >So userspace can exceed rlimit(RLIMIT_FSIZE). Do we think this flaw is serious enough to justify backporting the fix into earlier -stable kernels?