authorChristoph Hellwig <hch@lst.de>2021-03-14 10:59:39 -0700
committerDarrick J. Wong <djwong@kernel.org>2021-03-15 08:50:41 -0700
commit8723d5ba8bdae1c41be7a6fc8469dc9aa551e7d0 (patch)
parent08a204387e8063ba7375481281701137bd553dee (diff)
xfs: also reject BULKSTAT_SINGLE in a mount user namespace
BULKSTAT_SINGLE exposed the ondisk uids/gids just like bulkstat, and can be called on any inode, including ones not visible in the current mount. Fixes: f736d93d76d3 ("xfs: support idmapped mounts") Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Darrick J. Wong <djwong@kernel.org> Signed-off-by: Darrick J. Wong <djwong@kernel.org>
1 files changed, 6 insertions, 0 deletions
diff --git a/fs/xfs/xfs_itable.c b/fs/xfs/xfs_itable.c
--- a/fs/xfs/xfs_itable.c
+++ b/fs/xfs/xfs_itable.c
@@ -168,6 +168,12 @@ xfs_bulkstat_one(
int error;
+ if (breq->mnt_userns != &init_user_ns) {
+ xfs_warn_ratelimited(breq->mp,
+ "bulkstat not supported inside of idmapped mounts.");
+ return -EINVAL;
+ }
ASSERT(breq->icount == 1);
bc.buf = kmem_zalloc(sizeof(struct xfs_bulkstat),