[Devel] [PATCH vz9 08/10] xfs: Don't show the active balloon to user
Konstantin Khorenko
khorenko at virtuozzo.com
Thu Nov 28 19:51:52 MSK 2024
From: Kirill Tkhai <ktkhai at virtuozzo.com>
Prohibit a notpriviliged user to reach balloon.
Prohibit everything to unlink it.
https://jira.sw.ru/browse/PSBM-133811
Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
Feature: fs/xfs: fast online shrink support
---
fs/xfs/xfs_inode.c | 4 ++++
fs/xfs/xfs_iops.c | 4 ++++
2 files changed, 8 insertions(+)
diff --git a/fs/xfs/xfs_inode.c b/fs/xfs/xfs_inode.c
index 5ca561634164..9065e6d373cc 100644
--- a/fs/xfs/xfs_inode.c
+++ b/fs/xfs/xfs_inode.c
@@ -666,6 +666,10 @@ xfs_lookup(
if (error)
goto out_unlock;
+ error = -EPERM;
+ if (unlikely(inum == READ_ONCE(dp->i_mount->m_balloon_ino)))
+ goto out_free_name;
+
error = xfs_iget(dp->i_mount, NULL, inum, 0, 0, ipp);
if (error)
goto out_free_name;
diff --git a/fs/xfs/xfs_iops.c b/fs/xfs/xfs_iops.c
index ca1f445dc8c2..12e4dd456e6d 100644
--- a/fs/xfs/xfs_iops.c
+++ b/fs/xfs/xfs_iops.c
@@ -382,6 +382,10 @@ xfs_vn_unlink(
struct xfs_name name;
int error;
+ if (unlikely(d_inode(dentry)->i_ino ==
+ READ_ONCE(XFS_I(dir)->i_mount->m_balloon_ino)))
+ return -EPERM;
+
xfs_dentry_to_name(&name, dentry);
error = xfs_remove(XFS_I(dir), &name, XFS_I(d_inode(dentry)));
--
2.43.5
More information about the Devel
mailing list