From 3834b12a18d51d6c535ea52e16355d75806ffe38 Mon Sep 17 00:00:00 2001 From: Harsh Prateek Bora Date: Tue, 3 Aug 2010 11:55:40 +0000 Subject: fs/9p: setrlimit fix for 9p write Current 9p client file write code does not check for RLIMIT_FSIZE resource. This bug was found by running LTP test case for setrlimit. This bug is fixed by calling generic_write_checks before sending the write request to the server. Without this patch: the write function is allowed to write above the RLIMIT_FSIZE set by user. With this patch: the write function checks for RLIMIT_SIZE and writes upto the size limit. Signed-off-by: Harsh Prateek Bora Signed-off-by: Eric Van Hensbergen --- fs/9p/vfs_file.c | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) (limited to 'fs') diff --git a/fs/9p/vfs_file.c b/fs/9p/vfs_file.c index e97c92bd6f16..89c44e92022c 100644 --- a/fs/9p/vfs_file.c +++ b/fs/9p/vfs_file.c @@ -219,7 +219,9 @@ static ssize_t v9fs_file_write(struct file *filp, const char __user * data, size_t count, loff_t * offset) { - int n, rsize, total = 0; + ssize_t retval; + size_t total = 0; + int n, rsize; struct p9_fid *fid; struct p9_client *clnt; struct inode *inode = filp->f_path.dentry->d_inode; @@ -234,6 +236,17 @@ v9fs_file_write(struct file *filp, const char __user * data, rsize = fid->iounit ? fid->iounit : clnt->msize - P9_IOHDRSZ; + retval = generic_write_checks(filp, &origin, &count, 0); + if (retval) + goto out; + + retval = -EINVAL; + if ((ssize_t) count < 0) + goto out; + retval = 0; + if (!count) + goto out; + do { if (count < rsize) rsize = count; @@ -258,9 +271,11 @@ v9fs_file_write(struct file *filp, const char __user * data, } if (n < 0) - return n; - - return total; + retval = n; + else + retval = total; +out: + return retval; } static int v9fs_file_fsync(struct file *filp, int datasync) -- cgit v1.2.3