> Currently, dquot_initialize() is a no-op if the inode being initialized
> isn't a regular file, directory or symlink. This means that calling
> DQUOT_ALLOC_INODE() on a named pipe or AF_UNIX socket has no effect (the
> same applies to devices, but this is less likely to be a problem as
> random users can't create them); as a result a user can exhaust the
> filesystem's inodes even when they have a quota limit. This problem is
> exploitable in 2.2.19 and 2.4.2, and appears to be present in all kernel
> versions that I've looked at.
> I presume that the reason for not putting quotas on pipes and sockets is
> that it's slightly more efficient not to do so. If that's the case, then
> the simplest solution would be to remove the checks in fs/dquot.c (patch
> below for 2.4.5 - patch for 2.2 in following email). Are there any
> undesirable consequences to pipes, sockets and devices having non-NULL
> pointers in i_dquot?
I must admit that I don't know why we don't count quotas also for device/pipe/socket
inodes. This behaviour was there for ages :). Maybe it's time to change it.
I can't think of any problems which can be with it... Your patch seems to be fine.
-- Jan Kara <firstname.lastname@example.org> SuSE Labs - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to email@example.com More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/