Commit 4ed734b0 authored by Jens Axboe's avatar Jens Axboe
Browse files

io_uring: honor original task RLIMIT_FSIZE 



With the previous fixes for number of files open checking, I added some
debug code to see if we had other spots where we're checking rlimit()
against the async io-wq workers. The only one I found was file size
checking, which we should also honor.

During write and fallocate prep, store the max file size and override
that for the current ask if we're in io-wq worker context.

Cc: stable@vger.kernel.org # 5.1+
Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>
parent 60cf46ae

fs/io_uring.c

+16 −1
Original line number Diff line number Diff line
@@ -604,7 +604,10 @@ struct io_kiocb { 
	struct list_head	list;

	unsigned int		flags;

	refcount_t		refs;

	union {

		struct task_struct	*task;

		unsigned long		fsize;

	};

	u64			user_data;

	u32			result;

	u32			sequence;
@@ -2593,6 +2596,8 @@ static int io_write_prep(struct io_kiocb *req, const struct io_uring_sqe *sqe, 
	if (unlikely(!(req->file->f_mode & FMODE_WRITE)))

		return -EBADF;



	req->fsize = rlimit(RLIMIT_FSIZE);



	/* either don't need iovec imported or already have it */

	if (!req->io || req->flags & REQ_F_NEED_CLEANUP)

		return 0;
@@ -2662,10 +2667,17 @@ static int io_write(struct io_kiocb *req, bool force_nonblock) 
		}

		kiocb->ki_flags |= IOCB_WRITE;



		if (!force_nonblock)

			current->signal->rlim[RLIMIT_FSIZE].rlim_cur = req->fsize;



		if (req->file->f_op->write_iter)

			ret2 = call_write_iter(req->file, kiocb, &iter);

		else

			ret2 = loop_rw_iter(WRITE, req->file, kiocb, &iter);



		if (!force_nonblock)

			current->signal->rlim[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY;



		/*

		 * Raw bdev writes will -EOPNOTSUPP for IOCB_NOWAIT. Just

		 * retry them without IOCB_NOWAIT.
@@ -2848,8 +2860,10 @@ static void __io_fallocate(struct io_kiocb *req) 
{

	int ret;



	current->signal->rlim[RLIMIT_FSIZE].rlim_cur = req->fsize;

	ret = vfs_fallocate(req->file, req->sync.mode, req->sync.off,

				req->sync.len);

	current->signal->rlim[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY;

	if (ret < 0)

		req_set_fail_links(req);

	io_cqring_add_event(req, ret);
@@ -2875,6 +2889,7 @@ static int io_fallocate_prep(struct io_kiocb *req, 
	req->sync.off = READ_ONCE(sqe->off);

	req->sync.len = READ_ONCE(sqe->addr);

	req->sync.mode = READ_ONCE(sqe->len);

	req->fsize = rlimit(RLIMIT_FSIZE);

	return 0;

}