[PATCH 5.6 165/254] io_uring: honor original task RLIMIT_FSIZE

From: Greg Kroah-Hartman
Date: Thu Apr 16 2020 - 10:26:18 EST


From: Jens Axboe <axboe@xxxxxxxxx>

commit 4ed734b0d0913e566a9d871e15d24eb240f269f7 upstream.

With the previous fixes for number of files open checking, I added some
debug code to see if we had other spots where we're checking rlimit()
against the async io-wq workers. The only one I found was file size
checking, which we should also honor.

During write and fallocate prep, store the max file size and override
that for the current ask if we're in io-wq worker context.

Cc: stable@xxxxxxxxxxxxxxx # 5.1+
Signed-off-by: Jens Axboe <axboe@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>


---
fs/io_uring.c | 13 +++++++++++++
1 file changed, 13 insertions(+)

--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -565,6 +565,7 @@ struct io_kiocb {
struct list_head link_list;
unsigned int flags;
refcount_t refs;
+ unsigned long fsize;
u64 user_data;
u32 result;
u32 sequence;
@@ -2294,6 +2295,8 @@ static int io_write_prep(struct io_kiocb
if (unlikely(!(req->file->f_mode & FMODE_WRITE)))
return -EBADF;

+ req->fsize = rlimit(RLIMIT_FSIZE);
+
/* either don't need iovec imported or already have it */
if (!req->io || req->flags & REQ_F_NEED_CLEANUP)
return 0;
@@ -2366,10 +2369,17 @@ static int io_write(struct io_kiocb *req
}
kiocb->ki_flags |= IOCB_WRITE;

+ if (!force_nonblock)
+ current->signal->rlim[RLIMIT_FSIZE].rlim_cur = req->fsize;
+
if (req->file->f_op->write_iter)
ret2 = call_write_iter(req->file, kiocb, &iter);
else
ret2 = loop_rw_iter(WRITE, req->file, kiocb, &iter);
+
+ if (!force_nonblock)
+ current->signal->rlim[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY;
+
/*
* Raw bdev writes will -EOPNOTSUPP for IOCB_NOWAIT. Just
* retry them without IOCB_NOWAIT.
@@ -2512,8 +2522,10 @@ static void io_fallocate_finish(struct i
if (io_req_cancelled(req))
return;

+ current->signal->rlim[RLIMIT_FSIZE].rlim_cur = req->fsize;
ret = vfs_fallocate(req->file, req->sync.mode, req->sync.off,
req->sync.len);
+ current->signal->rlim[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY;
if (ret < 0)
req_set_fail_links(req);
io_cqring_add_event(req, ret);
@@ -2531,6 +2543,7 @@ static int io_fallocate_prep(struct io_k
req->sync.off = READ_ONCE(sqe->off);
req->sync.len = READ_ONCE(sqe->addr);
req->sync.mode = READ_ONCE(sqe->len);
+ req->fsize = rlimit(RLIMIT_FSIZE);
return 0;
}