Re: [RFC PATCH 2/4] quota: Don't issue audit messages on quota enforcing

Next message: WenTao Liang: "[PATCH v2] fix: net: renesas: rswitch_mii_register: fix double of_node_put after of_mdiobus_register"
Previous message: Jacopo Mondi: "[PATCH v2 2/6] media: Documentation: uapi: Update V4L2 ISP for extensible stats"
In reply to: cem: "[RFC PATCH 2/4] quota: Don't issue audit messages on quota enforcing"
Next in thread: Christoph Hellwig: "Re: [RFC PATCH 2/4] quota: Don't issue audit messages on quota enforcing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Darrick J. Wong

Date: Fri Jun 26 2026 - 11:25:57 EST

On Fri, Jun 26, 2026 at 01:45:21PM +0200, cem@xxxxxxxxxx wrote:
> From: Carlos Maiolino <cem@xxxxxxxxxx>
>
> Calling capable() to determine if we can bypass quota enforcement or not
> can trigger spurious audit messages. We don't really require it here so
> just use the capable_noaudit() version.
>
> Signed-off-by: Carlos Maiolino <cmaiolino@xxxxxxxxxx>
> ---
> fs/quota/dquot.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/quota/dquot.c b/fs/quota/dquot.c
> index 64cf42721496..1122a29215f7 100644
> --- a/fs/quota/dquot.c
> +++ b/fs/quota/dquot.c
> @@ -1308,7 +1308,7 @@ static int ignore_hardlimit(struct dquot *dquot)
> {
> struct mem_dqinfo *info = &sb_dqopt(dquot->dq_sb)->info[dquot->dq_id.type];
>
> - return capable(CAP_SYS_RESOURCE) &&
> + return capable_noaudit(CAP_SYS_RESOURCE) &&

Yeah, we're just checking if we're going to enforce hardlimits, not
actually denying something based on lack of capability. For all we know
the user is well under their disk quota limit.

Reviewed-by: "Darrick J. Wong" <djwong@xxxxxxxxxx>

--D

> (info->dqi_format->qf_fmt_id != QFMT_VFS_OLD ||
> !(info->dqi_flags & DQF_ROOT_SQUASH));
> }
> --
> 2.54.0
>
>