gfs2: move privileged user check to gfs2_quota_lock_check

Before this patch, function gfs2_quota_lock checked if it was called from a privileged user, and if so, it bypassed the quota check: superuser can operate outside the quotas. That's the wrong place for the check because the lock/unlock functions are separate from the lock_check function, and you can do lock and unlock without actually checking the quotas. This patch moves the check to gfs2_quota_lock_check. Signed-off-by: Bob Peterson <rpeterso@redhat.com> Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
author: Bob Peterson <rpeterso@redhat.com> 2020-05-05 19:53:21 +0300
committer: Andreas Gruenbacher <agruenba@redhat.com> 2020-05-08 19:47:58 +0300
commit: 4ed0c30811cb4d30ef89850b787a53a84d5d2bcb (patch)
tree: 7a9ea7fad5138fa93377f285bc3b44f872fb833a /fs/gfs2/quota.c
parent: e6ce26e571a813e6992c5148b27f2a4b17952080 (diff)
download: linux-4ed0c30811cb4d30ef89850b787a53a84d5d2bcb.tar.xz
1 files changed, 1 insertions, 2 deletions
diff --git a/fs/gfs2/quota.c b/fs/gfs2/quota.c
index c997cadc8d9a..ed2e488f98b3 100644
--- a/fs/gfs2/quota.c
+++ b/fs/gfs2/quota.c
@@ -1051,8 +1051,7 @@ int gfs2_quota_lock(struct gfs2_inode *ip, kuid_t uid, kgid_t gid)
 	u32 x;
 	int error = 0;
 
-	if (capable(CAP_SYS_RESOURCE) ||
-	    sdp->sd_args.ar_quota != GFS2_QUOTA_ON)
+	if (sdp->sd_args.ar_quota != GFS2_QUOTA_ON)
 		return 0;
 
 	error = gfs2_quota_hold(ip, uid, gid);
author	Bob Peterson <rpeterso@redhat.com>	2020-05-05 19:53:21 +0300
committer	Andreas Gruenbacher <agruenba@redhat.com>	2020-05-08 19:47:58 +0300
commit	4ed0c30811cb4d30ef89850b787a53a84d5d2bcb (patch)
tree	7a9ea7fad5138fa93377f285bc3b44f872fb833a /fs/gfs2/quota.c
parent	e6ce26e571a813e6992c5148b27f2a4b17952080 (diff)
download	linux-4ed0c30811cb4d30ef89850b787a53a84d5d2bcb.tar.xz