Public bug reported: SRU Justification
Impact: Currently shiftfs allows to exceed project quota and reserved space on e.g. ext2. See https://github.com/lxc/lxd/issues/6333 for a report, specifically https://github.com/lxc/lxd/issues/6333#issuecomment-545154838. This is caused by overriding the credentials with the superblock creator's credentials whenever we perform operations such as fallocate() or writes while retaining CAP_SYS_RESOURCE. Fix: Drop CAP_SYS_RESOURCE at superblock creation time from the effective capability set. Regression Potential: Limited to shiftfs. Dropping CAP_SYS_RESOURCE from the effective capability set should be fine and actually give us more security. Test Case: Try to exceed project quotas on a kernel and filesystem that supports them and see that it fails with the mentioned fix applied. Target Kernels: All LTS kernels with shiftfs support. ** Affects: linux (Ubuntu) Importance: Undecided Assignee: Christian Brauner (cbrauner) Status: In Progress ** Changed in: linux (Ubuntu) Assignee: (unassigned) => Christian Brauner (cbrauner) ** Changed in: linux (Ubuntu) Status: New => In Progress -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1849483 Title: shiftfs: prevent exceeding project quotas Status in linux package in Ubuntu: In Progress Bug description: SRU Justification Impact: Currently shiftfs allows to exceed project quota and reserved space on e.g. ext2. See https://github.com/lxc/lxd/issues/6333 for a report, specifically https://github.com/lxc/lxd/issues/6333#issuecomment-545154838. This is caused by overriding the credentials with the superblock creator's credentials whenever we perform operations such as fallocate() or writes while retaining CAP_SYS_RESOURCE. Fix: Drop CAP_SYS_RESOURCE at superblock creation time from the effective capability set. Regression Potential: Limited to shiftfs. Dropping CAP_SYS_RESOURCE from the effective capability set should be fine and actually give us more security. Test Case: Try to exceed project quotas on a kernel and filesystem that supports them and see that it fails with the mentioned fix applied. Target Kernels: All LTS kernels with shiftfs support. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1849483/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
