| Message ID | 20220419191239.588421-1-khazhy@google.com |
|---|---|
| State | New |
| Headers | show |
| Series | block/compat_ioctl: fix range check in BLKGETSIZE | expand |
On Thu, Apr 21, 2022 at 3:02 AM Greg KH <gregkh@linuxfoundation.org> wrote: > > On Tue, Apr 19, 2022 at 12:12:39PM -0700, Khazhismel Kumykov wrote: > > [ Upstream commit ccf16413e520164eb718cf8b22a30438da80ff23 ] > > > > kernel ulong and compat_ulong_t may not be same width. Use type directly > > to eliminate mismatches. > > > > This would result in truncation rather than EFBIG for 32bit mode for > > large disks. > > > > Reviewed-by: Bart Van Assche <bvanassche@acm.org> > > Signed-off-by: Khazhismel Kumykov <khazhy@google.com> > > Reviewed-by: Chaitanya Kulkarni <kch@nvidia.com> > > Link: https://lore.kernel.org/r/20220414224056.2875681-1-khazhy@google.com > > Signed-off-by: Jens Axboe <axboe@kernel.dk> > > [compat_ioctl is it's own file in 5.4-stable and earlier] > > --- > > > > The original commit should apply to the newer stables > > It does not, it only applied to 5.17.y. > > Please provide working backports for all of the others. > > > this should apply > > to all the older stables. > > I'll wait for the 5.10.y and 5.15.y backport first before applying this > one. I double checked and the above patch applied to 4.9-5.4 for me > > thanks, > > greg k-h
On Mon, Apr 25, 2022 at 12:29:41PM -0700, Khazhy Kumykov wrote: > On Thu, Apr 21, 2022 at 3:02 AM Greg KH <gregkh@linuxfoundation.org> wrote: > > > > On Tue, Apr 19, 2022 at 12:12:39PM -0700, Khazhismel Kumykov wrote: > > > [ Upstream commit ccf16413e520164eb718cf8b22a30438da80ff23 ] > > > > > > kernel ulong and compat_ulong_t may not be same width. Use type directly > > > to eliminate mismatches. > > > > > > This would result in truncation rather than EFBIG for 32bit mode for > > > large disks. > > > > > > Reviewed-by: Bart Van Assche <bvanassche@acm.org> > > > Signed-off-by: Khazhismel Kumykov <khazhy@google.com> > > > Reviewed-by: Chaitanya Kulkarni <kch@nvidia.com> > > > Link: https://lore.kernel.org/r/20220414224056.2875681-1-khazhy@google.com > > > Signed-off-by: Jens Axboe <axboe@kernel.dk> > > > [compat_ioctl is it's own file in 5.4-stable and earlier] > > > --- > > > > > > The original commit should apply to the newer stables > > > > It does not, it only applied to 5.17.y. > > > > Please provide working backports for all of the others. > > > > > this should apply > > > to all the older stables. > > > > I'll wait for the 5.10.y and 5.15.y backport first before applying this > > one. > I double checked and the above patch applied to 4.9-5.4 for me All now queued up, thanks. greg k-h
diff --git a/block/compat_ioctl.c b/block/compat_ioctl.c index 7f053468b50d..d490ac220ba8 100644 --- a/block/compat_ioctl.c +++ b/block/compat_ioctl.c @@ -393,7 +393,7 @@ long compat_blkdev_ioctl(struct file *file, unsigned cmd, unsigned long arg) return 0; case BLKGETSIZE: size = i_size_read(bdev->bd_inode); - if ((size >> 9) > ~0UL) + if ((size >> 9) > ~(compat_ulong_t)0) return -EFBIG; return compat_put_ulong(arg, size >> 9);