提交 ccf16413 编写于 作者: K Khazhismel Kumykov 提交者: Jens Axboe

block/compat_ioctl: fix range check in BLKGETSIZE

kernel ulong and compat_ulong_t may not be same width. Use type directly
to eliminate mismatches.

This would result in truncation rather than EFBIG for 32bit mode for
large disks.
Reviewed-by: NBart Van Assche <bvanassche@acm.org>
Signed-off-by: NKhazhismel Kumykov <khazhy@google.com>
Reviewed-by: NChaitanya Kulkarni <kch@nvidia.com>
Link: https://lore.kernel.org/r/20220414224056.2875681-1-khazhy@google.comSigned-off-by: NJens Axboe <axboe@kernel.dk>
上级 3e3876d3
...@@ -629,7 +629,7 @@ long compat_blkdev_ioctl(struct file *file, unsigned cmd, unsigned long arg) ...@@ -629,7 +629,7 @@ long compat_blkdev_ioctl(struct file *file, unsigned cmd, unsigned long arg)
return compat_put_long(argp, return compat_put_long(argp,
(bdev->bd_disk->bdi->ra_pages * PAGE_SIZE) / 512); (bdev->bd_disk->bdi->ra_pages * PAGE_SIZE) / 512);
case BLKGETSIZE: case BLKGETSIZE:
if (bdev_nr_sectors(bdev) > ~0UL) if (bdev_nr_sectors(bdev) > ~(compat_ulong_t)0)
return -EFBIG; return -EFBIG;
return compat_put_ulong(argp, bdev_nr_sectors(bdev)); return compat_put_ulong(argp, bdev_nr_sectors(bdev));
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册