blk_rq_unmap_user() returns -EFAULT if a program passes an invalid
address to kernel. SG_IO path needs to pass the returned value to user
space instead of ignoring it.
Signed-off-by: FUJITA Tomonori <[email protected]>
---
block/scsi_ioctl.c | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/block/scsi_ioctl.c b/block/scsi_ioctl.c
index 626ee27..84b7f87 100644
--- a/block/scsi_ioctl.c
+++ b/block/scsi_ioctl.c
@@ -217,7 +217,7 @@ static int blk_fill_sghdr_rq(struct request_queue *q, struct request *rq,
static int blk_complete_sghdr_rq(struct request *rq, struct sg_io_hdr *hdr,
struct bio *bio)
{
- int ret = 0;
+ int r, ret = 0;
/*
* fill in all the output members
@@ -242,7 +242,9 @@ static int blk_complete_sghdr_rq(struct request *rq, struct sg_io_hdr *hdr,
ret = -EFAULT;
}
- blk_rq_unmap_user(bio);
+ r = blk_rq_unmap_user(bio);
+ if (!ret)
+ ret = r;
blk_put_request(rq);
return ret;
--
1.6.0.6
Ping?
This patch is necessary to return a proper error for applications
issuing READ requests with a bogus buffer.
On Fri, 3 Apr 2009 20:49:03 +0900
FUJITA Tomonori <[email protected]> wrote:
> blk_rq_unmap_user() returns -EFAULT if a program passes an invalid
> address to kernel. SG_IO path needs to pass the returned value to user
> space instead of ignoring it.
>
> Signed-off-by: FUJITA Tomonori <[email protected]>
> ---
> block/scsi_ioctl.c | 6 ++++--
> 1 files changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/block/scsi_ioctl.c b/block/scsi_ioctl.c
> index 626ee27..84b7f87 100644
> --- a/block/scsi_ioctl.c
> +++ b/block/scsi_ioctl.c
> @@ -217,7 +217,7 @@ static int blk_fill_sghdr_rq(struct request_queue *q, struct request *rq,
> static int blk_complete_sghdr_rq(struct request *rq, struct sg_io_hdr *hdr,
> struct bio *bio)
> {
> - int ret = 0;
> + int r, ret = 0;
>
> /*
> * fill in all the output members
> @@ -242,7 +242,9 @@ static int blk_complete_sghdr_rq(struct request *rq, struct sg_io_hdr *hdr,
> ret = -EFAULT;
> }
>
> - blk_rq_unmap_user(bio);
> + r = blk_rq_unmap_user(bio);
> + if (!ret)
> + ret = r;
> blk_put_request(rq);
>
> return ret;
> --
> 1.6.0.6
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
On Mon, Apr 13 2009, FUJITA Tomonori wrote:
> Ping?
>
> This patch is necessary to return a proper error for applications
> issuing READ requests with a bogus buffer.
I'll add it.
--
Jens Axboe