Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp566762ybz; Wed, 22 Apr 2020 03:52:46 -0700 (PDT) X-Google-Smtp-Source: APiQypIyjjXHMJCDBv3t0drRnW80rmJjX3/NWdZH8rolcnvaqKVF0i1u68rREgT2evFTcl21XOUF X-Received: by 2002:aa7:d606:: with SMTP id c6mr19747257edr.107.1587552766259; Wed, 22 Apr 2020 03:52:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1587552766; cv=none; d=google.com; s=arc-20160816; b=V4lvubZZdOQbF8UVC41R2XpeR5zRtq3eMiFhw+oEeRMmgBrvgwqZYPmGgqZp+cUFlH /T9YtKgBst4pNCkqXuY9+cSdYoI23BsuYsm9Vqbb+HY+a67gpVw+R85Y7UcFrIBwS7R1 ABlznmjlI1cLtdzFWEK3vs4cfuzdARSyNDNlY8C3H/Iv2F+9VVbKufDvmOkjkHBh2t8h dPTq87iW7sWD1LquClvOp1hdRoXFXW62A3s6wfnHro/2abl0XlqtN7elAGRxOJGp46wY 9wVKR5uSNfy8KWqpkiyKL/gyIlSEt0gDhncMiIS2gvhqz3vCxyHx/RTrHwjFlzMzsOUi NndQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=YpJU/FgPWdDtMMJl6YuGUaEROK8iNyl+q41hSYoskCw=; b=rdBOj94AvuqKT9uJKWA+L+V1QzsKSK2dWliGzQfIK3LJNnqgyZdn5743jwcyDDv7jY X6Sduryrq+1nMEvOTN1wKMdqSccgU4YNTRH8+Dz3YaqMWXV4J7ndNQ61+yuZULndDD9x +R0IGY70c2an5pLoG9zh5jajPVnQ5fLTd3EM4hLBKRj3WJLgZ5L/2MXoGVwfabSWe2PZ SvBoZ5/ryn4evKuIlQWq87cNcEJlvfJO6tAaAjOQg0CWotMmdE7AgOjoSUA2BxBN9fF1 Lzl16fsJhpum7uAl0wLnPtSMx1wGiRCF+LG1FzYklzvF8FsoreR2F0q3reD3LYLQxKyt wMWA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=gcN5eoz0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id dp15si4015019ejc.294.2020.04.22.03.52.23; Wed, 22 Apr 2020 03:52:46 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=gcN5eoz0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731919AbgDVKu2 (ORCPT + 99 others); Wed, 22 Apr 2020 06:50:28 -0400 Received: from mail.kernel.org ([198.145.29.99]:45214 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728376AbgDVKMR (ORCPT ); Wed, 22 Apr 2020 06:12:17 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 909072071E; Wed, 22 Apr 2020 10:12:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1587550336; bh=ku/WBQgDgTsASdjlbTI9Gz4PTwRb7TBqXG5/TcklQrI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=gcN5eoz0WQNg+F05ayrYhOk+gARoLyRSsyK/HMfYeHoxpKB0/8s1NE1tEQI/o3BbO yTeO5F6E3Msct+WITdda49Yvk4KW5BWsmj0/LGno1ve4NY91+li3hUZe/ihZ6+52Yn XHeX/lMl1LXvvXIgaIMPxYDLmDqXMoLlux4cBgLg= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Yilu Lin , Steve French , Ronnie Sahlberg Subject: [PATCH 4.14 063/199] CIFS: Fix bug which the return value by asynchronous read is error Date: Wed, 22 Apr 2020 11:56:29 +0200 Message-Id: <20200422095104.559673854@linuxfoundation.org> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200422095057.806111593@linuxfoundation.org> References: <20200422095057.806111593@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Yilu Lin commit 97adda8b3ab703de8e4c8d27646ddd54fe22879c upstream. This patch is used to fix the bug in collect_uncached_read_data() that rc is automatically converted from a signed number to an unsigned number when the CIFS asynchronous read fails. It will cause ctx->rc is error. Example: Share a directory and create a file on the Windows OS. Mount the directory to the Linux OS using CIFS. On the CIFS client of the Linux OS, invoke the pread interface to deliver the read request. The size of the read length plus offset of the read request is greater than the maximum file size. In this case, the CIFS server on the Windows OS returns a failure message (for example, the return value of smb2.nt_status is STATUS_INVALID_PARAMETER). After receiving the response message, the CIFS client parses smb2.nt_status to STATUS_INVALID_PARAMETER and converts it to the Linux error code (rdata->result=-22). Then the CIFS client invokes the collect_uncached_read_data function to assign the value of rdata->result to rc, that is, rc=rdata->result=-22. The type of the ctx->total_len variable is unsigned integer, the type of the rc variable is integer, and the type of the ctx->rc variable is ssize_t. Therefore, during the ternary operation, the value of rc is automatically converted to an unsigned number. The final result is ctx->rc=4294967274. However, the expected result is ctx->rc=-22. Signed-off-by: Yilu Lin Signed-off-by: Steve French CC: Stable Acked-by: Ronnie Sahlberg Signed-off-by: Greg Kroah-Hartman --- fs/cifs/file.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/fs/cifs/file.c +++ b/fs/cifs/file.c @@ -3303,7 +3303,7 @@ again: if (rc == -ENODATA) rc = 0; - ctx->rc = (rc == 0) ? ctx->total_len : rc; + ctx->rc = (rc == 0) ? (ssize_t)ctx->total_len : rc; mutex_unlock(&ctx->aio_mutex);