Received: by 10.223.164.202 with SMTP id h10csp769650wrb; Tue, 14 Nov 2017 09:19:39 -0800 (PST) X-Google-Smtp-Source: AGs4zMY/6B+cdwELDYbw9HN+nGFumbdNoXEIfAnuME0Bd6Ay3ECovGILLQu3A75/N6/d2V80Bo9b X-Received: by 10.98.0.5 with SMTP id 5mr9852453pfa.34.1510679979177; Tue, 14 Nov 2017 09:19:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1510679979; cv=none; d=google.com; s=arc-20160816; b=MWA0P0DURvyrYX5HMH8VFKaExP5qJyCRrDRrHW3tR15c1K1k8/JT/MjAn4gAlEuVha HsnAdNkjwe6I67xXqOTt51mCEv1X3O0hrDbOYFiJPHr+lWMvS4yAbzZE74sQl68NYIqI v+dtpe8hNQNlnir8qy5dcSHHik8guEwmiCQH+nzJCdtixXKoAvh3Os/I/k7xWLJ8AiIo x7rSYeTgLphJhMgAxADLBAPFqCVk8iP/Xh+cfRzGSS+xllYW2IO+Vj3h6D+jrcSEMm2/ FWAqdYm7CNOJyVp4VLlxBT0jXhQ2orgamfER0NuwEkWZMFKS6pB1Lqz5vjOb1NOAFspF //hw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=IE86a1Si7428RLCNDOtMwBFRoRb92uZlISUkRpuT3s4=; b=h1EOQQGJudMSxboWQ9OeAE5QwSX/yz20aH6/OjUFK9NE+yWsBAPStlJmfu/hSYlbm+ cM8VyPU7vktGj4ORveGdSPh3QXjHrIq5UocurXGL2QFUKGgVw3HfkSyGp2td8cDKL/Mj WUi90SNhmSxykpFFq+hWZL/ewhYe7YRp5TOso0sMxoTTFkLz7khS6ULq43c8twdbYuoN zSIaio5Rtq1eNtJhzVLEH1nVQvPSruW55p5zX/JI3qSeMf9U0VZshg1yiaGK2jcXXCxJ GHX8rrPGszG7/DiWzJMnBUGHaemdCN0FU7ge0wNJB9+gFwA+g4V2srdQFtdO4ENxyWaW fwQQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 26si17877273pfl.261.2017.11.14.09.19.27; Tue, 14 Nov 2017 09:19:39 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932113AbdKNRSQ (ORCPT + 88 others); Tue, 14 Nov 2017 12:18:16 -0500 Received: from fieldses.org ([173.255.197.46]:34152 "EHLO fieldses.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755955AbdKNRR5 (ORCPT ); Tue, 14 Nov 2017 12:17:57 -0500 Received: by fieldses.org (Postfix, from userid 2815) id 981302557; Tue, 14 Nov 2017 12:17:57 -0500 (EST) Date: Tue, 14 Nov 2017 12:17:57 -0500 From: "J. Bruce Fields" To: Vitaly Lipatov Cc: wine-patches , Jeff Layton , Alexander Viro , linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v3] fs/fcntl: restore checking against COMPAT_LOFF_T_MAX for F_GETLK64 Message-ID: <20171114171757.GF18192@fieldses.org> References: <20171114134715.21649-1-lav@etersoft.ru> <20171114164818.6783-1-lav@etersoft.ru> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20171114164818.6783-1-lav@etersoft.ru> User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Nov 14, 2017 at 07:48:18PM +0300, Vitaly Lipatov wrote: > for fcntl64 with F_GETLK64 we need use checking against COMPAT_LOFF_T_MAX. > > Fixes: 94073ad77fff2 "fs/locks: don't mess with the address limit in compat_fcntl64" > > Signed-off-by: Vitaly Lipatov > --- > fs/fcntl.c | 14 +++++++------- > 1 file changed, 7 insertions(+), 7 deletions(-) > > diff --git a/fs/fcntl.c b/fs/fcntl.c > index 30f47d0..e9443d9 100644 > --- a/fs/fcntl.c > +++ b/fs/fcntl.c > @@ -590,17 +590,17 @@ convert_fcntl_cmd(unsigned int cmd) > * GETLK was successful and we need to return the data, but it needs to fit in > * the compat structure. > * l_start shouldn't be too big, unless the original start + end is greater than I assume that should be start + end. > - * COMPAT_OFF_T_MAX, in which case the app was asking for trouble, so we return > + * off_t_max, in which case the app was asking for trouble, so we return > * -EOVERFLOW in that case. It took me a minute to understand. OK, I get it, the application's not supposed to issue a GETLK with offset+len too large, so of course it shouldn't encounter a conflicting lock out there. I don't think that's true, though, thanks to the special interpretation of length 0 in the argument; it looks to me like we can find a conflict with a lock that starts beyond COMPAT_OFF_T_MAX in that case. I guess that's independent of your patch, though. --b. > l_len could be too big, in which case we just > * truncate it, and only allow the app to see that part of the conflicting lock > * that might make sense to it anyway > */ > -static int fixup_compat_flock(struct flock *flock) > +static int fixup_compat_flock(struct flock *flock, loff_t off_t_max) > { > - if (flock->l_start > COMPAT_OFF_T_MAX) > + if (flock->l_start > off_t_max) > return -EOVERFLOW; > - if (flock->l_len > COMPAT_OFF_T_MAX) > - flock->l_len = COMPAT_OFF_T_MAX; > + if (flock->l_len > off_t_max) > + flock->l_len = off_t_max; > return 0; > } > > @@ -631,7 +631,7 @@ COMPAT_SYSCALL_DEFINE3(fcntl64, unsigned int, fd, unsigned int, cmd, > err = fcntl_getlk(f.file, convert_fcntl_cmd(cmd), &flock); > if (err) > break; > - err = fixup_compat_flock(&flock); > + err = fixup_compat_flock(&flock, COMPAT_OFF_T_MAX); > if (err) > return err; > err = put_compat_flock(&flock, compat_ptr(arg)); > @@ -644,7 +644,7 @@ COMPAT_SYSCALL_DEFINE3(fcntl64, unsigned int, fd, unsigned int, cmd, > err = fcntl_getlk(f.file, convert_fcntl_cmd(cmd), &flock); > if (err) > break; > - err = fixup_compat_flock(&flock); > + err = fixup_compat_flock(&flock, COMPAT_LOFF_T_MAX); > if (err) > return err; > err = put_compat_flock64(&flock, compat_ptr(arg)); > -- > 2.10.4 From 1584061683748171366@xxx Tue Nov 14 17:02:23 +0000 2017 X-GM-THRID: 1584004086714411458 X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread