Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp3502824pxb; Mon, 18 Oct 2021 17:04:28 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyx3OdopOdK6WP9hwPgEzTVeB9CA06wyog7n4mhywHj+1CPrn6zdiMdoyzPEicM/oCcRbNj X-Received: by 2002:a17:907:774d:: with SMTP id kx13mr34780140ejc.239.1634601868345; Mon, 18 Oct 2021 17:04:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1634601868; cv=none; d=google.com; s=arc-20160816; b=g4sbzbGCs1Xyim1PrS3wcO101MAc50qe7xGMEZeCuqv2EVsbbETn3YhPGHS+kChzFh OGqhU9en6bwuWHLApWyY5W15h2111VNhLEmUV8Ocxn4Um78jiCQpx1g7drqdZaosBD3h Qs+AulT8Xy1OwcFnklvmEDPIXAqoTH+G2/evZ6pD+Tjy5UA2HNSbGaaEdJHCNW8JggYc dJH0oGwC5kwi0FawcfcBNv8mgqcWfWoGEhXjmT2OlU3iGoQbIlRTMGQVWOrbURgvt0gU wHqukE9uR4IpXjH8sI5VhRoOs2rpBucADQke53wTqoAPDgcaIlxgsMUz4zQvXBqc71vi IdTQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=hU25V60vf7YSLItIxHZlRc8MWrh1pwKbYhW3W0d6Ik4=; b=DbJdz6hLGMibUem4dgio4stqHa2+cwu1bfCBhjFLGmFRkxqkqVWBhabPp3XaNPcqC7 qfLDoBN6YNP79LEnnVgzNpXcnQdx51gwpuCI0UThoZ8FZ2wJTqYvKv+0lQi/YByqxEoO WCwebrIAvb+1dVTlVaiS9qm8tR5u5ax5f7HGANTFK3W5jwHZmoi0J4X3M/Xcc300wUGi My7Zqrt5fwudG8eMBOvZs5YLVsWQ25KE63Th63mDPr5uA4lDrWbAnt0ptyVkqGRj4kum cQN6Ro7S7fCmo4G8f2Ycr5ZHzdDXMf7ugjPXCQKQ1RbfBgt2tAcBjBHMnUFl4DxzswQl QEqQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=collabora.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id 13si21710419ejr.434.2021.10.18.17.04.02; Mon, 18 Oct 2021 17:04:28 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=collabora.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233888AbhJSAGM (ORCPT + 99 others); Mon, 18 Oct 2021 20:06:12 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38416 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229710AbhJSAGL (ORCPT ); Mon, 18 Oct 2021 20:06:11 -0400 Received: from bhuna.collabora.co.uk (bhuna.collabora.co.uk [IPv6:2a00:1098:0:82:1000:25:2eeb:e3e3]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E6FDAC06161C; Mon, 18 Oct 2021 17:03:59 -0700 (PDT) Received: from localhost (unknown [IPv6:2804:14c:124:8a08::1007]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: krisman) by bhuna.collabora.co.uk (Postfix) with ESMTPSA id 4A0671F41857; Tue, 19 Oct 2021 01:03:58 +0100 (BST) From: Gabriel Krisman Bertazi To: jack@suse.com, amir73il@gmail.com Cc: djwong@kernel.org, tytso@mit.edu, david@fromorbit.com, dhowells@redhat.com, khazhy@google.com, linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org, linux-api@vger.kernel.org, Gabriel Krisman Bertazi , kernel@collabora.com Subject: [PATCH v8 26/32] fanotify: WARN_ON against too large file handles Date: Mon, 18 Oct 2021 21:00:09 -0300 Message-Id: <20211019000015.1666608-27-krisman@collabora.com> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20211019000015.1666608-1-krisman@collabora.com> References: <20211019000015.1666608-1-krisman@collabora.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org struct fanotify_error_event, at least, is preallocated and isn't able to to handle arbitrarily large file handles. Future-proof the code by complaining loudly if a handle larger than MAX_HANDLE_SZ is ever found. Signed-off-by: Gabriel Krisman Bertazi --- fs/notify/fanotify/fanotify.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c index cedcb1546804..45df610debbe 100644 --- a/fs/notify/fanotify/fanotify.c +++ b/fs/notify/fanotify/fanotify.c @@ -360,13 +360,23 @@ static u32 fanotify_group_event_mask(struct fsnotify_group *group, static int fanotify_encode_fh_len(struct inode *inode) { int dwords = 0; + int fh_len; if (!inode) return 0; exportfs_encode_inode_fh(inode, NULL, &dwords, NULL); + fh_len = dwords << 2; - return dwords << 2; + /* + * struct fanotify_error_event might be preallocated and is + * limited to MAX_HANDLE_SZ. This should never happen, but + * safeguard by forcing an invalid file handle. + */ + if (WARN_ON_ONCE(fh_len > MAX_HANDLE_SZ)) + return 0; + + return fh_len; } /* -- 2.33.0