lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 28 Apr 2020 08:21:24 -0700
From:   "Darrick J. Wong" <darrick.wong@...cle.com>
To:     Christoph Hellwig <hch@....de>
Cc:     linux-ext4@...r.kernel.org, viro@...iv.linux.org.uk, jack@...e.cz,
        tytso@....edu, adilger@...ger.ca, riteshh@...ux.ibm.com,
        amir73il@...il.com, linux-fsdevel@...r.kernel.org,
        linux-unionfs@...r.kernel.org
Subject: Re: [PATCH 10/11] fs: remove the access_ok() check in ioctl_fiemap

On Mon, Apr 27, 2020 at 08:19:56PM +0200, Christoph Hellwig wrote:
> access_ok just checks we are fed a proper user pointer.  We also do that
> in copy_to_user itself, so no need to do this early.
> 
> Signed-off-by: Christoph Hellwig <hch@....de>

Hmm.  It's a minor behavioral change that we no longer require the
entire extent array to be accessible at the start even if parts of it
would never have gotten accessed, but I don't think that matters, so:

Reviewed-by: Darrick J. Wong <darrick.wong@...cle.com>

--D

> ---
>  fs/ioctl.c | 6 +-----
>  1 file changed, 1 insertion(+), 5 deletions(-)
> 
> diff --git a/fs/ioctl.c b/fs/ioctl.c
> index ae0d228d18a16..d24afce649037 100644
> --- a/fs/ioctl.c
> +++ b/fs/ioctl.c
> @@ -209,13 +209,9 @@ static int ioctl_fiemap(struct file *filp, struct fiemap __user *ufiemap)
>  	fieinfo.fi_extents_max = fiemap.fm_extent_count;
>  	fieinfo.fi_extents_start = ufiemap->fm_extents;
>  
> -	if (fiemap.fm_extent_count != 0 &&
> -	    !access_ok(fieinfo.fi_extents_start,
> -		       fieinfo.fi_extents_max * sizeof(struct fiemap_extent)))
> -		return -EFAULT;
> -
>  	error = inode->i_op->fiemap(inode, &fieinfo, fiemap.fm_start,
>  			fiemap.fm_length);
> +
>  	fiemap.fm_flags = fieinfo.fi_flags;
>  	fiemap.fm_mapped_extents = fieinfo.fi_extents_mapped;
>  	if (copy_to_user(ufiemap, &fiemap, sizeof(fiemap)))
> -- 
> 2.26.1
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ