| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 7 Jul 2020 19:18:23 -0700
From: Eric Biggers <ebiggers@...nel.org>
To: Daeho Jeong <daeho43@...il.com>
Cc: linux-kernel@...r.kernel.org,
linux-f2fs-devel@...ts.sourceforge.net, kernel-team@...roid.com,
Daeho Jeong <daehojeong@...gle.com>
Subject: Re: [f2fs-dev] [PATCH v4] f2fs: add F2FS_IOC_SEC_TRIM_FILE ioctl
Hi Daeho,
On Thu, Jun 18, 2020 at 09:51:52PM +0900, Daeho Jeong wrote:
> +static int f2fs_sec_trim_file(struct file *filp, unsigned long arg)
> +{
> + struct inode *inode = file_inode(filp);
> + struct f2fs_sb_info *sbi = F2FS_I_SB(inode);
> + struct address_space *mapping = inode->i_mapping;
> + struct block_device *prev_bdev = NULL;
> + struct f2fs_sectrim_range range;
> + pgoff_t index, pg_end;
> + block_t prev_block = 0, len = 0;
> + u64 end_addr;
> + bool to_end;
> + int ret = 0;
> +
> + if (!(filp->f_mode & FMODE_WRITE))
> + return -EBADF;
> +
> + if (copy_from_user(&range, (struct f2fs_sectrim_range __user *)arg,
> + sizeof(range)))
> + return -EFAULT;
> +
> + if (range.flags == 0 || (range.flags & ~F2FS_TRIM_FILE_MASK) ||
> + !S_ISREG(inode->i_mode))
> + return -EINVAL;
> +
> + if ((range.flags & F2FS_TRIM_FILE_DISCARD) &&
> + !f2fs_hw_support_discard(sbi))
> + return -EOPNOTSUPP;
> +
> + file_start_write(filp);
> + inode_lock(inode);
> +
> + if (f2fs_is_atomic_file(inode) || f2fs_compressed_file(inode)) {
> + ret = -EINVAL;
> + goto err;
> + }
> +
> + if (inode->i_size == 0)
> + goto err;
> +
> + end_addr = range.start + range.len;
> + if (end_addr > inode->i_size) {
> + ret = -EINVAL;
> + goto err;
> + }
This is missing a check that range.start + range.len doesn't overflow.
- Eric
Powered by blists - more mailing lists