| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20211021122936.758221-3-yukuai3@huawei.com>
Date: Thu, 21 Oct 2021 20:29:36 +0800
From: Yu Kuai <yukuai3@...wei.com>
To: <josef@...icpanda.com>, <axboe@...nel.dk>, <paskripkin@...il.com>
CC: <linux-block@...r.kernel.org>, <nbd@...er.debian.org>,
<linux-kernel@...r.kernel.org>, <yukuai3@...wei.com>,
<yi.zhang@...wei.com>, <luomeng12@...wei.com>
Subject: [PATCH 2/2] nbd: fix possible overflow for 'first_minor' in nbd_dev_add()
If 'part_shift' is not zero, then 'index << part_shift' might
overflow to a value that is not greater than '0xfffff', then sysfs
might complains about duplicate creation.
Fixes: b0d9111a2d53 ("nbd: use an idr to keep track of nbd devices")
Signed-off-by: Yu Kuai <yukuai3@...wei.com>
---
drivers/block/nbd.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/drivers/block/nbd.c b/drivers/block/nbd.c
index 8f2c17a33c5b..03a10a87500d 100644
--- a/drivers/block/nbd.c
+++ b/drivers/block/nbd.c
@@ -1808,11 +1808,11 @@ static struct nbd_device *nbd_dev_add(int index, unsigned int refs)
disk->major = NBD_MAJOR;
/* Too big first_minor can cause duplicate creation of
- * sysfs files/links, since MKDEV() expect that the max bits of
- * first_minor is 20.
+ * sysfs files/links, since index << part_shift might overflow, or
+ * MKDEV() expect that the max bits of first_minor is 20.
*/
disk->first_minor = index << part_shift;
- if (disk->first_minor > 0xfffff) {
+ if (disk->first_minor < index || disk->first_minor > 0xfffff) {
err = -EINVAL;
goto out_free_idr;
}
--
2.31.1
Powered by blists - more mailing lists