| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 12 May 2022 13:12:47 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: kbuild@...ts.01.org,
Allison Henderson <allison.henderson@...cle.com>
Cc: lkp@...el.com, kbuild-all@...ts.01.org,
linux-kernel@...r.kernel.org
Subject: [allisonhenderson-xfs-work:larp_cleanupv4_pptrs 35/35]
fs/xfs/xfs_ioctl.c:1756 xfs_ioc_get_parent_pointer() warn: maybe return
-EFAULT instead of the bytes remaining?
tree: https://github.com/allisonhenderson/xfs_work.git larp_cleanupv4_pptrs
head: 3d7771d8177638d5d115404cbee0b9a77cf0bb4c
commit: 3d7771d8177638d5d115404cbee0b9a77cf0bb4c [35/35] xfs: Add parent pointer ioctl
config: i386-randconfig-m031-20220509 (https://download.01.org/0day-ci/archive/20220512/202205121128.R82udPf8-lkp@intel.com/config)
compiler: gcc-11 (Debian 11.2.0-20) 11.2.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@...el.com>
Reported-by: Dan Carpenter <dan.carpenter@...cle.com>
smatch warnings:
fs/xfs/xfs_ioctl.c:1756 xfs_ioc_get_parent_pointer() warn: maybe return -EFAULT instead of the bytes remaining?
vim +1756 fs/xfs/xfs_ioctl.c
3d7771d8177638 Allison Henderson 2022-05-10 1689 STATIC int
3d7771d8177638 Allison Henderson 2022-05-10 1690 xfs_ioc_get_parent_pointer(
3d7771d8177638 Allison Henderson 2022-05-10 1691 struct file *filp,
3d7771d8177638 Allison Henderson 2022-05-10 1692 void __user *arg)
3d7771d8177638 Allison Henderson 2022-05-10 1693 {
3d7771d8177638 Allison Henderson 2022-05-10 1694 struct xfs_pptr_info *ppi = NULL;
I would just declare ppi on the stack to void the krealloc(). It's
not a huge struct.
3d7771d8177638 Allison Henderson 2022-05-10 1695 int error = 0;
3d7771d8177638 Allison Henderson 2022-05-10 1696 struct xfs_inode *ip = XFS_I(file_inode(filp));
3d7771d8177638 Allison Henderson 2022-05-10 1697 struct xfs_mount *mp = ip->i_mount;
3d7771d8177638 Allison Henderson 2022-05-10 1698
3d7771d8177638 Allison Henderson 2022-05-10 1699 if (!capable(CAP_SYS_ADMIN))
3d7771d8177638 Allison Henderson 2022-05-10 1700 return -EPERM;
3d7771d8177638 Allison Henderson 2022-05-10 1701
3d7771d8177638 Allison Henderson 2022-05-10 1702 /* Allocate an xfs_pptr_info to put the user data */
3d7771d8177638 Allison Henderson 2022-05-10 1703 ppi = kmem_alloc(sizeof(struct xfs_pptr_info), 0);
3d7771d8177638 Allison Henderson 2022-05-10 1704 if (!ppi)
3d7771d8177638 Allison Henderson 2022-05-10 1705 return -ENOMEM;
3d7771d8177638 Allison Henderson 2022-05-10 1706
3d7771d8177638 Allison Henderson 2022-05-10 1707 /* Copy the data from the user */
3d7771d8177638 Allison Henderson 2022-05-10 1708 error = copy_from_user(ppi, arg, sizeof(struct xfs_pptr_info));
3d7771d8177638 Allison Henderson 2022-05-10 1709 if (error)
3d7771d8177638 Allison Henderson 2022-05-10 1710 goto out;
copy_from_user() returns the number of bytes remaining but we want to
return -EFAULT to the user.
if (copy_from_user(ppi, arg, sizeof(struct xfs_pptr_info))) {
error = -EFAULT;
goto out;
}
3d7771d8177638 Allison Henderson 2022-05-10 1711
3d7771d8177638 Allison Henderson 2022-05-10 1712 /* Check size of buffer requested by user */
3d7771d8177638 Allison Henderson 2022-05-10 1713 if (XFS_PPTR_INFO_SIZEOF(ppi->pi_ptrs_size) > XFS_XATTR_LIST_MAX) {
3d7771d8177638 Allison Henderson 2022-05-10 1714 error = -ENOMEM;
3d7771d8177638 Allison Henderson 2022-05-10 1715 goto out;
3d7771d8177638 Allison Henderson 2022-05-10 1716 }
3d7771d8177638 Allison Henderson 2022-05-10 1717
3d7771d8177638 Allison Henderson 2022-05-10 1718 /*
3d7771d8177638 Allison Henderson 2022-05-10 1719 * Now that we know how big the trailing buffer is, expand
3d7771d8177638 Allison Henderson 2022-05-10 1720 * our kernel xfs_pptr_info to be the same size
3d7771d8177638 Allison Henderson 2022-05-10 1721 */
3d7771d8177638 Allison Henderson 2022-05-10 1722 ppi = krealloc(ppi, XFS_PPTR_INFO_SIZEOF(ppi->pi_ptrs_size),
3d7771d8177638 Allison Henderson 2022-05-10 1723 GFP_NOFS | __GFP_NOFAIL);
3d7771d8177638 Allison Henderson 2022-05-10 1724 if (!ppi)
3d7771d8177638 Allison Henderson 2022-05-10 1725 return -ENOMEM;
3d7771d8177638 Allison Henderson 2022-05-10 1726
3d7771d8177638 Allison Henderson 2022-05-10 1727 if (ppi->pi_flags != 0 && ppi->pi_flags != XFS_PPTR_IFLAG_HANDLE) {
3d7771d8177638 Allison Henderson 2022-05-10 1728 error = -EINVAL;
3d7771d8177638 Allison Henderson 2022-05-10 1729 goto out;
3d7771d8177638 Allison Henderson 2022-05-10 1730 }
3d7771d8177638 Allison Henderson 2022-05-10 1731
3d7771d8177638 Allison Henderson 2022-05-10 1732 if (ppi->pi_flags == XFS_PPTR_IFLAG_HANDLE) {
3d7771d8177638 Allison Henderson 2022-05-10 1733 error = xfs_iget(mp, NULL, ppi->pi_handle.ha_fid.fid_ino,
3d7771d8177638 Allison Henderson 2022-05-10 1734 0, 0, &ip);
3d7771d8177638 Allison Henderson 2022-05-10 1735 if (error)
3d7771d8177638 Allison Henderson 2022-05-10 1736 goto out;
3d7771d8177638 Allison Henderson 2022-05-10 1737 }
3d7771d8177638 Allison Henderson 2022-05-10 1738
3d7771d8177638 Allison Henderson 2022-05-10 1739 if (ip->i_ino == mp->m_sb.sb_rootino)
3d7771d8177638 Allison Henderson 2022-05-10 1740 ppi->pi_flags |= XFS_PPTR_OFLAG_ROOT;
3d7771d8177638 Allison Henderson 2022-05-10 1741
3d7771d8177638 Allison Henderson 2022-05-10 1742 /* Get the parent pointers */
3d7771d8177638 Allison Henderson 2022-05-10 1743 error = xfs_attr_get_parent_pointer(ip, ppi);
3d7771d8177638 Allison Henderson 2022-05-10 1744
3d7771d8177638 Allison Henderson 2022-05-10 1745 if (error)
3d7771d8177638 Allison Henderson 2022-05-10 1746 goto out;
3d7771d8177638 Allison Henderson 2022-05-10 1747
3d7771d8177638 Allison Henderson 2022-05-10 1748 /* Copy the parent pointers back to the user */
3d7771d8177638 Allison Henderson 2022-05-10 1749 error = copy_to_user(arg, ppi,
3d7771d8177638 Allison Henderson 2022-05-10 1750 XFS_PPTR_INFO_SIZEOF(ppi->pi_ptrs_size));
if (copy_to_user(arg, ppi, XFS_PPTR_INFO_SIZEOF(ppi->pi_ptrs_size))) {
error = -EFAULT;
goto out;
}
3d7771d8177638 Allison Henderson 2022-05-10 1751 if (error)
3d7771d8177638 Allison Henderson 2022-05-10 1752 goto out;
3d7771d8177638 Allison Henderson 2022-05-10 1753
3d7771d8177638 Allison Henderson 2022-05-10 1754 out:
3d7771d8177638 Allison Henderson 2022-05-10 1755 kmem_free(ppi);
3d7771d8177638 Allison Henderson 2022-05-10 @1756 return error;
3d7771d8177638 Allison Henderson 2022-05-10 1757 }
--
0-DAY CI Kernel Test Service
https://01.org/lkp
Powered by blists - more mailing lists