[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <5f1f44be-80ad-4b4e-90a0-c2e4e8cd3dbf@app.fastmail.com>
Date: Mon, 01 Jul 2024 13:58:05 +0200
From: "Arnd Bergmann" <arnd@...db.de>
To: "Naresh Kamboju" <naresh.kamboju@...aro.org>,
"open list" <linux-kernel@...r.kernel.org>, linux-fsdevel@...r.kernel.org,
lkft-triage@...ts.linaro.org
Cc: "Jan Kara" <jack@...e.cz>, "Christian Brauner" <brauner@...nel.org>,
"Hugh Dickins" <hughd@...gle.com>, "Andrii Nakryiko" <andrii@...nel.org>,
"Alexander Viro" <viro@...iv.linux.org.uk>,
"Dan Carpenter" <dan.carpenter@...aro.org>,
"Anders Roxell" <anders.roxell@...aro.org>
Subject: Re: fs/proc/task_mmu.c:598:48: error: cast to pointer from integer of
different size
On Mon, Jul 1, 2024, at 12:19, Naresh Kamboju wrote:
> fs/proc/task_mmu.c: In function 'do_procmap_query':
> fs/proc/task_mmu.c:598:48: error: cast to pointer from integer of
> different size [-Werror=int-to-pointer-cast]
> 598 | if (karg.vma_name_size && copy_to_user((void __user
> *)karg.vma_name_addr,
> | ^
> fs/proc/task_mmu.c:605:48: error: cast to pointer from integer of
> different size [-Werror=int-to-pointer-cast]
> 605 | if (karg.build_id_size && copy_to_user((void __user
> *)karg.build_id_addr,
> | ^
> cc1: all warnings being treated as errors
>
There is already a fix in linux-next:
@@ -595,14 +595,14 @@ static int do_procmap_query(struct proc_maps_private *priv, void __user *uarg)
query_vma_teardown(mm, vma);
mmput(mm);
- if (karg.vma_name_size && copy_to_user((void __user *)karg.vma_name_addr,
+ if (karg.vma_name_size && copy_to_user((void __user *)(uintptr_t)karg.vma_name_addr,
name, karg.vma_name_size)) {
kfree(name_buf);
return -EFAULT;
}
This could be expressed slightly nicer using u64_to_user_ptr(),
but functionally that is the same.
I also see a slight issue in the use of .compat_ioctl:
const struct file_operations proc_pid_maps_operations = {
.open = pid_maps_open,
.read = seq_read,
.llseek = seq_lseek,
.release = proc_map_release,
+ .unlocked_ioctl = procfs_procmap_ioctl,
+ .compat_ioctl = procfs_procmap_ioctl,
};
Since the argument is always a pointer, this should be
.compat_ioctl = compat_ptr_ioctl,
In practice this is only relevant on 32-bit s390
tasks to sanitize the pointer value.
Arnd
Powered by blists - more mailing lists