Revert "loop: Remove sector_t truncation checks"
This reverts commitf92a3b0d00
, which was commit083a6a5078
upstream. In 4.19 there is still an option to use 32-bit sector_t on 32-bit architectures, so we need to keep checking for truncation. Since loop_set_status() was refactored by subsequent patches, this reintroduces its truncation check in loop_set_status_from_info() instead. I tested that the loop ioctl operations have the expected behaviour on x86_64, x86_32 with CONFIG_LBDAF=y, and (the special case) x86_32 with CONFIG_LBDAF=n. Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
parent
21bfca822c
commit
9bc1f1791d
|
@ -243,12 +243,16 @@ static void loop_set_size(struct loop_device *lo, loff_t size)
|
|||
kobject_uevent(&disk_to_dev(bdev->bd_disk)->kobj, KOBJ_CHANGE);
|
||||
}
|
||||
|
||||
static void
|
||||
static int
|
||||
figure_loop_size(struct loop_device *lo, loff_t offset, loff_t sizelimit)
|
||||
{
|
||||
loff_t size = get_size(offset, sizelimit, lo->lo_backing_file);
|
||||
sector_t x = (sector_t)size;
|
||||
|
||||
if (unlikely((loff_t)x != size))
|
||||
return -EFBIG;
|
||||
loop_set_size(lo, size);
|
||||
return 0;
|
||||
}
|
||||
|
||||
static inline int
|
||||
|
@ -996,7 +1000,10 @@ static int loop_set_fd(struct loop_device *lo, fmode_t mode,
|
|||
!file->f_op->write_iter)
|
||||
lo_flags |= LO_FLAGS_READ_ONLY;
|
||||
|
||||
error = -EFBIG;
|
||||
size = get_loop_size(lo, file);
|
||||
if ((loff_t)(sector_t)size != size)
|
||||
goto out_unlock;
|
||||
|
||||
error = loop_prepare_queue(lo);
|
||||
if (error)
|
||||
|
@ -1246,6 +1253,7 @@ loop_set_status_from_info(struct loop_device *lo,
|
|||
int err;
|
||||
struct loop_func_table *xfer;
|
||||
kuid_t uid = current_uid();
|
||||
loff_t new_size;
|
||||
|
||||
if ((unsigned int) info->lo_encrypt_key_size > LO_KEY_SIZE)
|
||||
return -EINVAL;
|
||||
|
@ -1273,6 +1281,11 @@ loop_set_status_from_info(struct loop_device *lo,
|
|||
if (info->lo_offset > LLONG_MAX || info->lo_sizelimit > LLONG_MAX)
|
||||
return -EOVERFLOW;
|
||||
|
||||
new_size = get_size(info->lo_offset, info->lo_sizelimit,
|
||||
lo->lo_backing_file);
|
||||
if ((loff_t)(sector_t)new_size != new_size)
|
||||
return -EFBIG;
|
||||
|
||||
lo->lo_offset = info->lo_offset;
|
||||
lo->lo_sizelimit = info->lo_sizelimit;
|
||||
|
||||
|
@ -1531,9 +1544,7 @@ static int loop_set_capacity(struct loop_device *lo)
|
|||
if (unlikely(lo->lo_state != Lo_bound))
|
||||
return -ENXIO;
|
||||
|
||||
figure_loop_size(lo, lo->lo_offset, lo->lo_sizelimit);
|
||||
|
||||
return 0;
|
||||
return figure_loop_size(lo, lo->lo_offset, lo->lo_sizelimit);
|
||||
}
|
||||
|
||||
static int loop_set_dio(struct loop_device *lo, unsigned long arg)
|
||||
|
|
Loading…
Reference in New Issue