From: Akinobu Mita <akinobu.mita@gmail.com>
To: linux-scsi@vger.kernel.org
Cc: Akinobu Mita <akinobu.mita@gmail.com>,
Christoph Hellwig <hch@lst.de>, Jens Axboe <axboe@kernel.dk>,
"James E.J. Bottomley" <JBottomley@parallels.com>,
Douglas Gilbert <dgilbert@interlog.com>
Subject: [PATCH v2 1/6] block: fix BLKSECTGET ioctl when max_sectors is greater than USHRT_MAX
Date: Mon, 2 Jun 2014 22:56:44 +0900 [thread overview]
Message-ID: <1401717409-5236-2-git-send-email-akinobu.mita@gmail.com> (raw)
In-Reply-To: <1401717409-5236-1-git-send-email-akinobu.mita@gmail.com>
BLKSECTGET ioctl loads the request queue's max_sectors as unsigned
short value to the argument pointer. So if the max_sector is greater
than USHRT_MAX, the upper 16 bits of that is just discarded.
In such case, USHRT_MAX is more preferable than the lower 16 bits of
max_sectors.
Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Cc: Christoph Hellwig <hch@lst.de>
Cc: Jens Axboe <axboe@kernel.dk>
Cc: "James E.J. Bottomley" <JBottomley@parallels.com>
Cc: Douglas Gilbert <dgilbert@interlog.com>
Cc: linux-scsi@vger.kernel.org
---
No change from previous version.
block/compat_ioctl.c | 6 ++++--
block/ioctl.c | 5 ++++-
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/block/compat_ioctl.c b/block/compat_ioctl.c
index fbd5a67..e0393cd 100644
--- a/block/compat_ioctl.c
+++ b/block/compat_ioctl.c
@@ -663,6 +663,7 @@ long compat_blkdev_ioctl(struct file *file, unsigned cmd, unsigned long arg)
fmode_t mode = file->f_mode;
struct backing_dev_info *bdi;
loff_t size;
+ unsigned int max_sectors;
/*
* O_NDELAY can be altered using fcntl(.., F_SETFL, ..), so we have
@@ -718,8 +719,9 @@ long compat_blkdev_ioctl(struct file *file, unsigned cmd, unsigned long arg)
case BLKSSZGET: /* get block device hardware sector size */
return compat_put_int(arg, bdev_logical_block_size(bdev));
case BLKSECTGET:
- return compat_put_ushort(arg,
- queue_max_sectors(bdev_get_queue(bdev)));
+ max_sectors = min_t(unsigned int, USHRT_MAX,
+ queue_max_sectors(bdev_get_queue(bdev)));
+ return compat_put_ushort(arg, max_sectors);
case BLKROTATIONAL:
return compat_put_ushort(arg,
!blk_queue_nonrot(bdev_get_queue(bdev)));
diff --git a/block/ioctl.c b/block/ioctl.c
index 7d5c3b2..d6cda81 100644
--- a/block/ioctl.c
+++ b/block/ioctl.c
@@ -278,6 +278,7 @@ int blkdev_ioctl(struct block_device *bdev, fmode_t mode, unsigned cmd,
struct backing_dev_info *bdi;
loff_t size;
int ret, n;
+ unsigned int max_sectors;
switch(cmd) {
case BLKFLSBUF:
@@ -375,7 +376,9 @@ int blkdev_ioctl(struct block_device *bdev, fmode_t mode, unsigned cmd,
case BLKDISCARDZEROES:
return put_uint(arg, bdev_discard_zeroes_data(bdev));
case BLKSECTGET:
- return put_ushort(arg, queue_max_sectors(bdev_get_queue(bdev)));
+ max_sectors = min_t(unsigned int, USHRT_MAX,
+ queue_max_sectors(bdev_get_queue(bdev)));
+ return put_ushort(arg, max_sectors);
case BLKROTATIONAL:
return put_ushort(arg, !blk_queue_nonrot(bdev_get_queue(bdev)));
case BLKRASET:
--
1.9.1
next prev parent reply other threads:[~2014-06-02 13:57 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-06-02 13:56 [PATCH v2 0/6] scsi: increase upper limit for max_sectors Akinobu Mita
2014-06-02 13:56 ` Akinobu Mita [this message]
2014-06-02 17:09 ` [PATCH v2 1/6] block: fix BLKSECTGET ioctl when max_sectors is greater than USHRT_MAX Martin K. Petersen
2014-06-02 13:56 ` [PATCH v2 2/6] block: fix SG_[GS]ET_RESERVED_SIZE ioctl when max_sectors is huge Akinobu Mita
2014-06-02 13:56 ` [PATCH v2 3/6] sg: prevent integer overflow when converting from sectors to bytes Akinobu Mita
2014-06-02 17:05 ` Douglas Gilbert
2014-06-02 13:56 ` [PATCH v2 4/6] sd: use READ_16 or WRITE_16 when transfer length is greater than 0xffff Akinobu Mita
2014-06-02 17:00 ` Martin K. Petersen
2014-06-02 13:56 ` [PATCH v2 5/6] scsi: increase upper limit for max_sectors Akinobu Mita
2014-06-02 17:01 ` Martin K. Petersen
2014-06-02 13:56 ` [PATCH v2 6/6] scsi_debug: allow huge transfer length for read/write commands Akinobu Mita
2014-06-02 17:06 ` Douglas Gilbert
2014-06-02 17:08 ` Martin K. Petersen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1401717409-5236-2-git-send-email-akinobu.mita@gmail.com \
--to=akinobu.mita@gmail.com \
--cc=JBottomley@parallels.com \
--cc=axboe@kernel.dk \
--cc=dgilbert@interlog.com \
--cc=hch@lst.de \
--cc=linux-scsi@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.