From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.3 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_PASS,USER_AGENT_MUTT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5751AECDE3D for ; Thu, 18 Oct 2018 00:42:07 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 1B339204EC for ; Thu, 18 Oct 2018 00:42:07 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1B339204EC Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=ZenIV.linux.org.uk Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-btrfs-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727344AbeJRIkW (ORCPT ); Thu, 18 Oct 2018 04:40:22 -0400 Received: from zeniv.linux.org.uk ([195.92.253.2]:39400 "EHLO ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726644AbeJRIkW (ORCPT ); Thu, 18 Oct 2018 04:40:22 -0400 Received: from viro by ZenIV.linux.org.uk with local (Exim 4.90_1 #2 (Red Hat Linux)) id 1gCwNw-0003RR-Bk; Thu, 18 Oct 2018 00:41:56 +0000 Date: Thu, 18 Oct 2018 01:41:56 +0100 From: Al Viro To: "Darrick J. Wong" Cc: david@fromorbit.com, sandeen@redhat.com, linux-nfs@vger.kernel.org, linux-cifs@vger.kernel.org, Amir Goldstein , linux-unionfs@vger.kernel.org, linux-xfs@vger.kernel.org, linux-mm@kvack.org, linux-btrfs@vger.kernel.org, linux-fsdevel@vger.kernel.org, Christoph Hellwig , ocfs2-devel@oss.oracle.com Subject: Re: [PATCH 04/29] vfs: strengthen checking of file range inputs to generic_remap_checks Message-ID: <20181018004156.GA12386@ZenIV.linux.org.uk> References: <153981625504.5568.2708520119290577378.stgit@magnolia> <153981628292.5568.2466587869276881561.stgit@magnolia> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <153981628292.5568.2466587869276881561.stgit@magnolia> User-Agent: Mutt/1.9.1 (2017-09-22) Sender: linux-btrfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org On Wed, Oct 17, 2018 at 03:44:43PM -0700, Darrick J. Wong wrote: > +static int generic_access_check_limits(struct file *file, loff_t pos, > + loff_t *count) > +{ > + struct inode *inode = file->f_mapping->host; > + > + /* Don't exceed the LFS limits. */ > + if (unlikely(pos + *count > MAX_NON_LFS && > + !(file->f_flags & O_LARGEFILE))) { > + if (pos >= MAX_NON_LFS) > + return -EFBIG; > + *count = min(*count, (loff_t)MAX_NON_LFS - pos); Can that can be different from MAX_NON_LFS - pos? > + } > + > + /* > + * Don't operate on ranges the page cache doesn't support. > + * > + * If we have written data it becomes a short write. If we have > + * exceeded without writing data we send a signal and return EFBIG. > + * Linus frestrict idea will clean these up nicely.. > + */ > + if (unlikely(pos >= inode->i_sb->s_maxbytes)) > + return -EFBIG; > + > + *count = min(*count, inode->i_sb->s_maxbytes - pos); > + return 0; > +} Anyway, I would rather do this here: struct inode *inode = file->f_mapping->host; loff_t max_size = inode->i_sb->s_maxbytes; if (!(file->f_flags & O_LARGEFILE)) max_size = MAX_NON_LFS; if (unlikely(pos >= max_size)) return -EFBIG; *count = min(*count, max_size - pos); return 0;