[PATCH v7 06/17] locks: fix posix lock range overflow handling

linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Jeff Layton <jlayton@redhat.com>
To: viro@ZenIV.linux.org.uk
Cc: linux-fsdevel@vger.kernel.org, bfields@fieldses.org
Subject: [PATCH v7 06/17] locks: fix posix lock range overflow handling
Date: Wed, 19 Mar 2014 16:45:50 -0400	[thread overview]
Message-ID: <1395261961-10855-7-git-send-email-jlayton@redhat.com> (raw)
In-Reply-To: <1395261961-10855-1-git-send-email-jlayton@redhat.com>

From: "J. Bruce Fields" <bfields@redhat.com>

In the 32-bit case fcntl assigns the 64-bit f_pos and i_size to a 32-bit
off_t.

The existing range checks also seem to depend on signed arithmetic
wrapping when it overflows.  In practice maybe that works, but we can be
more careful.  That also allows us to make a more reliable distinction
between -EINVAL and -EOVERFLOW.

Note that in the 32-bit case SEEK_CUR or SEEK_END might allow the caller
to set a lock with starting point no longer representable as a 32-bit
value.  We could return -EOVERFLOW in such cases, but the locks code is
capable of handling such ranges, so we choose to be lenient here.  The
only problem is that subsequent GETLK calls on such a lock will fail
with EOVERFLOW.

While we're here, do some cleanup including consolidating code for the
flock and flock64 cases.

Signed-off-by: J. Bruce Fields <bfields@redhat.com>
---
 fs/locks.c                       | 100 +++++++++++++--------------------------
 include/uapi/asm-generic/fcntl.h |   3 --
 2 files changed, 32 insertions(+), 71 deletions(-)

diff --git a/fs/locks.c b/fs/locks.c
index dd309333afc9..b49e853a9c7b 100644
--- a/fs/locks.c
+++ b/fs/locks.c
@@ -344,48 +344,43 @@ static int assign_type(struct file_lock *fl, long type)
 	return 0;
 }
 
-/* Verify a "struct flock" and copy it to a "struct file_lock" as a POSIX
- * style lock.
- */
-static int flock_to_posix_lock(struct file *filp, struct file_lock *fl,
-			       struct flock *l)
+static int flock64_to_posix_lock(struct file *filp, struct file_lock *fl,
+				 struct flock64 *l)
 {
-	off_t start, end;
-
 	switch (l->l_whence) {
 	case SEEK_SET:
-		start = 0;
+		fl->fl_start = 0;
 		break;
 	case SEEK_CUR:
-		start = filp->f_pos;
+		fl->fl_start = filp->f_pos;
 		break;
 	case SEEK_END:
-		start = i_size_read(file_inode(filp));
+		fl->fl_start = i_size_read(file_inode(filp));
 		break;
 	default:
 		return -EINVAL;
 	}
+	if (l->l_start > OFFSET_MAX - fl->fl_start)
+		return -EOVERFLOW;
+	fl->fl_start += l->l_start;
+	if (fl->fl_start < 0)
+		return -EINVAL;
 
 	/* POSIX-1996 leaves the case l->l_len < 0 undefined;
 	   POSIX-2001 defines it. */
-	start += l->l_start;
-	if (start < 0)
-		return -EINVAL;
-	fl->fl_end = OFFSET_MAX;
 	if (l->l_len > 0) {
-		end = start + l->l_len - 1;
-		fl->fl_end = end;
+		if (l->l_len - 1 > OFFSET_MAX - fl->fl_start)
+			return -EOVERFLOW;
+		fl->fl_end = fl->fl_start + l->l_len - 1;
+
 	} else if (l->l_len < 0) {
-		end = start - 1;
-		fl->fl_end = end;
-		start += l->l_len;
-		if (start < 0)
+		if (fl->fl_start + l->l_len < 0)
 			return -EINVAL;
-	}
-	fl->fl_start = start;	/* we record the absolute position */
-	if (fl->fl_end < fl->fl_start)
-		return -EOVERFLOW;
-	
+		fl->fl_end = fl->fl_start - 1;
+		fl->fl_start += l->l_len;
+	} else
+		fl->fl_end = OFFSET_MAX;
+
 	fl->fl_owner = current->files;
 	fl->fl_pid = current->tgid;
 	fl->fl_file = filp;
@@ -396,52 +391,21 @@ static int flock_to_posix_lock(struct file *filp, struct file_lock *fl,
 	return assign_type(fl, l->l_type);
 }
 
-#if BITS_PER_LONG == 32
-static int flock64_to_posix_lock(struct file *filp, struct file_lock *fl,
-				 struct flock64 *l)
+/* Verify a "struct flock" and copy it to a "struct file_lock" as a POSIX
+ * style lock.
+ */
+static int flock_to_posix_lock(struct file *filp, struct file_lock *fl,
+			       struct flock *l)
 {
-	loff_t start;
-
-	switch (l->l_whence) {
-	case SEEK_SET:
-		start = 0;
-		break;
-	case SEEK_CUR:
-		start = filp->f_pos;
-		break;
-	case SEEK_END:
-		start = i_size_read(file_inode(filp));
-		break;
-	default:
-		return -EINVAL;
-	}
+	struct flock64 ll = {
+		.l_type = l->l_type,
+		.l_whence = l->l_whence,
+		.l_start = l->l_start,
+		.l_len = l->l_len,
+	};
 
-	start += l->l_start;
-	if (start < 0)
-		return -EINVAL;
-	fl->fl_end = OFFSET_MAX;
-	if (l->l_len > 0) {
-		fl->fl_end = start + l->l_len - 1;
-	} else if (l->l_len < 0) {
-		fl->fl_end = start - 1;
-		start += l->l_len;
-		if (start < 0)
-			return -EINVAL;
-	}
-	fl->fl_start = start;	/* we record the absolute position */
-	if (fl->fl_end < fl->fl_start)
-		return -EOVERFLOW;
-	
-	fl->fl_owner = current->files;
-	fl->fl_pid = current->tgid;
-	fl->fl_file = filp;
-	fl->fl_flags = FL_POSIX;
-	fl->fl_ops = NULL;
-	fl->fl_lmops = NULL;
-
-	return assign_type(fl, l->l_type);
+	return flock64_to_posix_lock(filp, fl, &ll);
 }
-#endif
 
 /* default lease lock manager operations */
 static void lease_break_callback(struct file_lock *fl)
diff --git a/include/uapi/asm-generic/fcntl.h b/include/uapi/asm-generic/fcntl.h
index 95e46c8e05f9..36025f77c6ed 100644
--- a/include/uapi/asm-generic/fcntl.h
+++ b/include/uapi/asm-generic/fcntl.h
@@ -186,8 +186,6 @@ struct flock {
 };
 #endif
 
-#ifndef CONFIG_64BIT
-
 #ifndef HAVE_ARCH_STRUCT_FLOCK64
 #ifndef __ARCH_FLOCK64_PAD
 #define __ARCH_FLOCK64_PAD
@@ -202,6 +200,5 @@ struct flock64 {
 	__ARCH_FLOCK64_PAD
 };
 #endif
-#endif /* !CONFIG_64BIT */
 
 #endif /* _ASM_GENERIC_FCNTL_H */
-- 
1.8.5.3

next prev parent reply	other threads:[~2014-03-19 20:46 UTC|newest]

Thread overview: 32+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-03-19 20:45 [PATCH v7 00/17] locks: fixes for 3.15 and file-private lock support Jeff Layton
2014-03-19 20:45 ` [PATCH v7 01/17] locks: close potential race between setlease and open Jeff Layton
2014-03-19 20:45 ` [PATCH v7 02/17] locks: clean up comment typo Jeff Layton
2014-03-23 19:54   ` J. Bruce Fields
2014-03-19 20:45 ` [PATCH v7 03/17] locks: remove "inline" qualifier from fl_link manipulation functions Jeff Layton
2014-03-23 19:55   ` J. Bruce Fields
2014-03-19 20:45 ` [PATCH v7 04/17] locks: add __acquires and __releases annotations to locks_start and locks_stop Jeff Layton
2014-03-23 19:55   ` J. Bruce Fields
2014-03-19 20:45 ` [PATCH v7 05/17] locks: eliminate BUG() call when there's an unexpected lock on file close Jeff Layton
2014-03-23 20:01   ` J. Bruce Fields
2014-03-19 20:45 ` Jeff Layton [this message]
2014-03-19 20:45 ` [PATCH v7 07/17] locks: consolidate checks for compatible filp->f_mode values in setlk handlers Jeff Layton
2014-03-23 20:08   ` J. Bruce Fields
2014-03-19 20:45 ` [PATCH v7 08/17] locks: rename locks_remove_flock to locks_remove_file Jeff Layton
2014-03-23 22:58   ` J. Bruce Fields
2014-03-19 20:45 ` [PATCH v7 09/17] MAINTAINERS: add Bruce and myself to list of maintainers for file locking code Jeff Layton
2014-03-19 20:45 ` [PATCH v7 10/17] locks: make /proc/locks show IS_FILE_PVT locks with a P suffix Jeff Layton
2014-03-25  0:20   ` J. Bruce Fields
2014-03-25  0:57     ` Jeffrey Layton
2014-03-25  4:18       ` J. Bruce Fields
2014-03-29 14:18         ` Jeff Layton
2014-03-29 19:05           ` J. Bruce Fields
2014-03-19 20:45 ` [PATCH v7 11/17] locks: report l_pid as -1 for FL_FILE_PVT locks Jeff Layton
2014-03-25  0:30   ` J. Bruce Fields
2014-03-19 20:45 ` [PATCH v7 12/17] locks: pass the cmd value to fcntl_getlk/getlk64 Jeff Layton
2014-03-19 20:45 ` [PATCH v7 13/17] locks: skip deadlock detection on FL_FILE_PVT locks Jeff Layton
2014-03-28 21:43   ` J. Bruce Fields
2014-03-19 20:45 ` [PATCH v7 14/17] locks: add new fcntl cmd values for handling file private locks Jeff Layton
2014-03-19 20:45 ` [PATCH v7 15/17] locks: require that flock->l_pid be set to 0 for file-private locks Jeff Layton
2014-03-19 20:46 ` [PATCH v7 16/17] locks: fix locks_mandatory_locked to respect " Jeff Layton
2014-03-19 20:46 ` [PATCH v7 17/17] locks: make locks_mandatory_area check for " Jeff Layton
2014-03-28  2:15 ` [PATCH v7 00/17] locks: fixes for 3.15 and file-private lock support J. Bruce Fields

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:dd309333afc dfblob:b49e853a9c7 dfblob:95e46c8e05f
dfblob:36025f77c6e )
 OR (
bs:"[PATCH v7 06/17] locks: fix posix lock range overflow handling" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1395261961-10855-7-git-send-email-jlayton@redhat.com \
    --to=jlayton@redhat.com \
    --cc=bfields@fieldses.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=viro@ZenIV.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).