fcntl: don't cap l_start and l_end values for F_GETLK64 in compat syscall

Currently, we're capping the values too low in the F_GETLK64 case. The
fields in that structure are 64-bit values, so we shouldn't need to do
any sort of fixup there.

Make sure we check that assumption at build time in the future however
by ensuring that the sizes we're copying will fit.

With this, we no longer need COMPAT_LOFF_T_MAX either, so remove it.

Fixes: 94073ad77fff2 (fs/locks: don't mess with the address limit in compat_fcntl64)
Reported-by: Vitaly Lipatov <lav@etersoft.ru>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Reviewed-by: David Howells <dhowells@redhat.com>

1 files changed, 5 insertions, 6 deletions

diff --git a/fs/fcntl.c b/fs/fcntl.c
index e15bcc4265d0..0522e283a4f4 100644
--- a/fs/fcntl.c
+++ b/fs/fcntl.c
@@ -563,6 +563,9 @@ static int put_compat_flock64(const struct flock *kfl, struct compat_flock64 __u
 {
         struct compat_flock64 fl;
 
+        BUILD_BUG_ON(sizeof(kfl->l_start) > sizeof(ufl->l_start));
+        BUILD_BUG_ON(sizeof(kfl->l_len) > sizeof(ufl->l_len));
+
         memset(&fl, 0, sizeof(struct compat_flock64));
         copy_flock_fields(&fl, kfl);
         if (copy_to_user(ufl, &fl, sizeof(struct compat_flock64)))
@@ -641,12 +644,8 @@ COMPAT_SYSCALL_DEFINE3(fcntl64, unsigned int, fd, unsigned int, cmd,
                 if (err)
                         break;
                 err = fcntl_getlk(f.file, convert_fcntl_cmd(cmd), &flock);
-                if (err)
-                        break;
-                err = fixup_compat_flock(&flock);
-                if (err)
-                        return err;
-                err = put_compat_flock64(&flock, compat_ptr(arg));
+                if (!err)
+                        err = put_compat_flock64(&flock, compat_ptr(arg));
                 break;
         case F_SETLK:
         case F_SETLKW: