Move stack parameters for sed_ioctl to prevent oversized stack with CONFIG_KASAN

When CONFIG_KASAN is enabled, compilation fails: block/sed-opal.c: In function 'sed_ioctl': block/sed-opal.c:2447:1: error: the frame size of 2256 bytes is larger than 2048 bytes [-Werror=frame-larger-than=] Moved all the ioctl structures off the stack and dynamically allocate using _IOC_SIZE() Fixes: 455a7b238cd6 ("block: Add Sed-opal library") Reported-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Scott Bauer <scott.bauer@intel.com> Signed-off-by: Jens Axboe <axboe@fb.com>
author: Scott Bauer <scott.bauer@intel.com> 2017-02-14 19:29:36 -0500
committer: Jens Axboe <axboe@fb.com> 2017-02-14 21:47:18 -0500
commit: e225c20eb0fd0b6657e640408f11ee392dc82b5b (patch)
tree: 16caa1d305159a1306478a58483278fe13d2e9b2
parent: 24bff4d78a572d25fe2a0818f55bebda8a2d4709 (diff)
3 files changed, 50 insertions, 90 deletions
diff --git a/block/sed-opal.c b/block/sed-opal.c
index bf1406e5159b..e95b8a57053d 100644
--- a/block/sed-opal.c
+++ b/block/sed-opal.c
@@ -2344,9 +2344,10 @@ bool opal_unlock_from_suspend(struct opal_dev *dev)
 }
 EXPORT_SYMBOL(opal_unlock_from_suspend);
-int sed_ioctl(struct opal_dev *dev, unsigned int cmd, unsigned long ptr)
+int sed_ioctl(struct opal_dev *dev, unsigned int cmd, void __user *arg)
 {
-        void __user *arg = (void __user *)ptr;
+        void *p;
+        int ret = -ENOTTY;
        if (!capable(CAP_SYS_ADMIN))
                return -EACCES;
@@ -2355,94 +2356,52 @@ int sed_ioctl(struct opal_dev *dev, unsigned int cmd, unsigned long ptr)
                return -ENOTSUPP;
        }
-        switch (cmd) {
+        p = memdup_user(arg,  _IOC_SIZE(cmd));
-        case IOC_OPAL_SAVE: {
+        if (IS_ERR(p))
-                struct opal_lock_unlock lk_unlk;
+                return PTR_ERR(p);
-                if (copy_from_user(&lk_unlk, arg, sizeof(lk_unlk)))
-                        return -EFAULT;
-                return opal_save(dev, &lk_unlk);
-        }
-        case IOC_OPAL_LOCK_UNLOCK: {
-                struct opal_lock_unlock lk_unlk;
-                if (copy_from_user(&lk_unlk, arg, sizeof(lk_unlk)))
-                        return -EFAULT;
-                return opal_lock_unlock(dev, &lk_unlk);
-        }
-        case IOC_OPAL_TAKE_OWNERSHIP: {
-                struct opal_key opal_key;
-                if (copy_from_user(&opal_key, arg, sizeof(opal_key)))
-                        return -EFAULT;
-                return opal_take_ownership(dev, &opal_key);
-        }
-        case IOC_OPAL_ACTIVATE_LSP: {
-                struct opal_lr_act opal_lr_act;
-                if (copy_from_user(&opal_lr_act, arg, sizeof(opal_lr_act)))
-                        return -EFAULT;
-                return opal_activate_lsp(dev, &opal_lr_act);
-        }
-        case IOC_OPAL_SET_PW: {
-                struct opal_new_pw opal_pw;
-                if (copy_from_user(&opal_pw, arg, sizeof(opal_pw)))
-                        return -EFAULT;
-                return opal_set_new_pw(dev, &opal_pw);
-        }
-        case IOC_OPAL_ACTIVATE_USR: {
-                struct opal_session_info session;
-                if (copy_from_user(&session, arg, sizeof(session)))
-                        return -EFAULT;
-                return opal_activate_user(dev, &session);
-        }
-        case IOC_OPAL_REVERT_TPR: {
-                struct opal_key opal_key;
-                if (copy_from_user(&opal_key, arg, sizeof(opal_key)))
-                        return -EFAULT;
-                return opal_reverttper(dev, &opal_key);
-        }
-        case IOC_OPAL_LR_SETUP: {
-                struct opal_user_lr_setup lrs;
-                if (copy_from_user(&lrs, arg, sizeof(lrs)))
+        switch (cmd) {
-                        return -EFAULT;
+        case IOC_OPAL_SAVE:
-                return opal_setup_locking_range(dev, &lrs);
+                ret = opal_save(dev, p);
-        }
+                break;
-        case IOC_OPAL_ADD_USR_TO_LR: {
+        case IOC_OPAL_LOCK_UNLOCK:
-                struct opal_lock_unlock lk_unlk;
+                ret = opal_lock_unlock(dev, p);
+                break;
-                if (copy_from_user(&lk_unlk, arg, sizeof(lk_unlk)))
+        case IOC_OPAL_TAKE_OWNERSHIP:
-                        return -EFAULT;
+                ret = opal_take_ownership(dev, p);
-                return opal_add_user_to_lr(dev, &lk_unlk);
+                break;
-        }
+        case IOC_OPAL_ACTIVATE_LSP:
-        case IOC_OPAL_ENABLE_DISABLE_MBR: {
+                ret = opal_activate_lsp(dev, p);
-                struct opal_mbr_data mbr;
+                break;
+        case IOC_OPAL_SET_PW:
-                if (copy_from_user(&mbr, arg, sizeof(mbr)))
+                ret = opal_set_new_pw(dev, p);
-                        return -EFAULT;
+                break;
-                return opal_enable_disable_shadow_mbr(dev, &mbr);
+        case IOC_OPAL_ACTIVATE_USR:
-        }
+                ret = opal_activate_user(dev, p);
-        case IOC_OPAL_ERASE_LR: {
+                break;
-                struct opal_session_info session;
+        case IOC_OPAL_REVERT_TPR:
+                ret = opal_reverttper(dev, p);
-                if (copy_from_user(&session, arg, sizeof(session)))
+                break;
-                        return -EFAULT;
+        case IOC_OPAL_LR_SETUP:
-                return opal_erase_locking_range(dev, &session);
+                ret = opal_setup_locking_range(dev, p);
-        }
+                break;
-        case IOC_OPAL_SECURE_ERASE_LR: {
+        case IOC_OPAL_ADD_USR_TO_LR:
-                struct opal_session_info session;
+                ret = opal_add_user_to_lr(dev, p);
+                break;
-                if (copy_from_user(&session, arg, sizeof(session)))
+        case IOC_OPAL_ENABLE_DISABLE_MBR:
-                        return -EFAULT;
+                ret = opal_enable_disable_shadow_mbr(dev, p);
-                return opal_secure_erase_locking_range(dev, &session);
+                break;
-        }
+        case IOC_OPAL_ERASE_LR:
+                ret = opal_erase_locking_range(dev, p);
+                break;
+        case IOC_OPAL_SECURE_ERASE_LR:
+                ret = opal_secure_erase_locking_range(dev, p);
+                break;
        default:
                pr_warn("No such Opal Ioctl %u\n", cmd);
        }
-        return -ENOTTY;
+        kfree(p);
+        return ret;
 }
 EXPORT_SYMBOL_GPL(sed_ioctl);
diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c
index 26ae4afd3737..b92a79281611 100644
--- a/drivers/nvme/host/core.c
+++ b/drivers/nvme/host/core.c
@@ -789,7 +789,8 @@ static int nvme_ioctl(struct block_device *bdev, fmode_t mode,
                        return nvme_nvm_ioctl(ns, cmd, arg);
 #endif
                if (is_sed_ioctl(cmd))
-                        return sed_ioctl(&ns->ctrl->opal_dev, cmd, arg);
+                        return sed_ioctl(&ns->ctrl->opal_dev, cmd,
+                                         (void __user *) arg);
                return -ENOTTY;
        }
 }
diff --git a/include/linux/sed-opal.h b/include/linux/sed-opal.h
index af1a85eae193..205d520ea688 100644
--- a/include/linux/sed-opal.h
+++ b/include/linux/sed-opal.h
@@ -132,7 +132,7 @@ struct opal_dev {
 #ifdef CONFIG_BLK_SED_OPAL
 bool opal_unlock_from_suspend(struct opal_dev *dev);
 void init_opal_dev(struct opal_dev *opal_dev, sec_send_recv *send_recv);
-int sed_ioctl(struct opal_dev *dev, unsigned int cmd, unsigned long ptr);
+int sed_ioctl(struct opal_dev *dev, unsigned int cmd, void __user *ioctl_ptr);
 static inline bool is_sed_ioctl(unsigned int cmd)
 {
@@ -160,7 +160,7 @@ static inline bool is_sed_ioctl(unsigned int cmd)
 }
 static inline int sed_ioctl(struct opal_dev *dev, unsigned int cmd,
-                            unsigned long ptr)
+                            void __user *ioctl_ptr)
 {
        return 0;
 }
author	Scott Bauer <scott.bauer@intel.com>	2017-02-14 19:29:36 -0500
committer	Jens Axboe <axboe@fb.com>	2017-02-14 21:47:18 -0500
commit	e225c20eb0fd0b6657e640408f11ee392dc82b5b (patch)
tree	16caa1d305159a1306478a58483278fe13d2e9b2
parent	24bff4d78a572d25fe2a0818f55bebda8a2d4709 (diff)

diff --git a/block/sed-opal.c b/block/sed-opal.c index bf1406e5159b..e95b8a57053d 100644 --- a/block/sed-opal.c +++ b/block/sed-opal.c
@@ -2344,9 +2344,10 @@ bool opal_unlock_from_suspend(struct opal_dev *dev)
2344	}	2344	}
2345	EXPORT_SYMBOL(opal_unlock_from_suspend);	2345	EXPORT_SYMBOL(opal_unlock_from_suspend);
2346		2346
2347	int sed_ioctl(struct opal_dev *dev, unsigned int cmd, unsigned long ptr)	2347	int sed_ioctl(struct opal_dev dev, unsigned int cmd, void __user arg)
2348	{	2348	{
2349	void __user arg = (void __user )ptr;	2349	void *p;
		2350	int ret = -ENOTTY;
2350		2351
2351	if (!capable(CAP_SYS_ADMIN))	2352	if (!capable(CAP_SYS_ADMIN))
2352	return -EACCES;	2353	return -EACCES;
@@ -2355,94 +2356,52 @@ int sed_ioctl(struct opal_dev *dev, unsigned int cmd, unsigned long ptr)
2355	return -ENOTSUPP;	2356	return -ENOTSUPP;
2356	}	2357	}
2357		2358
2358	switch (cmd) {	2359	p = memdup_user(arg, _IOC_SIZE(cmd));
2359	case IOC_OPAL_SAVE: {	2360	if (IS_ERR(p))
2360	struct opal_lock_unlock lk_unlk;	2361	return PTR_ERR(p);
2361
2362	if (copy_from_user(&lk_unlk, arg, sizeof(lk_unlk)))
2363	return -EFAULT;
2364	return opal_save(dev, &lk_unlk);
2365	}
2366	case IOC_OPAL_LOCK_UNLOCK: {
2367	struct opal_lock_unlock lk_unlk;
2368
2369	if (copy_from_user(&lk_unlk, arg, sizeof(lk_unlk)))
2370	return -EFAULT;
2371	return opal_lock_unlock(dev, &lk_unlk);
2372	}
2373	case IOC_OPAL_TAKE_OWNERSHIP: {
2374	struct opal_key opal_key;
2375
2376	if (copy_from_user(&opal_key, arg, sizeof(opal_key)))
2377	return -EFAULT;
2378	return opal_take_ownership(dev, &opal_key);
2379	}
2380	case IOC_OPAL_ACTIVATE_LSP: {
2381	struct opal_lr_act opal_lr_act;
2382
2383	if (copy_from_user(&opal_lr_act, arg, sizeof(opal_lr_act)))
2384	return -EFAULT;
2385	return opal_activate_lsp(dev, &opal_lr_act);
2386	}
2387	case IOC_OPAL_SET_PW: {
2388	struct opal_new_pw opal_pw;
2389
2390	if (copy_from_user(&opal_pw, arg, sizeof(opal_pw)))
2391	return -EFAULT;
2392	return opal_set_new_pw(dev, &opal_pw);
2393	}
2394	case IOC_OPAL_ACTIVATE_USR: {
2395	struct opal_session_info session;
2396
2397	if (copy_from_user(&session, arg, sizeof(session)))
2398	return -EFAULT;
2399	return opal_activate_user(dev, &session);
2400	}
2401	case IOC_OPAL_REVERT_TPR: {
2402	struct opal_key opal_key;
2403
2404	if (copy_from_user(&opal_key, arg, sizeof(opal_key)))
2405	return -EFAULT;
2406	return opal_reverttper(dev, &opal_key);
2407	}
2408	case IOC_OPAL_LR_SETUP: {
2409	struct opal_user_lr_setup lrs;
2410		2362
2411	if (copy_from_user(&lrs, arg, sizeof(lrs)))	2363	switch (cmd) {
2412	return -EFAULT;	2364	case IOC_OPAL_SAVE:
2413	return opal_setup_locking_range(dev, &lrs);	2365	ret = opal_save(dev, p);
2414	}	2366	break;
2415	case IOC_OPAL_ADD_USR_TO_LR: {	2367	case IOC_OPAL_LOCK_UNLOCK:
2416	struct opal_lock_unlock lk_unlk;	2368	ret = opal_lock_unlock(dev, p);
2417		2369	break;
2418	if (copy_from_user(&lk_unlk, arg, sizeof(lk_unlk)))	2370	case IOC_OPAL_TAKE_OWNERSHIP:
2419	return -EFAULT;	2371	ret = opal_take_ownership(dev, p);
2420	return opal_add_user_to_lr(dev, &lk_unlk);	2372	break;
2421	}	2373	case IOC_OPAL_ACTIVATE_LSP:
2422	case IOC_OPAL_ENABLE_DISABLE_MBR: {	2374	ret = opal_activate_lsp(dev, p);
2423	struct opal_mbr_data mbr;	2375	break;
2424		2376	case IOC_OPAL_SET_PW:
2425	if (copy_from_user(&mbr, arg, sizeof(mbr)))	2377	ret = opal_set_new_pw(dev, p);
2426	return -EFAULT;	2378	break;
2427	return opal_enable_disable_shadow_mbr(dev, &mbr);	2379	case IOC_OPAL_ACTIVATE_USR:
2428	}	2380	ret = opal_activate_user(dev, p);
2429	case IOC_OPAL_ERASE_LR: {	2381	break;
2430	struct opal_session_info session;	2382	case IOC_OPAL_REVERT_TPR:
2431		2383	ret = opal_reverttper(dev, p);
2432	if (copy_from_user(&session, arg, sizeof(session)))	2384	break;
2433	return -EFAULT;	2385	case IOC_OPAL_LR_SETUP:
2434	return opal_erase_locking_range(dev, &session);	2386	ret = opal_setup_locking_range(dev, p);
2435	}	2387	break;
2436	case IOC_OPAL_SECURE_ERASE_LR: {	2388	case IOC_OPAL_ADD_USR_TO_LR:
2437	struct opal_session_info session;	2389	ret = opal_add_user_to_lr(dev, p);
2438		2390	break;
2439	if (copy_from_user(&session, arg, sizeof(session)))	2391	case IOC_OPAL_ENABLE_DISABLE_MBR:
2440	return -EFAULT;	2392	ret = opal_enable_disable_shadow_mbr(dev, p);
2441	return opal_secure_erase_locking_range(dev, &session);	2393	break;
2442	}	2394	case IOC_OPAL_ERASE_LR:
		2395	ret = opal_erase_locking_range(dev, p);
		2396	break;
		2397	case IOC_OPAL_SECURE_ERASE_LR:
		2398	ret = opal_secure_erase_locking_range(dev, p);
		2399	break;
2443	default:	2400	default:
2444	pr_warn("No such Opal Ioctl %u\n", cmd);	2401	pr_warn("No such Opal Ioctl %u\n", cmd);
2445	}	2402	}
2446	return -ENOTTY;	2403
		2404	kfree(p);
		2405	return ret;
2447	}	2406	}
2448	EXPORT_SYMBOL_GPL(sed_ioctl);	2407	EXPORT_SYMBOL_GPL(sed_ioctl);


diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c index 26ae4afd3737..b92a79281611 100644 --- a/drivers/nvme/host/core.c +++ b/drivers/nvme/host/core.c
@@ -789,7 +789,8 @@ static int nvme_ioctl(struct block_device *bdev, fmode_t mode,
789	return nvme_nvm_ioctl(ns, cmd, arg);	789	return nvme_nvm_ioctl(ns, cmd, arg);
790	#endif	790	#endif
791	if (is_sed_ioctl(cmd))	791	if (is_sed_ioctl(cmd))
792	return sed_ioctl(&ns->ctrl->opal_dev, cmd, arg);	792	return sed_ioctl(&ns->ctrl->opal_dev, cmd,
		793	(void __user *) arg);
793	return -ENOTTY;	794	return -ENOTTY;
794	}	795	}
795	}	796	}


diff --git a/include/linux/sed-opal.h b/include/linux/sed-opal.h index af1a85eae193..205d520ea688 100644 --- a/include/linux/sed-opal.h +++ b/include/linux/sed-opal.h
@@ -132,7 +132,7 @@ struct opal_dev {
132	#ifdef CONFIG_BLK_SED_OPAL	132	#ifdef CONFIG_BLK_SED_OPAL
133	bool opal_unlock_from_suspend(struct opal_dev *dev);	133	bool opal_unlock_from_suspend(struct opal_dev *dev);
134	void init_opal_dev(struct opal_dev opal_dev, sec_send_recv send_recv);	134	void init_opal_dev(struct opal_dev opal_dev, sec_send_recv send_recv);
135	int sed_ioctl(struct opal_dev *dev, unsigned int cmd, unsigned long ptr);	135	int sed_ioctl(struct opal_dev dev, unsigned int cmd, void __user ioctl_ptr);
136		136
137	static inline bool is_sed_ioctl(unsigned int cmd)	137	static inline bool is_sed_ioctl(unsigned int cmd)
138	{	138	{
@@ -160,7 +160,7 @@ static inline bool is_sed_ioctl(unsigned int cmd)
160	}	160	}
161		161
162	static inline int sed_ioctl(struct opal_dev *dev, unsigned int cmd,	162	static inline int sed_ioctl(struct opal_dev *dev, unsigned int cmd,
163	unsigned long ptr)	163	void __user *ioctl_ptr)
164	{	164	{
165	return 0;	165	return 0;
166	}	166	}