diff options
| author | Al Viro <viro@zeniv.linux.org.uk> | 2012-04-12 19:52:19 -0400 |
|---|---|---|
| committer | Al Viro <viro@zeniv.linux.org.uk> | 2012-05-29 23:28:35 -0400 |
| commit | f6a5690324d5ab9c33bbc0a6b4cc59c7fa34eeec (patch) | |
| tree | 8ae239168609f06a9bba78058e7f7e3fa18c20d9 /fs/ocfs2 | |
| parent | 8515841086d14594b24cdc8febdcc7fd1bbc313e (diff) | |
ocfs2: deal with __user misannotations
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'fs/ocfs2')
| -rw-r--r-- | fs/ocfs2/ioctl.c | 31 | ||||
| -rw-r--r-- | fs/ocfs2/move_extents.c | 6 |
2 files changed, 16 insertions, 21 deletions
diff --git a/fs/ocfs2/ioctl.c b/fs/ocfs2/ioctl.c index a1a1bfd652c9..d96f7f81d8dd 100644 --- a/fs/ocfs2/ioctl.c +++ b/fs/ocfs2/ioctl.c | |||
| @@ -864,7 +864,7 @@ int ocfs2_info_handle(struct inode *inode, struct ocfs2_info *info, | |||
| 864 | if (status) | 864 | if (status) |
| 865 | break; | 865 | break; |
| 866 | 866 | ||
| 867 | reqp = (struct ocfs2_info_request *)(unsigned long)req_addr; | 867 | reqp = (struct ocfs2_info_request __user *)(unsigned long)req_addr; |
| 868 | if (!reqp) { | 868 | if (!reqp) { |
| 869 | status = -EINVAL; | 869 | status = -EINVAL; |
| 870 | goto bail; | 870 | goto bail; |
| @@ -888,9 +888,11 @@ long ocfs2_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) | |||
| 888 | struct ocfs2_space_resv sr; | 888 | struct ocfs2_space_resv sr; |
| 889 | struct ocfs2_new_group_input input; | 889 | struct ocfs2_new_group_input input; |
| 890 | struct reflink_arguments args; | 890 | struct reflink_arguments args; |
| 891 | const char *old_path, *new_path; | 891 | const char __user *old_path; |
| 892 | const char __user *new_path; | ||
| 892 | bool preserve; | 893 | bool preserve; |
| 893 | struct ocfs2_info info; | 894 | struct ocfs2_info info; |
| 895 | void __user *argp = (void __user *)arg; | ||
| 894 | 896 | ||
| 895 | switch (cmd) { | 897 | switch (cmd) { |
| 896 | case OCFS2_IOC_GETFLAGS: | 898 | case OCFS2_IOC_GETFLAGS: |
| @@ -937,17 +939,15 @@ long ocfs2_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) | |||
| 937 | 939 | ||
| 938 | return ocfs2_group_add(inode, &input); | 940 | return ocfs2_group_add(inode, &input); |
| 939 | case OCFS2_IOC_REFLINK: | 941 | case OCFS2_IOC_REFLINK: |
| 940 | if (copy_from_user(&args, (struct reflink_arguments *)arg, | 942 | if (copy_from_user(&args, argp, sizeof(args))) |
| 941 | sizeof(args))) | ||
| 942 | return -EFAULT; | 943 | return -EFAULT; |
| 943 | old_path = (const char *)(unsigned long)args.old_path; | 944 | old_path = (const char __user *)(unsigned long)args.old_path; |
| 944 | new_path = (const char *)(unsigned long)args.new_path; | 945 | new_path = (const char __user *)(unsigned long)args.new_path; |
| 945 | preserve = (args.preserve != 0); | 946 | preserve = (args.preserve != 0); |
| 946 | 947 | ||
| 947 | return ocfs2_reflink_ioctl(inode, old_path, new_path, preserve); | 948 | return ocfs2_reflink_ioctl(inode, old_path, new_path, preserve); |
| 948 | case OCFS2_IOC_INFO: | 949 | case OCFS2_IOC_INFO: |
| 949 | if (copy_from_user(&info, (struct ocfs2_info __user *)arg, | 950 | if (copy_from_user(&info, argp, sizeof(struct ocfs2_info))) |
| 950 | sizeof(struct ocfs2_info))) | ||
| 951 | return -EFAULT; | 951 | return -EFAULT; |
| 952 | 952 | ||
| 953 | return ocfs2_info_handle(inode, &info, 0); | 953 | return ocfs2_info_handle(inode, &info, 0); |
| @@ -960,22 +960,20 @@ long ocfs2_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) | |||
| 960 | if (!capable(CAP_SYS_ADMIN)) | 960 | if (!capable(CAP_SYS_ADMIN)) |
| 961 | return -EPERM; | 961 | return -EPERM; |
| 962 | 962 | ||
| 963 | if (copy_from_user(&range, (struct fstrim_range *)arg, | 963 | if (copy_from_user(&range, argp, sizeof(range))) |
| 964 | sizeof(range))) | ||
| 965 | return -EFAULT; | 964 | return -EFAULT; |
| 966 | 965 | ||
| 967 | ret = ocfs2_trim_fs(sb, &range); | 966 | ret = ocfs2_trim_fs(sb, &range); |
| 968 | if (ret < 0) | 967 | if (ret < 0) |
| 969 | return ret; | 968 | return ret; |
| 970 | 969 | ||
| 971 | if (copy_to_user((struct fstrim_range *)arg, &range, | 970 | if (copy_to_user(argp, &range, sizeof(range))) |
| 972 | sizeof(range))) | ||
| 973 | return -EFAULT; | 971 | return -EFAULT; |
| 974 | 972 | ||
| 975 | return 0; | 973 | return 0; |
| 976 | } | 974 | } |
| 977 | case OCFS2_IOC_MOVE_EXT: | 975 | case OCFS2_IOC_MOVE_EXT: |
| 978 | return ocfs2_ioctl_move_extents(filp, (void __user *)arg); | 976 | return ocfs2_ioctl_move_extents(filp, argp); |
| 979 | default: | 977 | default: |
| 980 | return -ENOTTY; | 978 | return -ENOTTY; |
| 981 | } | 979 | } |
| @@ -988,6 +986,7 @@ long ocfs2_compat_ioctl(struct file *file, unsigned cmd, unsigned long arg) | |||
| 988 | struct reflink_arguments args; | 986 | struct reflink_arguments args; |
| 989 | struct inode *inode = file->f_path.dentry->d_inode; | 987 | struct inode *inode = file->f_path.dentry->d_inode; |
| 990 | struct ocfs2_info info; | 988 | struct ocfs2_info info; |
| 989 | void __user *argp = (void __user *)arg; | ||
| 991 | 990 | ||
| 992 | switch (cmd) { | 991 | switch (cmd) { |
| 993 | case OCFS2_IOC32_GETFLAGS: | 992 | case OCFS2_IOC32_GETFLAGS: |
| @@ -1006,16 +1005,14 @@ long ocfs2_compat_ioctl(struct file *file, unsigned cmd, unsigned long arg) | |||
| 1006 | case FITRIM: | 1005 | case FITRIM: |
| 1007 | break; | 1006 | break; |
| 1008 | case OCFS2_IOC_REFLINK: | 1007 | case OCFS2_IOC_REFLINK: |
| 1009 | if (copy_from_user(&args, (struct reflink_arguments *)arg, | 1008 | if (copy_from_user(&args, argp, sizeof(args))) |
| 1010 | sizeof(args))) | ||
| 1011 | return -EFAULT; | 1009 | return -EFAULT; |
| 1012 | preserve = (args.preserve != 0); | 1010 | preserve = (args.preserve != 0); |
| 1013 | 1011 | ||
| 1014 | return ocfs2_reflink_ioctl(inode, compat_ptr(args.old_path), | 1012 | return ocfs2_reflink_ioctl(inode, compat_ptr(args.old_path), |
| 1015 | compat_ptr(args.new_path), preserve); | 1013 | compat_ptr(args.new_path), preserve); |
| 1016 | case OCFS2_IOC_INFO: | 1014 | case OCFS2_IOC_INFO: |
| 1017 | if (copy_from_user(&info, (struct ocfs2_info __user *)arg, | 1015 | if (copy_from_user(&info, argp, sizeof(struct ocfs2_info))) |
| 1018 | sizeof(struct ocfs2_info))) | ||
| 1019 | return -EFAULT; | 1016 | return -EFAULT; |
| 1020 | 1017 | ||
| 1021 | return ocfs2_info_handle(inode, &info, 1); | 1018 | return ocfs2_info_handle(inode, &info, 1); |
diff --git a/fs/ocfs2/move_extents.c b/fs/ocfs2/move_extents.c index b1e3fce72ea4..6083432f667e 100644 --- a/fs/ocfs2/move_extents.c +++ b/fs/ocfs2/move_extents.c | |||
| @@ -1082,8 +1082,7 @@ int ocfs2_ioctl_move_extents(struct file *filp, void __user *argp) | |||
| 1082 | context->file = filp; | 1082 | context->file = filp; |
| 1083 | 1083 | ||
| 1084 | if (argp) { | 1084 | if (argp) { |
| 1085 | if (copy_from_user(&range, (struct ocfs2_move_extents *)argp, | 1085 | if (copy_from_user(&range, argp, sizeof(range))) { |
| 1086 | sizeof(range))) { | ||
| 1087 | status = -EFAULT; | 1086 | status = -EFAULT; |
| 1088 | goto out; | 1087 | goto out; |
| 1089 | } | 1088 | } |
| @@ -1138,8 +1137,7 @@ out: | |||
| 1138 | * length and new_offset even if failure happens somewhere. | 1137 | * length and new_offset even if failure happens somewhere. |
| 1139 | */ | 1138 | */ |
| 1140 | if (argp) { | 1139 | if (argp) { |
| 1141 | if (copy_to_user((struct ocfs2_move_extents *)argp, &range, | 1140 | if (copy_to_user(argp, &range, sizeof(range))) |
| 1142 | sizeof(range))) | ||
| 1143 | status = -EFAULT; | 1141 | status = -EFAULT; |
| 1144 | } | 1142 | } |
| 1145 | 1143 | ||