[PATCH -next] loop: fix loop_validate_block_size() can't make sense

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



We config the block size of a loop device throuth
the following process:

lo_ioctl(..., unsigned long arg)
|                      ^^^^
lo_simple_ioctl(..., unsigned long arg)
|                             ^^^^
loop_set_block_size(..., unsigned long arg)
        |                         ^^^^
        loop_validate_block_size(unsigned short bsize)
        |                                 ^^^^^
        blk_queue_logical_block_size(..., unsigned int size) {
                '''
                limits->logical_block_size = size;
                        ^^^^ int
                '''
        }

loop_validate_block_size() will check the validity of bsize.
But long to short will be truncated(eg arg=1049600 and
it becomes 1024 after truncation by short. The block size
must within the range of 512 ~ PAGE_SZIE, This truncation will
turn illegal block szie to legal). The wrong of block size will
raise other errors.

Fixes: 3448914e8cc55 ("loop: Add LOOP_CONFIGURE ioctl")
Signed-off-by: Laibin Qiu <qiulaibin@xxxxxxxxxx>
---
 drivers/block/loop.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/block/loop.c b/drivers/block/loop.c
index fa1c298a8cfb..8fd551c00a9b 100644
--- a/drivers/block/loop.c
+++ b/drivers/block/loop.c
@@ -277,7 +277,7 @@ static void __loop_update_dio(struct loop_device *lo, bool dio)
  * @bsize: size to validate
  */
 static int
-loop_validate_block_size(unsigned short bsize)
+loop_validate_block_size(unsigned long bsize)
 {
 	if (bsize < 512 || bsize > PAGE_SIZE || !is_power_of_2(bsize))
 		return -EINVAL;
-- 
2.22.0




[Index of Archives]     [Linux RAID]     [Linux SCSI]     [Linux ATA RAID]     [IDE]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Device Mapper]

  Powered by Linux