On Mon, Apr 27, 2020 at 08:19:56PM +0200, Christoph Hellwig wrote: > access_ok just checks we are fed a proper user pointer. We also do that > in copy_to_user itself, so no need to do this early. > > Signed-off-by: Christoph Hellwig <hch@xxxxxx> Hmm. It's a minor behavioral change that we no longer require the entire extent array to be accessible at the start even if parts of it would never have gotten accessed, but I don't think that matters, so: Reviewed-by: Darrick J. Wong <darrick.wong@xxxxxxxxxx> --D > --- > fs/ioctl.c | 6 +----- > 1 file changed, 1 insertion(+), 5 deletions(-) > > diff --git a/fs/ioctl.c b/fs/ioctl.c > index ae0d228d18a16..d24afce649037 100644 > --- a/fs/ioctl.c > +++ b/fs/ioctl.c > @@ -209,13 +209,9 @@ static int ioctl_fiemap(struct file *filp, struct fiemap __user *ufiemap) > fieinfo.fi_extents_max = fiemap.fm_extent_count; > fieinfo.fi_extents_start = ufiemap->fm_extents; > > - if (fiemap.fm_extent_count != 0 && > - !access_ok(fieinfo.fi_extents_start, > - fieinfo.fi_extents_max * sizeof(struct fiemap_extent))) > - return -EFAULT; > - > error = inode->i_op->fiemap(inode, &fieinfo, fiemap.fm_start, > fiemap.fm_length); > + > fiemap.fm_flags = fieinfo.fi_flags; > fiemap.fm_mapped_extents = fieinfo.fi_extents_mapped; > if (copy_to_user(ufiemap, &fiemap, sizeof(fiemap))) > -- > 2.26.1 >
