The patch titled
powerpc/spufs: check file offset before calculating write size in fixed-sized files
has been added to the -mm tree. Its filename is
powerpc-spufs-check-file-offset-before-calculating-write-size-in-fixed-sized-files.patch
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/SubmitChecklist when testing your code ***
See http://userweb.kernel.org/~akpm/stuff/added-to-mm.txt to find
out what to do about this
The current -mm tree may be found at http://userweb.kernel.org/~akpm/mmotm/
------------------------------------------------------
Subject: powerpc/spufs: check file offset before calculating write size in fixed-sized files
From: Jeremy Kerr <jk@xxxxxxxxxx>
Based on an original patch from Roel Kluin.
The write size calculated during regs and fpcr writes may currently
go negative. Because size is unsigned, this will wrap, and our
check for EFBIG will fail.
Instead, do the check for EFBIG before subtracting from size.
Signed-off-by: Jeremy Kerr <jk@xxxxxxxxxx>
Cc: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx>
Cc: Roel Kluin <roel.kluin@xxxxxxxxx>.
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---
arch/powerpc/platforms/cell/spufs/file.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff -puN arch/powerpc/platforms/cell/spufs/file.c~powerpc-spufs-check-file-offset-before-calculating-write-size-in-fixed-sized-files arch/powerpc/platforms/cell/spufs/file.c
--- a/arch/powerpc/platforms/cell/spufs/file.c~powerpc-spufs-check-file-offset-before-calculating-write-size-in-fixed-sized-files
+++ a/arch/powerpc/platforms/cell/spufs/file.c
@@ -568,9 +568,10 @@ spufs_regs_write(struct file *file, cons
struct spu_lscsa *lscsa = ctx->csa.lscsa;
int ret;
- size = min_t(ssize_t, sizeof lscsa->gprs - *pos, size);
- if (size <= 0)
+ if (*pos >= sizeof(lscsa->gprs))
return -EFBIG;
+
+ size = min_t(ssize_t, sizeof(lscsa->gprs) - *pos, size);
*pos += size;
ret = spu_acquire_saved(ctx);
@@ -623,10 +624,11 @@ spufs_fpcr_write(struct file *file, cons
struct spu_lscsa *lscsa = ctx->csa.lscsa;
int ret;
- size = min_t(ssize_t, sizeof(lscsa->fpcr) - *pos, size);
- if (size <= 0)
+ if (*pos >= sizeof(lscsa->fpcr))
return -EFBIG;
+ size = min_t(ssize_t, sizeof(lscsa->fpcr) - *pos, size);
+
ret = spu_acquire_saved(ctx);
if (ret)
return ret;
_
Patches currently in -mm which might be from jk@xxxxxxxxxx are
linux-next.patch
powerpc-spufs-check-file-offset-before-calculating-write-size-in-fixed-sized-files.patch
--
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
