On Sun, 2020-10-04 at 19:04 +0100, Matthew Wilcox (Oracle) wrote:
> On 32-bit systems, this shift will overflow for files larger than 4GB.
>
> Cc: stable@xxxxxxxxxxxxxxx
> Fixes: 61f68816211e ("ceph: check caps in filemap_fault and page_mkwrite")
> Signed-off-by: Matthew Wilcox (Oracle) <willy@xxxxxxxxxxxxx>
> ---
> fs/ceph/addr.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/ceph/addr.c b/fs/ceph/addr.c
> index 6ea761c84494..970e5a094035 100644
> --- a/fs/ceph/addr.c
> +++ b/fs/ceph/addr.c
> @@ -1522,7 +1522,7 @@ static vm_fault_t ceph_filemap_fault(struct vm_fault *vmf)
> struct ceph_inode_info *ci = ceph_inode(inode);
> struct ceph_file_info *fi = vma->vm_file->private_data;
> struct page *pinned_page = NULL;
> - loff_t off = vmf->pgoff << PAGE_SHIFT;
> + loff_t off = (loff_t)vmf->pgoff << PAGE_SHIFT;
> int want, got, err;
> sigset_t oldset;
> vm_fault_t ret = VM_FAULT_SIGBUS;
Good catch! Would you like us to take this in via the ceph tree, or are
you planning to submit altogether upstream? Either way:
Reviewed-by: Jeff Layton <jlayton@xxxxxxxxxx>
