On Sun, 2020-10-04 at 19:04 +0100, Matthew Wilcox (Oracle) wrote:
> On 32-bit systems, this shift will overflow for files larger than 4GB.
>
> Cc: stable@xxxxxxxxxxxxxxx
> Fixes: 61f68816211e ("ceph: check caps in filemap_fault and page_mkwrite")
> Signed-off-by: Matthew Wilcox (Oracle) <willy@xxxxxxxxxxxxx>
> ---
> fs/ceph/addr.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/ceph/addr.c b/fs/ceph/addr.c
> index 6ea761c84494..970e5a094035 100644
> --- a/fs/ceph/addr.c
> +++ b/fs/ceph/addr.c
> @@ -1522,7 +1522,7 @@ static vm_fault_t ceph_filemap_fault(struct vm_fault *vmf)
> struct ceph_inode_info *ci = ceph_inode(inode);
> struct ceph_file_info *fi = vma->vm_file->private_data;
> struct page *pinned_page = NULL;
> - loff_t off = vmf->pgoff << PAGE_SHIFT;
> + loff_t off = (loff_t)vmf->pgoff << PAGE_SHIFT;
> int want, got, err;
> sigset_t oldset;
> vm_fault_t ret = VM_FAULT_SIGBUS;
I went ahead and merged this into the ceph-client/testing branch. Given
how old this bug is, I don't see a real need to rush this into v5.9, but
if we have any other patches going in before that ships, then it might
be good to send this one along too.
--
Jeff Layton <jlayton@xxxxxxxxxx>
