fs: check for statfs overflow

Adds a check for an overflow in the filesystem size so if someone is checking with statfs() on a 16G blocksize hugetlbfs in a 32bit binary that it will report back EOVERFLOW instead of a size of 0. Acked-by: Nishanth Aravamudan <nacc@us.ibm.com> Signed-off-by: Jon Tollefson <kniht@linux.vnet.ibm.com> Signed-off-by: Nick Piggin <npiggin@suse.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

fs: check for statfs overflow
Adds a check for an overflow in the filesystem size so if someone is checking with statfs() on a 16G blocksize hugetlbfs in a 32bit binary that it will report back EOVERFLOW instead of a size of 0. Acked-by: Nishanth Aravamudan <nacc@us.ibm.com> Signed-off-by: Jon Tollefson <kniht@linux.vnet.ibm.com> Signed-off-by: Nick Piggin <npiggin@suse.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Jon Tollefson · Linus Torvalds
1 parent 91224346aa
Showing 2 changed files with 6 additions and 5 deletions Side-by-side Diff
fs/compat.c
fs/open.c
@@ -197,8 +197,8 @@
 {
  
 	if (sizeof ubuf->f_blocks == 4) {
-		if ((kbuf->f_blocks | kbuf->f_bfree | kbuf->f_bavail) &
-		    0xffffffff00000000ULL)
+		if ((kbuf->f_blocks | kbuf->f_bfree | kbuf->f_bavail |
+		     kbuf->f_bsize | kbuf->f_frsize) & 0xffffffff00000000ULL)
 			return -EOVERFLOW;
 		/* f_files and f_ffree may be -1; it's okay
 		 * to stuff that into 32 bits */
@@ -271,8 +271,8 @@
 static int put_compat_statfs64(struct compat_statfs64 __user *ubuf, struct kstatfs *kbuf)
 {
 	if (sizeof ubuf->f_blocks == 4) {
-		if ((kbuf->f_blocks | kbuf->f_bfree | kbuf->f_bavail) &
-		    0xffffffff00000000ULL)
+		if ((kbuf->f_blocks | kbuf->f_bfree | kbuf->f_bavail |
+		     kbuf->f_bsize | kbuf->f_frsize) & 0xffffffff00000000ULL)
 			return -EOVERFLOW;
 		/* f_files and f_ffree may be -1; it's okay
 		 * to stuff that into 32 bits */
@@ -64,7 +64,8 @@
 		memcpy(buf, &st, sizeof(st));
 	else {
 		if (sizeof buf->f_blocks == 4) {
-			if ((st.f_blocks | st.f_bfree | st.f_bavail) &
+			if ((st.f_blocks | st.f_bfree | st.f_bavail |
+			     st.f_bsize | st.f_frsize) &
 			    0xffffffff00000000ULL)
 				return -EOVERFLOW;
 			/*
...	...	@@ -197,8 +197,8 @@
197	197	{
198	198
199	199	if (sizeof ubuf->f_blocks == 4) {
200		- if ((kbuf->f_blocks \| kbuf->f_bfree \| kbuf->f_bavail) &
201		- 0xffffffff00000000ULL)
	200	+ if ((kbuf->f_blocks \| kbuf->f_bfree \| kbuf->f_bavail \|
	201	+ kbuf->f_bsize \| kbuf->f_frsize) & 0xffffffff00000000ULL)
202	202	return -EOVERFLOW;
203	203	/* f_files and f_ffree may be -1; it's okay
204	204	* to stuff that into 32 bits */
...	...	@@ -271,8 +271,8 @@
271	271	static int put_compat_statfs64(struct compat_statfs64 __user ubuf, struct kstatfs kbuf)
272	272	{
273	273	if (sizeof ubuf->f_blocks == 4) {
274		- if ((kbuf->f_blocks \| kbuf->f_bfree \| kbuf->f_bavail) &
275		- 0xffffffff00000000ULL)
	274	+ if ((kbuf->f_blocks \| kbuf->f_bfree \| kbuf->f_bavail \|
	275	+ kbuf->f_bsize \| kbuf->f_frsize) & 0xffffffff00000000ULL)
276	276	return -EOVERFLOW;
277	277	/* f_files and f_ffree may be -1; it's okay
278	278	* to stuff that into 32 bits */
...	...	@@ -64,7 +64,8 @@
64	64	memcpy(buf, &st, sizeof(st));
65	65	else {
66	66	if (sizeof buf->f_blocks == 4) {
67		- if ((st.f_blocks \| st.f_bfree \| st.f_bavail) &
	67	+ if ((st.f_blocks \| st.f_bfree \| st.f_bavail \|
	68	+ st.f_bsize \| st.f_frsize) &
68	69	0xffffffff00000000ULL)
69	70	return -EOVERFLOW;
70	71	/*