Skip to content

Commit 42b0ef0

Browse files
arndbbrauner
arndb
authored and
brauner
committed
block: fix FS_IOC_GETLBMD_CAP parsing in blkdev_common_ioctl()
Anders and Naresh found that the addition of the FS_IOC_GETLBMD_CAP handling in the blockdev ioctl handler breaks all ioctls with _IOC_NR==2, as the new command is not added to the switch but only a few of the command bits are check. Move the check into the blk_get_meta_cap() function itself and make it return -ENOIOCTLCMD for any unsupported command code, including those with a smaller size that previously returned -EINVAL. For consistency this also drops the check for NULL 'arg' that is really useless, as any invalid pointer should return -EFAULT. Fixes: 9eb22f7 ("fs: add ioctl to query metadata and protection info capabilities") Link: https://lore.kernel.org/all/CA+G9fYvk9HHE5UJ7cdJHTcY6P5JKnp+_e+sdC5U-ZQFTP9_hqQ@mail.gmail.com/ Reported-by: Naresh Kamboju <[email protected]> Cc: Anders Roxell <[email protected]> Cc: Naresh Kamboju <[email protected]> Signed-off-by: Arnd Bergmann <[email protected]> Link: https://lore.kernel.org/[email protected] Tested-by: Anders Roxell <[email protected]> Signed-off-by: Christian Brauner <[email protected]>
1 parent 4a3def7 commit 42b0ef0

File tree

2 files changed

+10
-6
lines changed

2 files changed

+10
-6
lines changed

block/blk-integrity.c

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -62,10 +62,12 @@ int blk_get_meta_cap(struct block_device *bdev, unsigned int cmd,
6262
struct logical_block_metadata_cap meta_cap = {};
6363
size_t usize = _IOC_SIZE(cmd);
6464

65-
if (!argp)
66-
return -EINVAL;
67-
if (usize < LBMD_SIZE_VER0)
68-
return -EINVAL;
65+
if (_IOC_DIR(cmd) != _IOC_DIR(FS_IOC_GETLBMD_CAP) ||
66+
_IOC_TYPE(cmd) != _IOC_TYPE(FS_IOC_GETLBMD_CAP) ||
67+
_IOC_NR(cmd) != _IOC_NR(FS_IOC_GETLBMD_CAP) ||
68+
_IOC_SIZE(cmd) < LBMD_SIZE_VER0)
69+
return -ENOIOCTLCMD;
70+
6971
if (!bi)
7072
goto out;
7173

block/ioctl.c

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -566,9 +566,11 @@ static int blkdev_common_ioctl(struct block_device *bdev, blk_mode_t mode,
566566
void __user *argp)
567567
{
568568
unsigned int max_sectors;
569+
int ret;
569570

570-
if (_IOC_NR(cmd) == _IOC_NR(FS_IOC_GETLBMD_CAP))
571-
return blk_get_meta_cap(bdev, cmd, argp);
571+
ret = blk_get_meta_cap(bdev, cmd, argp);
572+
if (ret != -ENOIOCTLCMD)
573+
return ret;
572574

573575
switch (cmd) {
574576
case BLKFLSBUF:

0 commit comments

Comments
 (0)