Linux 4.14.111

[thirdparty/kernel/stable-queue.git] / releases / 4.14.111 / bcache-improve-sysfs_strtoul_clamp.patch

diff --git a/releases/4.14.111/bcache-improve-sysfs_strtoul_clamp.patch b/releases/4.14.111/bcache-improve-sysfs_strtoul_clamp.patch
new file mode 100644 (file)
index 0000000..5517d4d
--- /dev/null
+++ b/releases/4.14.111/bcache-improve-sysfs_strtoul_clamp.patch
@@ -0,0 +1,64 @@
+From add93f84a66fd6c4f28374d54b862f56a6ba7bbf Mon Sep 17 00:00:00 2001
+From: Coly Li <colyli@suse.de>
+Date: Sat, 9 Feb 2019 12:52:59 +0800
+Subject: bcache: improve sysfs_strtoul_clamp()
+
+[ Upstream commit 596b5a5dd1bc2fa019fdaaae522ef331deef927f ]
+
+Currently sysfs_strtoul_clamp() is defined as,
+ 82 #define sysfs_strtoul_clamp(file, var, min, max)                   \
+ 83 do {                                                               \
+ 84         if (attr == &sysfs_ ## file)                               \
+ 85                 return strtoul_safe_clamp(buf, var, min, max)      \
+ 86                         ?: (ssize_t) size;                         \
+ 87 } while (0)
+
+The problem is, if bit width of var is less then unsigned long, min and
+max may not protect var from integer overflow, because overflow happens
+in strtoul_safe_clamp() before checking min and max.
+
+To fix such overflow in sysfs_strtoul_clamp(), to make min and max take
+effect, this patch adds an unsigned long variable, and uses it to macro
+strtoul_safe_clamp() to convert an unsigned long value in range defined
+by [min, max]. Then assign this value to var. By this method, if bit
+width of var is less than unsigned long, integer overflow won't happen
+before min and max are checking.
+
+Now sysfs_strtoul_clamp() can properly handle smaller data type like
+unsigned int, of cause min and max should be defined in range of
+unsigned int too.
+
+Signed-off-by: Coly Li <colyli@suse.de>
+Signed-off-by: Jens Axboe <axboe@kernel.dk>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/md/bcache/sysfs.h | 13 ++++++++++---
+ 1 file changed, 10 insertions(+), 3 deletions(-)
+
+diff --git a/drivers/md/bcache/sysfs.h b/drivers/md/bcache/sysfs.h
+index b54fe9602529..e6e258f897ca 100644
+--- a/drivers/md/bcache/sysfs.h
++++ b/drivers/md/bcache/sysfs.h
+@@ -81,9 +81,16 @@ do {                                                                        \
+ 
+ #define sysfs_strtoul_clamp(file, var, min, max)                      \
+ do {                                                                  \
+-      if (attr == &sysfs_ ## file)                                    \
+-              return strtoul_safe_clamp(buf, var, min, max)           \
+-                      ?: (ssize_t) size;                              \
++      if (attr == &sysfs_ ## file) {                                  \
++              unsigned long v = 0;                                    \
++              ssize_t ret;                                            \
++              ret = strtoul_safe_clamp(buf, v, min, max);             \
++              if (!ret) {                                             \
++                      var = v;                                        \
++                      return size;                                    \
++              }                                                       \
++              return ret;                                             \
++      }                                                               \
+ } while (0)
+ 
+ #define strtoul_or_return(cp)                                         \
+-- 
+2.19.1
+