git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Coly Li <colyli@suse.de>
	Sat, 9 Feb 2019 04:52:59 +0000 (12:52 +0800)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 5 Apr 2019 20:31:35 +0000 (22:31 +0200)
commit	7680e67cabc1bed1461a9e194dcb839b7f4e78b2
tree	9c7e946b9a517d748719dbbca3c630e1e245e32b	tree \| snapshot
parent	70e8b1e0062454377cf23acda7af83f8b7d40a3c	commit \| diff

bcache: improve sysfs_strtoul_clamp()

[ Upstream commit 596b5a5dd1bc2fa019fdaaae522ef331deef927f ]

Currently sysfs_strtoul_clamp() is defined as,
82 #define sysfs_strtoul_clamp(file, var, min, max)                   \
83 do {                                                               \
84         if (attr == &sysfs_ ## file)                               \
85                 return strtoul_safe_clamp(buf, var, min, max)      \
86                         ?: (ssize_t) size;                         \
87 } while (0)

The problem is, if bit width of var is less then unsigned long, min and
max may not protect var from integer overflow, because overflow happens
in strtoul_safe_clamp() before checking min and max.

To fix such overflow in sysfs_strtoul_clamp(), to make min and max take
effect, this patch adds an unsigned long variable, and uses it to macro
strtoul_safe_clamp() to convert an unsigned long value in range defined
by [min, max]. Then assign this value to var. By this method, if bit
width of var is less than unsigned long, integer overflow won't happen
before min and max are checking.

Now sysfs_strtoul_clamp() can properly handle smaller data type like
unsigned int, of cause min and max should be defined in range of
unsigned int too.

Signed-off-by: Coly Li <colyli@suse.de>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Sasha Levin <sashal@kernel.org>