From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Tue, 26 Apr 2022 06:43:41 +0000 (+0200)
Subject: 4.14-stable patches
X-Git-Tag: v4.9.312~12
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0dac7900b57f9009a80dfd5220a45fc1de353eaa;p=thirdparty%2Fkernel%2Fstable-queue.git

4.14-stable patches

added patches:
	block-compat_ioctl-fix-range-check-in-blkgetsize.patch
---

diff --git a/queue-4.14/block-compat_ioctl-fix-range-check-in-blkgetsize.patch b/queue-4.14/block-compat_ioctl-fix-range-check-in-blkgetsize.patch
new file mode 100644
index 00000000000..e55e8607877
--- /dev/null
+++ b/queue-4.14/block-compat_ioctl-fix-range-check-in-blkgetsize.patch
@@ -0,0 +1,36 @@
+From ccf16413e520164eb718cf8b22a30438da80ff23 Mon Sep 17 00:00:00 2001
+From: Khazhismel Kumykov <khazhy@google.com>
+Date: Thu, 14 Apr 2022 15:40:56 -0700
+Subject: block/compat_ioctl: fix range check in BLKGETSIZE
+
+From: Khazhismel Kumykov <khazhy@google.com>
+
+commit ccf16413e520164eb718cf8b22a30438da80ff23 upstream.
+
+kernel ulong and compat_ulong_t may not be same width. Use type directly
+to eliminate mismatches.
+
+This would result in truncation rather than EFBIG for 32bit mode for
+large disks.
+
+Reviewed-by: Bart Van Assche <bvanassche@acm.org>
+Signed-off-by: Khazhismel Kumykov <khazhy@google.com>
+Reviewed-by: Chaitanya Kulkarni <kch@nvidia.com>
+Link: https://lore.kernel.org/r/20220414224056.2875681-1-khazhy@google.com
+Signed-off-by: Jens Axboe <axboe@kernel.dk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ block/compat_ioctl.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/block/compat_ioctl.c
++++ b/block/compat_ioctl.c
+@@ -391,7 +391,7 @@ long compat_blkdev_ioctl(struct file *fi
+ 		return 0;
+ 	case BLKGETSIZE:
+ 		size = i_size_read(bdev->bd_inode);
+-		if ((size >> 9) > ~0UL)
++		if ((size >> 9) > ~(compat_ulong_t)0)
+ 			return -EFBIG;
+ 		return compat_put_ulong(arg, size >> 9);
+ 
diff --git a/queue-4.14/series b/queue-4.14/series
index 2b4db0d0520..1bc55008fc6 100644
--- a/queue-4.14/series
+++ b/queue-4.14/series
@@ -31,3 +31,4 @@ ext4-limit-length-to-bitmap_maxbytes-blocksize-in-punch_hole.patch
 ext4-fix-overhead-calculation-to-account-for-the-reserved-gdt-blocks.patch
 ext4-force-overhead-calculation-if-the-s_overhead_cluster-makes-no-sense.patch
 staging-ion-prevent-incorrect-reference-counting-behavour.patch
+block-compat_ioctl-fix-range-check-in-blkgetsize.patch