From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Tue, 26 Apr 2022 06:43:56 +0000 (+0200)
Subject: 5.4-stable patches
X-Git-Tag: v4.9.312~10
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=3e59eb1eb96dad56c078381e5012fb7b228aa63d;p=thirdparty%2Fkernel%2Fstable-queue.git

5.4-stable patches

added patches:
	block-compat_ioctl-fix-range-check-in-blkgetsize.patch
---

diff --git a/queue-5.4/block-compat_ioctl-fix-range-check-in-blkgetsize.patch b/queue-5.4/block-compat_ioctl-fix-range-check-in-blkgetsize.patch
new file mode 100644
index 00000000000..012a85ea2fe
--- /dev/null
+++ b/queue-5.4/block-compat_ioctl-fix-range-check-in-blkgetsize.patch
@@ -0,0 +1,36 @@
+From ccf16413e520164eb718cf8b22a30438da80ff23 Mon Sep 17 00:00:00 2001
+From: Khazhismel Kumykov <khazhy@google.com>
+Date: Thu, 14 Apr 2022 15:40:56 -0700
+Subject: block/compat_ioctl: fix range check in BLKGETSIZE
+
+From: Khazhismel Kumykov <khazhy@google.com>
+
+commit ccf16413e520164eb718cf8b22a30438da80ff23 upstream.
+
+kernel ulong and compat_ulong_t may not be same width. Use type directly
+to eliminate mismatches.
+
+This would result in truncation rather than EFBIG for 32bit mode for
+large disks.
+
+Reviewed-by: Bart Van Assche <bvanassche@acm.org>
+Signed-off-by: Khazhismel Kumykov <khazhy@google.com>
+Reviewed-by: Chaitanya Kulkarni <kch@nvidia.com>
+Link: https://lore.kernel.org/r/20220414224056.2875681-1-khazhy@google.com
+Signed-off-by: Jens Axboe <axboe@kernel.dk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ block/compat_ioctl.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/block/compat_ioctl.c
++++ b/block/compat_ioctl.c
+@@ -393,7 +393,7 @@ long compat_blkdev_ioctl(struct file *fi
+ 		return 0;
+ 	case BLKGETSIZE:
+ 		size = i_size_read(bdev->bd_inode);
+-		if ((size >> 9) > ~0UL)
++		if ((size >> 9) > ~(compat_ulong_t)0)
+ 			return -EFBIG;
+ 		return compat_put_ulong(arg, size >> 9);
+ 
diff --git a/queue-5.4/series b/queue-5.4/series
index cb8bce49330..1b60ce4af52 100644
--- a/queue-5.4/series
+++ b/queue-5.4/series
@@ -58,3 +58,4 @@ ext4-force-overhead-calculation-if-the-s_overhead_cluster-makes-no-sense.patch
 jbd2-fix-a-potential-race-while-discarding-reserved-buffers-after-an-abort.patch
 spi-atmel-quadspi-fix-the-buswidth-adjustment-between-spi-mem-and-controller.patch
 staging-ion-prevent-incorrect-reference-counting-behavour.patch
+block-compat_ioctl-fix-range-check-in-blkgetsize.patch