Commit ecf5632d authored by Namhyung Kim's avatar Namhyung Kim Committed by Al Viro

fs: fix address space warnings in ioctl_fiemap()

The fi_extents_start field of struct fiemap_extent_info is a
user pointer but was not marked as __user. This makes sparse
emit following warnings:

  CHECK   fs/ioctl.c
fs/ioctl.c:114:26: warning: incorrect type in argument 1 (different address spaces)
fs/ioctl.c:114:26:    expected void [noderef] <asn:1>*dst
fs/ioctl.c:114:26:    got struct fiemap_extent *[assigned] dest
fs/ioctl.c:202:14: warning: incorrect type in argument 1 (different address spaces)
fs/ioctl.c:202:14:    expected void const volatile [noderef] <asn:1>*<noident>
fs/ioctl.c:202:14:    got struct fiemap_extent *[assigned] fi_extents_start
fs/ioctl.c:212:27: warning: incorrect type in argument 1 (different address spaces)
fs/ioctl.c:212:27:    expected void [noderef] <asn:1>*dst
fs/ioctl.c:212:27:    got char *<noident>

Also add 'ufiemap' variable to eliminate unnecessary casts.
Signed-off-by: default avatarNamhyung Kim <namhyung@gmail.com>
Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
parent 27eaa1c9
...@@ -86,7 +86,7 @@ int fiemap_fill_next_extent(struct fiemap_extent_info *fieinfo, u64 logical, ...@@ -86,7 +86,7 @@ int fiemap_fill_next_extent(struct fiemap_extent_info *fieinfo, u64 logical,
u64 phys, u64 len, u32 flags) u64 phys, u64 len, u32 flags)
{ {
struct fiemap_extent extent; struct fiemap_extent extent;
struct fiemap_extent *dest = fieinfo->fi_extents_start; struct fiemap_extent __user *dest = fieinfo->fi_extents_start;
/* only count the extents */ /* only count the extents */
if (fieinfo->fi_extents_max == 0) { if (fieinfo->fi_extents_max == 0) {
...@@ -173,6 +173,7 @@ static int fiemap_check_ranges(struct super_block *sb, ...@@ -173,6 +173,7 @@ static int fiemap_check_ranges(struct super_block *sb,
static int ioctl_fiemap(struct file *filp, unsigned long arg) static int ioctl_fiemap(struct file *filp, unsigned long arg)
{ {
struct fiemap fiemap; struct fiemap fiemap;
struct fiemap __user *ufiemap = (struct fiemap __user *) arg;
struct fiemap_extent_info fieinfo = { 0, }; struct fiemap_extent_info fieinfo = { 0, };
struct inode *inode = filp->f_path.dentry->d_inode; struct inode *inode = filp->f_path.dentry->d_inode;
struct super_block *sb = inode->i_sb; struct super_block *sb = inode->i_sb;
...@@ -182,8 +183,7 @@ static int ioctl_fiemap(struct file *filp, unsigned long arg) ...@@ -182,8 +183,7 @@ static int ioctl_fiemap(struct file *filp, unsigned long arg)
if (!inode->i_op->fiemap) if (!inode->i_op->fiemap)
return -EOPNOTSUPP; return -EOPNOTSUPP;
if (copy_from_user(&fiemap, (struct fiemap __user *)arg, if (copy_from_user(&fiemap, ufiemap, sizeof(fiemap)))
sizeof(struct fiemap)))
return -EFAULT; return -EFAULT;
if (fiemap.fm_extent_count > FIEMAP_MAX_EXTENTS) if (fiemap.fm_extent_count > FIEMAP_MAX_EXTENTS)
...@@ -196,7 +196,7 @@ static int ioctl_fiemap(struct file *filp, unsigned long arg) ...@@ -196,7 +196,7 @@ static int ioctl_fiemap(struct file *filp, unsigned long arg)
fieinfo.fi_flags = fiemap.fm_flags; fieinfo.fi_flags = fiemap.fm_flags;
fieinfo.fi_extents_max = fiemap.fm_extent_count; fieinfo.fi_extents_max = fiemap.fm_extent_count;
fieinfo.fi_extents_start = (struct fiemap_extent *)(arg + sizeof(fiemap)); fieinfo.fi_extents_start = ufiemap->fm_extents;
if (fiemap.fm_extent_count != 0 && if (fiemap.fm_extent_count != 0 &&
!access_ok(VERIFY_WRITE, fieinfo.fi_extents_start, !access_ok(VERIFY_WRITE, fieinfo.fi_extents_start,
...@@ -209,7 +209,7 @@ static int ioctl_fiemap(struct file *filp, unsigned long arg) ...@@ -209,7 +209,7 @@ static int ioctl_fiemap(struct file *filp, unsigned long arg)
error = inode->i_op->fiemap(inode, &fieinfo, fiemap.fm_start, len); error = inode->i_op->fiemap(inode, &fieinfo, fiemap.fm_start, len);
fiemap.fm_flags = fieinfo.fi_flags; fiemap.fm_flags = fieinfo.fi_flags;
fiemap.fm_mapped_extents = fieinfo.fi_extents_mapped; fiemap.fm_mapped_extents = fieinfo.fi_extents_mapped;
if (copy_to_user((char *)arg, &fiemap, sizeof(fiemap))) if (copy_to_user(ufiemap, &fiemap, sizeof(fiemap)))
error = -EFAULT; error = -EFAULT;
return error; return error;
......
...@@ -1483,8 +1483,8 @@ struct fiemap_extent_info { ...@@ -1483,8 +1483,8 @@ struct fiemap_extent_info {
unsigned int fi_flags; /* Flags as passed from user */ unsigned int fi_flags; /* Flags as passed from user */
unsigned int fi_extents_mapped; /* Number of mapped extents */ unsigned int fi_extents_mapped; /* Number of mapped extents */
unsigned int fi_extents_max; /* Size of fiemap_extent array */ unsigned int fi_extents_max; /* Size of fiemap_extent array */
struct fiemap_extent *fi_extents_start; /* Start of fiemap_extent struct fiemap_extent __user *fi_extents_start; /* Start of
* array */ fiemap_extent array */
}; };
int fiemap_fill_next_extent(struct fiemap_extent_info *info, u64 logical, int fiemap_fill_next_extent(struct fiemap_extent_info *info, u64 logical,
u64 phys, u64 len, u32 flags); u64 phys, u64 len, u32 flags);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment