| From: Linus Torvalds <torvalds@linux-foundation.org> |
| Date: Sat, 19 May 2018 09:29:11 -0700 |
| Subject: mmap: relax file size limit for regular files |
| |
| commit 423913ad4ae5b3e8fb8983f70969fb522261ba26 upstream. |
| |
| Commit be83bbf80682 ("mmap: introduce sane default mmap limits") was |
| introduced to catch problems in various ad-hoc character device drivers |
| doing mmap and getting the size limits wrong. In the process, it used |
| "known good" limits for the normal cases of mapping regular files and |
| block device drivers. |
| |
| It turns out that the "s_maxbytes" limit was less "known good" than I |
| thought. In particular, /proc doesn't set it, but exposes one regular |
| file to mmap: /proc/vmcore. As a result, that file got limited to the |
| default MAX_INT s_maxbytes value. |
| |
| This went unnoticed for a while, because apparently the only thing that |
| needs it is the s390 kernel zfcpdump, but there might be other tools |
| that use this too. |
| |
| Vasily suggested just changing s_maxbytes for all of /proc, which isn't |
| wrong, but makes me nervous at this stage. So instead, just make the |
| new mmap limit always be MAX_LFS_FILESIZE for regular files, which won't |
| affect anything else. It wasn't the regular file case I was worried |
| about. |
| |
| I'd really prefer for maxsize to have been per-inode, but that is not |
| how things are today. |
| |
| Fixes: be83bbf80682 ("mmap: introduce sane default mmap limits") |
| Reported-by: Vasily Gorbik <gor@linux.ibm.com> |
| Cc: Al Viro <viro@zeniv.linux.org.uk> |
| Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
| Signed-off-by: Ben Hutchings <ben@decadent.org.uk> |
| --- |
| mm/mmap.c | 2 +- |
| 1 file changed, 1 insertion(+), 1 deletion(-) |
| |
| --- a/mm/mmap.c |
| +++ b/mm/mmap.c |
| @@ -1237,7 +1237,7 @@ static inline int mlock_future_check(str |
| static inline u64 file_mmap_size_max(struct file *file, struct inode *inode) |
| { |
| if (S_ISREG(inode->i_mode)) |
| - return inode->i_sb->s_maxbytes; |
| + return MAX_LFS_FILESIZE; |
| |
| if (S_ISBLK(inode->i_mode)) |
| return MAX_LFS_FILESIZE; |