| From a7e9d977e031fceefe1e7cd69ebd7202d5758b56 Mon Sep 17 00:00:00 2001 |
| From: "Darrick J. Wong" <djwong@kernel.org> |
| Date: Thu, 10 Nov 2022 12:16:34 -0800 |
| Subject: ext4: don't fail GETFSUUID when the caller provides a long buffer |
| |
| From: Darrick J. Wong <djwong@kernel.org> |
| |
| commit a7e9d977e031fceefe1e7cd69ebd7202d5758b56 upstream. |
| |
| If userspace provides a longer UUID buffer than is required, we |
| shouldn't fail the call with EINVAL -- rather, we can fill the caller's |
| buffer with the bytes we /can/ fill, and update the length field to |
| reflect what we copied. This doesn't break the UAPI since we're |
| enabling a case that currently fails, and so far Ted hasn't released a |
| version of e2fsprogs that uses the new ext4 ioctl. |
| |
| Signed-off-by: Darrick J. Wong <djwong@kernel.org> |
| Reviewed-by: Catherine Hoang <catherine.hoang@oracle.com> |
| Link: https://lore.kernel.org/r/166811139478.327006.13879198441587445544.stgit@magnolia |
| Signed-off-by: Theodore Ts'o <tytso@mit.edu> |
| Cc: stable@kernel.org |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| fs/ext4/ioctl.c | 6 ++++-- |
| 1 file changed, 4 insertions(+), 2 deletions(-) |
| |
| --- a/fs/ext4/ioctl.c |
| +++ b/fs/ext4/ioctl.c |
| @@ -1159,14 +1159,16 @@ static int ext4_ioctl_getuuid(struct ext |
| return -EINVAL; |
| } |
| |
| - if (fsuuid.fsu_len != UUID_SIZE || fsuuid.fsu_flags != 0) |
| + if (fsuuid.fsu_len < UUID_SIZE || fsuuid.fsu_flags != 0) |
| return -EINVAL; |
| |
| lock_buffer(sbi->s_sbh); |
| memcpy(uuid, sbi->s_es->s_uuid, UUID_SIZE); |
| unlock_buffer(sbi->s_sbh); |
| |
| - if (copy_to_user(&ufsuuid->fsu_uuid[0], uuid, UUID_SIZE)) |
| + fsuuid.fsu_len = UUID_SIZE; |
| + if (copy_to_user(ufsuuid, &fsuuid, sizeof(fsuuid)) || |
| + copy_to_user(&ufsuuid->fsu_uuid[0], uuid, UUID_SIZE)) |
| return -EFAULT; |
| return 0; |
| } |