Loading fs/ocfs2/ioctl.c +14 −17 Original line number Original line Diff line number Diff line Loading @@ -864,7 +864,7 @@ int ocfs2_info_handle(struct inode *inode, struct ocfs2_info *info, if (status) if (status) break; break; reqp = (struct ocfs2_info_request *)(unsigned long)req_addr; reqp = (struct ocfs2_info_request __user *)(unsigned long)req_addr; if (!reqp) { if (!reqp) { status = -EINVAL; status = -EINVAL; goto bail; goto bail; Loading @@ -888,9 +888,11 @@ long ocfs2_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) struct ocfs2_space_resv sr; struct ocfs2_space_resv sr; struct ocfs2_new_group_input input; struct ocfs2_new_group_input input; struct reflink_arguments args; struct reflink_arguments args; const char *old_path, *new_path; const char __user *old_path; const char __user *new_path; bool preserve; bool preserve; struct ocfs2_info info; struct ocfs2_info info; void __user *argp = (void __user *)arg; switch (cmd) { switch (cmd) { case OCFS2_IOC_GETFLAGS: case OCFS2_IOC_GETFLAGS: Loading Loading @@ -937,17 +939,15 @@ long ocfs2_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) return ocfs2_group_add(inode, &input); return ocfs2_group_add(inode, &input); case OCFS2_IOC_REFLINK: case OCFS2_IOC_REFLINK: if (copy_from_user(&args, (struct reflink_arguments *)arg, if (copy_from_user(&args, argp, sizeof(args))) sizeof(args))) return -EFAULT; return -EFAULT; old_path = (const char *)(unsigned long)args.old_path; old_path = (const char __user *)(unsigned long)args.old_path; new_path = (const char *)(unsigned long)args.new_path; new_path = (const char __user *)(unsigned long)args.new_path; preserve = (args.preserve != 0); preserve = (args.preserve != 0); return ocfs2_reflink_ioctl(inode, old_path, new_path, preserve); return ocfs2_reflink_ioctl(inode, old_path, new_path, preserve); case OCFS2_IOC_INFO: case OCFS2_IOC_INFO: if (copy_from_user(&info, (struct ocfs2_info __user *)arg, if (copy_from_user(&info, argp, sizeof(struct ocfs2_info))) sizeof(struct ocfs2_info))) return -EFAULT; return -EFAULT; return ocfs2_info_handle(inode, &info, 0); return ocfs2_info_handle(inode, &info, 0); Loading @@ -960,22 +960,20 @@ long ocfs2_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) if (!capable(CAP_SYS_ADMIN)) if (!capable(CAP_SYS_ADMIN)) return -EPERM; return -EPERM; if (copy_from_user(&range, (struct fstrim_range *)arg, if (copy_from_user(&range, argp, sizeof(range))) sizeof(range))) return -EFAULT; return -EFAULT; ret = ocfs2_trim_fs(sb, &range); ret = ocfs2_trim_fs(sb, &range); if (ret < 0) if (ret < 0) return ret; return ret; if (copy_to_user((struct fstrim_range *)arg, &range, if (copy_to_user(argp, &range, sizeof(range))) sizeof(range))) return -EFAULT; return -EFAULT; return 0; return 0; } } case OCFS2_IOC_MOVE_EXT: case OCFS2_IOC_MOVE_EXT: return ocfs2_ioctl_move_extents(filp, (void __user *)arg); return ocfs2_ioctl_move_extents(filp, argp); default: default: return -ENOTTY; return -ENOTTY; } } Loading @@ -988,6 +986,7 @@ long ocfs2_compat_ioctl(struct file *file, unsigned cmd, unsigned long arg) struct reflink_arguments args; struct reflink_arguments args; struct inode *inode = file->f_path.dentry->d_inode; struct inode *inode = file->f_path.dentry->d_inode; struct ocfs2_info info; struct ocfs2_info info; void __user *argp = (void __user *)arg; switch (cmd) { switch (cmd) { case OCFS2_IOC32_GETFLAGS: case OCFS2_IOC32_GETFLAGS: Loading @@ -1006,16 +1005,14 @@ long ocfs2_compat_ioctl(struct file *file, unsigned cmd, unsigned long arg) case FITRIM: case FITRIM: break; break; case OCFS2_IOC_REFLINK: case OCFS2_IOC_REFLINK: if (copy_from_user(&args, (struct reflink_arguments *)arg, if (copy_from_user(&args, argp, sizeof(args))) sizeof(args))) return -EFAULT; return -EFAULT; preserve = (args.preserve != 0); preserve = (args.preserve != 0); return ocfs2_reflink_ioctl(inode, compat_ptr(args.old_path), return ocfs2_reflink_ioctl(inode, compat_ptr(args.old_path), compat_ptr(args.new_path), preserve); compat_ptr(args.new_path), preserve); case OCFS2_IOC_INFO: case OCFS2_IOC_INFO: if (copy_from_user(&info, (struct ocfs2_info __user *)arg, if (copy_from_user(&info, argp, sizeof(struct ocfs2_info))) sizeof(struct ocfs2_info))) return -EFAULT; return -EFAULT; return ocfs2_info_handle(inode, &info, 1); return ocfs2_info_handle(inode, &info, 1); Loading fs/ocfs2/move_extents.c +2 −4 Original line number Original line Diff line number Diff line Loading @@ -1082,8 +1082,7 @@ int ocfs2_ioctl_move_extents(struct file *filp, void __user *argp) context->file = filp; context->file = filp; if (argp) { if (argp) { if (copy_from_user(&range, (struct ocfs2_move_extents *)argp, if (copy_from_user(&range, argp, sizeof(range))) { sizeof(range))) { status = -EFAULT; status = -EFAULT; goto out; goto out; } } Loading Loading @@ -1138,8 +1137,7 @@ out: * length and new_offset even if failure happens somewhere. * length and new_offset even if failure happens somewhere. */ */ if (argp) { if (argp) { if (copy_to_user((struct ocfs2_move_extents *)argp, &range, if (copy_to_user(argp, &range, sizeof(range))) sizeof(range))) status = -EFAULT; status = -EFAULT; } } Loading Loading
fs/ocfs2/ioctl.c +14 −17 Original line number Original line Diff line number Diff line Loading @@ -864,7 +864,7 @@ int ocfs2_info_handle(struct inode *inode, struct ocfs2_info *info, if (status) if (status) break; break; reqp = (struct ocfs2_info_request *)(unsigned long)req_addr; reqp = (struct ocfs2_info_request __user *)(unsigned long)req_addr; if (!reqp) { if (!reqp) { status = -EINVAL; status = -EINVAL; goto bail; goto bail; Loading @@ -888,9 +888,11 @@ long ocfs2_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) struct ocfs2_space_resv sr; struct ocfs2_space_resv sr; struct ocfs2_new_group_input input; struct ocfs2_new_group_input input; struct reflink_arguments args; struct reflink_arguments args; const char *old_path, *new_path; const char __user *old_path; const char __user *new_path; bool preserve; bool preserve; struct ocfs2_info info; struct ocfs2_info info; void __user *argp = (void __user *)arg; switch (cmd) { switch (cmd) { case OCFS2_IOC_GETFLAGS: case OCFS2_IOC_GETFLAGS: Loading Loading @@ -937,17 +939,15 @@ long ocfs2_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) return ocfs2_group_add(inode, &input); return ocfs2_group_add(inode, &input); case OCFS2_IOC_REFLINK: case OCFS2_IOC_REFLINK: if (copy_from_user(&args, (struct reflink_arguments *)arg, if (copy_from_user(&args, argp, sizeof(args))) sizeof(args))) return -EFAULT; return -EFAULT; old_path = (const char *)(unsigned long)args.old_path; old_path = (const char __user *)(unsigned long)args.old_path; new_path = (const char *)(unsigned long)args.new_path; new_path = (const char __user *)(unsigned long)args.new_path; preserve = (args.preserve != 0); preserve = (args.preserve != 0); return ocfs2_reflink_ioctl(inode, old_path, new_path, preserve); return ocfs2_reflink_ioctl(inode, old_path, new_path, preserve); case OCFS2_IOC_INFO: case OCFS2_IOC_INFO: if (copy_from_user(&info, (struct ocfs2_info __user *)arg, if (copy_from_user(&info, argp, sizeof(struct ocfs2_info))) sizeof(struct ocfs2_info))) return -EFAULT; return -EFAULT; return ocfs2_info_handle(inode, &info, 0); return ocfs2_info_handle(inode, &info, 0); Loading @@ -960,22 +960,20 @@ long ocfs2_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) if (!capable(CAP_SYS_ADMIN)) if (!capable(CAP_SYS_ADMIN)) return -EPERM; return -EPERM; if (copy_from_user(&range, (struct fstrim_range *)arg, if (copy_from_user(&range, argp, sizeof(range))) sizeof(range))) return -EFAULT; return -EFAULT; ret = ocfs2_trim_fs(sb, &range); ret = ocfs2_trim_fs(sb, &range); if (ret < 0) if (ret < 0) return ret; return ret; if (copy_to_user((struct fstrim_range *)arg, &range, if (copy_to_user(argp, &range, sizeof(range))) sizeof(range))) return -EFAULT; return -EFAULT; return 0; return 0; } } case OCFS2_IOC_MOVE_EXT: case OCFS2_IOC_MOVE_EXT: return ocfs2_ioctl_move_extents(filp, (void __user *)arg); return ocfs2_ioctl_move_extents(filp, argp); default: default: return -ENOTTY; return -ENOTTY; } } Loading @@ -988,6 +986,7 @@ long ocfs2_compat_ioctl(struct file *file, unsigned cmd, unsigned long arg) struct reflink_arguments args; struct reflink_arguments args; struct inode *inode = file->f_path.dentry->d_inode; struct inode *inode = file->f_path.dentry->d_inode; struct ocfs2_info info; struct ocfs2_info info; void __user *argp = (void __user *)arg; switch (cmd) { switch (cmd) { case OCFS2_IOC32_GETFLAGS: case OCFS2_IOC32_GETFLAGS: Loading @@ -1006,16 +1005,14 @@ long ocfs2_compat_ioctl(struct file *file, unsigned cmd, unsigned long arg) case FITRIM: case FITRIM: break; break; case OCFS2_IOC_REFLINK: case OCFS2_IOC_REFLINK: if (copy_from_user(&args, (struct reflink_arguments *)arg, if (copy_from_user(&args, argp, sizeof(args))) sizeof(args))) return -EFAULT; return -EFAULT; preserve = (args.preserve != 0); preserve = (args.preserve != 0); return ocfs2_reflink_ioctl(inode, compat_ptr(args.old_path), return ocfs2_reflink_ioctl(inode, compat_ptr(args.old_path), compat_ptr(args.new_path), preserve); compat_ptr(args.new_path), preserve); case OCFS2_IOC_INFO: case OCFS2_IOC_INFO: if (copy_from_user(&info, (struct ocfs2_info __user *)arg, if (copy_from_user(&info, argp, sizeof(struct ocfs2_info))) sizeof(struct ocfs2_info))) return -EFAULT; return -EFAULT; return ocfs2_info_handle(inode, &info, 1); return ocfs2_info_handle(inode, &info, 1); Loading
fs/ocfs2/move_extents.c +2 −4 Original line number Original line Diff line number Diff line Loading @@ -1082,8 +1082,7 @@ int ocfs2_ioctl_move_extents(struct file *filp, void __user *argp) context->file = filp; context->file = filp; if (argp) { if (argp) { if (copy_from_user(&range, (struct ocfs2_move_extents *)argp, if (copy_from_user(&range, argp, sizeof(range))) { sizeof(range))) { status = -EFAULT; status = -EFAULT; goto out; goto out; } } Loading Loading @@ -1138,8 +1137,7 @@ out: * length and new_offset even if failure happens somewhere. * length and new_offset even if failure happens somewhere. */ */ if (argp) { if (argp) { if (copy_to_user((struct ocfs2_move_extents *)argp, &range, if (copy_to_user(argp, &range, sizeof(range))) sizeof(range))) status = -EFAULT; status = -EFAULT; } } Loading
Al Viro <viro@zeniv.linux.org.uk>Al Viro <viro@zeniv.linux.org.uk>